So I'm extending my proposal with this example: Big company's people are stored in couchdb (200 - 400 people), with "salary" field. You may create views that will show total salary or salary of each developers group, while not permitting to access individual salary. My proposal: limiting views and docs separately.
2010/11/9 Fedor Indutny <[email protected]> > Yes, sorry it was not clear, but it's exactly like you're saying. > > So my proposal is: > Add *validate_doc_view* function in _design documents with arguments like > *doc, userCtx, req*. > Add *validate_view_access* function into _design/views/view_name with > arguments like *req, userCtx*. > > Example: > http://indutny.couchone.com/_utils/document.html?access_proposal/_design/test > (admin > party is here, so feel free to try anything). > > So you can throw {forbidden: "some text"} in any of this callbacks, if user > have no access to item. > > Also for views, you can limit access to specific range for user (like in > example). > > 2010/11/9 Bram Neijt <[email protected]> > > I think I'm missing a part of this. >> >> If you want a user to see only part of the document, would you not >> create a view that only emits parts of the document? >> >> I'm new at this, so could you write up an usage example for me? >> >> Greets, >> >> Bram >> >> On Mon, Nov 8, 2010 at 5:34 PM, Fedor Indutny <[email protected]> >> wrote: >> > Hi everyone! >> > >> > You've discussed earlier possibility of adding access validators to >> _design >> > documents, this feature it's a kind of thing that many couchdb users >> will be >> > glad to see. >> > The conclusion of previous discussion was that we can't add this >> validators, >> > because we actually won't be able to tell later, whether user can access >> > _design/view or not. >> > >> > What if we could add *validate_view_**access *to _design document? >> > It's not only fix of problem, I've mentioned above, but also a feature: >> > You'll be able to allow user to access only view, without having an >> access >> > to a full document. >> > So, for example, views could show only *title* field of document, while >> * >> > price* field will be hidden in a document itself. >> > >> > What do you think? >> > >> > -- >> > (Node.js, Ruby, Python, PHP developer) >> > Fedor Indutny >> > >> > > > > -- > Fedor Indutny > -- Fedor Indutny
