couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cdr53x <>
Subject Document security, restricting document viewers
Date Fri, 05 Nov 2010 13:27:39 GMT

I'd like to know what is your advice on implementing a security system 
that would provide two simple roles for couch db documents :

  - document writer
  - document reader

The idea is of course to limit the access of a given doc and allow it 
only on certain users.

I know that the 'writer' role can be implemented using validation hooks, 
as explained in the docs, however there is not a clue on what 
could/should be done in order to protect the documents from being viewed.

Is there anything existing that could be used and that I missed in the 
docs ?

If not are there any advices on implementing such a feature ?

Of course, the idea is to be able to address large databases, ( ~ 1.2M 
docs ), with large views,  so there is no way an client side ( or server 
side ) application could cross check the right of each element returned 
by a view.

If anyone has any suggestion on this, I'd realy appreciate



View raw message