On Sun, Jan 24, 2010 at 09:33:02PM -0800, Chris Anderson wrote: > To round out this list, I think > > * Reader ACLs ... > > look like they will make it into 0.11.
That's the jchris/readeracl branch presumably? I was hoping to turn my counter-proposal(*) into code, but I've not had any time to do so unfortunately. Regards, Brian. (*) which was, in summary: 1. user record has roles like "foo:_reader" or ["foo","_reader"] 2. _anon user has roles of "<db>:_reader" for all public databases 3. you can read database foo only if you have one of "foo:_reader", "foo:_admin", "_reader" or "_admin" roles 4. /_all_dbs lists only those databases to which you or _anon have read access (but shows every database if you have _reader or _admin roles) 5. userdb validate_doc_update allows someone with "foo:_admin" to add and remove roles foo:*. Also "foo:_manager" to add and remove roles foo:* apart from foo:_admin