On Mon, Jul 20, 2009 at 12:19 AM, Benoit Chesneau<[email protected]> wrote: > 2009/7/20 Chris Anderson <[email protected]>: >> Devs, >> >> I've just committed a patch (r795687) that adds the ability to filter >> _changes requests with a JavaScript function. >> >> The function signature is: >> >> function(doc, req, userCtx) { >> return (true or false); >> } >> >> When it returns true (or something truthy, like a non-empty string or >> a non-zero number), the change is passed along to the user, otherwise >> it is skipped. >> >> The filter functions are stored on design documents under the >> "filters" field. The current best source of documentation is the >> changes.js test. >> >> To query changes with a filter, the syntax is like: >> >> GET /db/_changes?filter=ddocname/filtername >> >> The biggest problem with this patch is that it uses a JavaScript OS >> process per connected filtered listener. Fixing this is an >> optimization as it won't effect the API, which is why I'm comfortable >> committing this. >> >> I'd appreciate some review to make sure the implementation is on the >> right track. >> >> Cheers, >> Chris >> >> -- > > Implementation seems good for me and tests pass. For userCtx filtering > I guess it would be needed to have a way to filter all changes without > passing any parameter to forbid all changes read. Maybe by adding a > main validate_changes on top of a design doc ? Same args but this > fucntion would be applied on all changes. What do you think about it ? >
I think you're suggesting using filtered changes as a security mechanism? That is certainly possible, but to do it right we'd have to ensure that it filters all document requests, which itself is non-trivial, and would certainly require us to address the performance issues. The other problem with using the filter for security is that we'd need to filter view rows. There's not really a fast way to do that for reduce views. I'd suggest we punt on JavaScript security functions for a while, at least until we've given this stuff a chance to sink in. Chris -- Chris Anderson http://jchrisa.net http://couch.io
