On 27 Apr 2011, at 15:43, Randall Leeds wrote: > On Wed, Apr 27, 2011 at 15:30, Jan Lehnardt <[email protected]> wrote: >> >> On 27 Apr 2011, at 14:56, Kevin R. Coombes wrote: >> >>> So it would be possible to have access to a view that allows you see a doc >>> that you don't have permission to see? Or am I misinterpreting something? >> >> That was my question, but Benoit basically said "no". His approach is to >> disallow access of a view that is defined in a design document that you have >> no permission to read. >> >> Cheers >> Jan > > I think the answer is actually "yes". If you can see the design > document you can see everything the view emits, even if it came from a > document you can't view.
Hm, I was thinking that the view updater would match the design doc acl against the doc acl when the view is created and exclude it if it doesn't match up for reads. Cheers Jan -- > >> -- >> >>> >>> On 4/27/2011 4:43 PM, Benoit Chesneau wrote: >>>> On Wed, Apr 27, 2011 at 11:33 PM, Jan Lehnardt<[email protected]> wrote: >>>>> On 27 Apr 2011, at 03:36, Benoit Chesneau wrote: >>>>> >>>>>> I'm thinking to add simple permissions handling to a doc by using >>>>>> _uid, _gid, _mod members to a doc where members are defined like this: >>>>>> >>>>>> _uid: user owning the doc >>>>>> _gid: group owning the doc >>>>>> _mod: octal number, doc mode bits corresponding to chmod(1) values. >>>>>> >>>>>> By doing this and if enable in settings we could do simple acl >>>>>> handling like a file system when getting doc. access to views would be >>>>>> handled by the access to the design doc containing them. >>>>>> >>>>>> thoughts? >>>>> http://mail-archives.apache.org/mod_mbox/couchdb-dev/201010.mbox/%[email protected]%3e >>>>> >>>>> How does this address the issue where a reduced value doesn't have an ACL >>>>> associated with it? >>>>> >>>>> Cheers >>>>> Jan >>>>> -- >>>> you can't access to the view or reduce if yu don't have access to the >>>> design doc in my design. So we don't try to check permissions for each >>>> docs. >>>> >>>> - benoƮt >> >>
