[jira] Commented: (COUCHDB-615) Role, ACL and Ownership Checks

Thu, 07 Jan 2010 08:57:17 -0800 

    [ 
https://issues.apache.org/jira/browse/COUCHDB-615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12797683#action_12797683
 ] 

Chris Anderson commented on COUCHDB-615:
----------------------------------------

We already have this, in the sense that replication uses the normal HTTP API. 
So if a user is not and admin, they will not be able to replicate _design 
documents to the target. 

Similarly, if the target has a validation function that says all docs must have 
a foo field, than any docs that are missing a foo field will not be replicated.

Because CouchDB has not read-authorization model, there isn't the same thing 
for reads. When we add the ability to control read-access to databases, users 
will only be able to replicate from databases they can read.

> Role, ACL and Ownership Checks
> ------------------------------
>
>                 Key: COUCHDB-615
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-615
>             Project: CouchDB
>          Issue Type: New Feature
>         Environment: Ubuntu 9.10 64bit
>            Reporter: Alexander Trauzzi
>
> It would be nice if CouchDB had a comprehensive offering for varying levels 
> of access to documents and databases.
> Here are some ideas:
> o User lists are stored in the database, per database.
> o Roles and role membership are stored in the database, per database.
> o ACLs are stored in the database, per database.
> o CouchDB can use ACLs to store and simplify permissions for internal 
> functionality (manage the db, manage users, add roles, add users to roles, 
> etc...)
> o CouchApps can take advantage of the ACLs to support login/logout and 
> arbitrary business rules as needed.
> o A simple API can be made to conduct role, ACL and ownership checks.
> I suppose there is some theory and discussion behind determining whether 
> users, roles or both are stored in ACL rules.  Also, something worth 
> discussing is whether the checks are automatically performed by couchdb, or 
> if views are to be performing checks prior to emitting data.  Or both...
> Building all this into CouchDB would mean that it has a mechanism for complex 
> applications to be developed.  Ones that mandate privacy and other visibility 
> concerns.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to