[
https://issues.apache.org/jira/browse/COUCHDB-442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12736791#action_12736791
]
Curt Arnold commented on COUCHDB-442:
-------------------------------------
Not sure if I'm understanding the first sentence. I am specifically suggesting
additional code that is part of a view. A view/format/display function that
would be a peer to the map and reduce function which could be used to process
the matched documents so that only the information that is necessary to support
the related business function is exposed. Something analogous to being able to
included only certain columns in a SQL view.
The case was a hypothetical and you would definitely need to partition
information across documents if users who could not see the SSN could update
other parts of the info on an individual. However, if you start defining 20
different business functions and each has need to see a slightly different
subset of the data, then trying to accomplish that through partitioning (either
document or database) becomes untenable. Partitioning sensitive info into a
different database then would cost you the ability to do views that combined
sensitive and less-sensitive info.
Having the extra function which executes when serializing is an optimization
over emitting a part of the document at map time, but it seems like it would be
a very desirable optimization when authentication and authorization is more
mature and could be useful now. Just trying to get things that fall out from
the authentication and authorizations discussions visible in JIRA for
elaboration and consideration.
> Add a "view" or "format" function to process source doc on query
> ----------------------------------------------------------------
>
> Key: COUCHDB-442
> URL: https://issues.apache.org/jira/browse/COUCHDB-442
> Project: CouchDB
> Issue Type: Improvement
> Components: JavaScript View Server
> Reporter: Curt Arnold
>
> It is common practice to emit pairs like {key, null} and then query with
> ?include_docs=true to retrieve the documents that were responsible for the
> entries. However, the full document may include information that is
> privileged or the full document may be substantially larger than the
> information needed to be transferred to the client.
> The proposed enhancement is to allow defining a "view" function in addition
> to the existing "map" and "reduce" on a view. If specified, the view
> function would take the id, key, value and doc and return a JSON value that
> would be added as the "view" member to the row in the result set.
> One of the use cases on
> http://wiki.apache.org/couchdb/Authentication_and_Authorization is to be able
> to specify that a user can retrieve the values from a view, but not add
> include_docs since that may expose information that they are not authorized
> to view. Without the "view" function, there would be pressure to start
> pushing things into the emitted value.
> Production of views would be likely controlled using a include_views=true in
> the query string.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
