On Sun, Jan 17, 2010 at 09:07:49PM +1100, David Goodlad wrote: > Where is this list stored? As a document in the database? > > Perhaps it could be part of the _security/* namespace - eg _security/readers ?
If the _security object mapped usernames to roles in a standardised way, then you could check for a 'reader' role. However if the _security object is just something opaque passed to validate_doc_update, then it couldn't be used for this.
