On Wed, Feb 03, 2010 at 02:27:56PM -0800, Jan Lehnardt wrote: > > Sorry to be blunt, but do you have numbers to back that up? This smells > > very much of premature optimisation. > > Reading a document costs: > > 1 disk seek to the end of the db file to grab the b-tree root > + n disk seeks to the document (n < 5 to 10 in most cases) > > In a well cached database, most of the seeks are free, but the last one > usually isn't (unless you can hold a full database in memory).
That's not true here. If _readers were a document within the database then the *same* document would be read for every access, and therefore it would be cached. There's no seek. But again you've ignored my main point: I'm proposing that the authorisation be a role within the userctx, and the userctx is already loaded. Free is better than cheap. Actually, that's not entirely true. We want to have publicly-readable databases, so we need an "_anon" user with roles assigned to it, and the effective roles you get would be the union of the roles from your user record plus the roles from the _anon user. That might mean reading the _anon record from the _users database. That will always be the same record, so is bound to be cached. Regards, Brian.