couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus <>
Subject Re: Controlling per-user access to data
Date Sun, 09 Feb 2020 10:26:22 GMT
One database per user would not actually offer the access control granularity required for
sharing read-access to individual documents. I originally misunderstood that.

Per database access control would only work for an access model like Instagram's, by restricting
access to all documents, or to none. What Instagram terms a "private account". 
It does not allow for access control like e.g. Dropbox or iCloud, by restricting read access
to individual documents.

It sounds like middleware is the only solution to providing per-document access control in
CouchDB 2.x. If anyone could share their working solutions it would be a great help.


> On 9. Feb 2020, at 09:04, Willem van der Westhuizen <> wrote:
> I would like to follow up on the Cloudant suggestion of a per-user database. That
seems in contrast to other couchdb resources advocating it as the design pattern. We have
found it preferable to use per user databases to manage efficient replication to users in
pouchdb on the client, replicating to the server. Could you perhaps refer to the references
on this issue?
>> On 2020/02/09 01:11, Marcus wrote:
>> Can anyone help with per-user access to documents?
>> Imagine a to-do list app where lists are private by default, but can be shared with
others. One document per list would make sense, correct?
>> Problem: Couchdb access control is per database, I cannot figure out a way to restrict
read access to lists.
>> Cloudant strongly advise against creating one database per user, unless it's a very
small number. They suggest a limit of 500 databases to not diminish performance.
>> Does anyone have a suggestion how I could control read access for each to-do list?
>> Thanks,
>> Marcus
>> .

View raw message