couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sinan Gabel <sinan.ga...@gmail.com>
Subject Re: Controlling per-user access to data
Date Sun, 09 Feb 2020 11:46:56 GMT
Also see:
https://github.com/pouchdb-community/pouchdb-authentication/blob/master/docs/recipes.md

On Sun, 9 Feb 2020 at 11:26, Marcus <couchdb@wordit.com> wrote:

> One database per user would not actually offer the access control
> granularity required for sharing read-access to individual documents. I
> originally misunderstood that.
>
> Per database access control would only work for an access model like
> Instagram's, by restricting access to all documents, or to none. What
> Instagram terms a "private account".
> It does not allow for access control like e.g. Dropbox or iCloud, by
> restricting read access to individual documents.
>
> It sounds like middleware is the only solution to providing per-document
> access control in CouchDB 2.x. If anyone could share their working
> solutions it would be a great help.
>
> Marcus
>
>
>
> > On 9. Feb 2020, at 09:04, Willem van der Westhuizen <willem@kwantu.net>
> wrote:
> >
> > I would like to follow up on the Cloudant suggestion of a per-user
> database. That seems in contrast to other couchdb resources advocating it
> as the design pattern. We have found it preferable to use per user
> databases to manage efficient replication to users in pouchdb on the
> client, replicating to the server. Could you perhaps refer to the
> references on this issue?
> >
> >> On 2020/02/09 01:11, Marcus wrote:
> >> Can anyone help with per-user access to documents?
> >>
> >> Imagine a to-do list app where lists are private by default, but can be
> shared with others. One document per list would make sense, correct?
> >>
> >> Problem: Couchdb access control is per database, I cannot figure out a
> way to restrict read access to lists.
> >>
> >> Cloudant strongly advise against creating one database per user, unless
> it's a very small number. They suggest a limit of 500 databases to not
> diminish performance.
> >>
> >> Does anyone have a suggestion how I could control read access for each
> to-do list?
> >>
> >> Thanks,
> >>
> >> Marcus
> >>
> >>
> >> .
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message