On Mon, Jan 25, 2010 at 1:14 AM, Brian Candler <b.cand...@pobox.com> wrote: > On Sun, Jan 24, 2010 at 09:33:02PM -0800, Chris Anderson wrote: >> To round out this list, I think >> >> * Reader ACLs > ... >> >> look like they will make it into 0.11. > > That's the jchris/readeracl branch presumably? > > I was hoping to turn my counter-proposal(*) into code, but I've not had any > time to do so unfortunately. > > Regards, > > Brian. > > (*) which was, in summary: > > 1. user record has roles like "foo:_reader" or ["foo","_reader"] > > 2. _anon user has roles of "<db>:_reader" for all public databases > > 3. you can read database foo only if you have one of > "foo:_reader", "foo:_admin", "_reader" or "_admin" roles > > 4. /_all_dbs lists only those databases to which you or _anon have read access > (but shows every database if you have _reader or _admin roles)
Thanks for reminding me that I should set _all_dbs to hide dbs the curertn user can't read if that doesn't incur much additional overhead. Also, I plan to put a Futon interface on the reader and admin lists. And, the security object still needs work, to round out the capability set to be something like what you describe here. > > 5. userdb validate_doc_update allows someone with "foo:_admin" to add and > remove roles foo:*. Also "foo:_manager" to add and remove roles foo:* > apart from foo:_admin > -- Chris Anderson http://jchrisa.net http://couch.io