Right now, there is no document-level security in CouchDB unless you enforce it yourself using a proxy server of some sort. You can then enable the proxy authentication solution in CouchDB and handle all of the permissions yourself.
Note that this breaks down if you want to allow end users to replicate to and from the databases, or use the bulk endpoints. VDU functions generally aren't sufficient to enforce detailed levels of modifications to documents. You'll want to look into the database-per-user approaches for CouchDB, including the built-in "couch_peruser" functionality we provide. This lets you have a single database per user, and use the power of replication to replicate that user's data to (or from) a central database for later analytics work if you need. -Joan ----- Original Message ----- From: "Rene Veerman" <[email protected]> To: [email protected] Sent: Tuesday, July 24, 2018 1:56:28 PM Subject: permissions specific to each document? is this possible in couchdb? suppose i have a database 'tree node data', and several roles defined in the couchdb. i'd like to be returned only those tree node documents that the current user may access. in general, i'd like to outsource my entire CMS' users and roles and permissions system to couchdb. is this possible, and if so, what's the best way to go about it?
