On Thu, Feb 11, 2010 at 08:32:49AM -0800, Chris Anderson wrote:
> To be clear, I'm not suggesting this at all.
>
> It'd be more like (pardon my earlier accidental _underscores):
>
> {
> "readers":{
> "names":["foo","bar"],
> "roles":["baz", "_replicator", "doctor"]
> },
> "admins":{
> "names":["jan","brian"],
> "roles":["support", (_admin is an implied member)]
> },
> "other_security_stuff":{...}
> }
Oh I see. When you replicate, you give the credentials for the remote host,
but perhaps the local side should pick up a _replicator role. (Or perhaps
not, if it runs with the credentials of the user who started the
replication)
I can imagine "readers" splitting in future though: an indirect reader
capability which can access _show/_list/_update but nothing else would be
able to enforce controls at the document and view row level, since those
points all have access to userCtx.
Regards,
Brian.
