[
https://issues.apache.org/jira/browse/COUCHDB-615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Paul Joseph Davis updated COUCHDB-615:
--------------------------------------
Skill Level: Committers Level (Medium to Hard)
> Role, ACL and Ownership Checks
> ------------------------------
>
> Key: COUCHDB-615
> URL: https://issues.apache.org/jira/browse/COUCHDB-615
> Project: CouchDB
> Issue Type: New Feature
> Environment: Ubuntu 9.10 64bit
> Reporter: Alexander Trauzzi
>
> It would be nice if CouchDB had a comprehensive offering for varying levels
> of access to documents and databases.
> Here are some ideas:
> o User lists are stored in the database, per database.
> o Roles and role membership are stored in the database, per database.
> o ACLs are stored in the database, per database.
> o CouchDB can use ACLs to store and simplify permissions for internal
> functionality (manage the db, manage users, add roles, add users to roles,
> etc...)
> o CouchApps can take advantage of the ACLs to support login/logout and
> arbitrary business rules as needed.
> o A simple API can be made to conduct role, ACL and ownership checks.
> I suppose there is some theory and discussion behind determining whether
> users, roles or both are stored in ACL rules. Also, something worth
> discussing is whether the checks are automatically performed by couchdb, or
> if views are to be performing checks prior to emitting data. Or both...
> Building all this into CouchDB would mean that it has a mechanism for complex
> applications to be developed. Ones that mandate privacy and other visibility
> concerns.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
