Role, ACL and Ownership Checks
------------------------------
Key: COUCHDB-615
URL: https://issues.apache.org/jira/browse/COUCHDB-615
Project: CouchDB
Issue Type: New Feature
Environment: Ubuntu 9.10 64bit
Reporter: Alexander Trauzzi
It would be nice if CouchDB had a comprehensive offering for varying levels of
access to documents and databases.
Here are some ideas:
o User lists are stored in the database, per database.
o Roles and role membership are stored in the database, per database.
o ACLs are stored in the database, per database.
o CouchDB can use ACLs to store and simplify permissions for internal
functionality (manage the db, manage users, add roles, add users to roles,
etc...)
o CouchApps can take advantage of the ACLs to support login/logout and
arbitrary business rules as needed.
o A simple API can be made to conduct role, ACL and ownership checks.
I suppose there is some theory and discussion behind determining whether users,
roles or both are stored in ACL rules.
Building all this into CouchDB would mean that it has a mechanism for complex
applications to be developed. Ones that mandate privacy and other visibility
concerns.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
