Hello, I am thinking about using CouchDB in app I want to create. In CouchDB I can get documents directly from client's browser by javaScript and it is great, but I have some concerns. I want the app to be accessible to everyone without need to have an account or log in (like wikipedia). If I want everyone to have access to documents, CouchDB has to be accessible to the whole internet. If this is the case, everyone can even delete whole database by single HTTP query :(
It is unevitable that if DB is accessible in the internet, everyone can edit/add/delete documents. After all, this is what I want. But I don't want to allow deletion of whole database. Or access to another databases on the same CouchDB server. Even if I can prevent deletion of whole database, I can't prevent deletion of single documents, and malicious user could delete them one by one. So in a nutshell, I have questions: 1. Is it possible to prevent deletion of database? 2. Is it possible to prevent deletion of documents? Or, even better... 3. ...is it possible to limit number of deleted documents for specific IP for time unit. E.g. one document deletion per minute? Best regards -- Paweł Stawicki http://pawelstawicki.blogspot.com http://szczecin.jug.pl http://www.java4people.com
