Hi everyone,
We are currently evaluating to implement a relatively complex permission
scheme in Sync Gateway and I was wondering if anyone might have some
thoughts/input regarding the requirements. Think of it as a micro social
network. Requirements:
- Solution will have thousands if not millions (hopefully) of users
- User A is not aware of User B and vice versa - complete isolation
initially
- User A can share his data with select other users (lets say User B and
User C) and then both User B and User C see User A's content
- Now the tricky part - we need finer grained permission control within
channels meaning user A can assign different permission levels to different
invited users
- User A invites User B to edit User A's data
- User A also invites User C but User C can only read User A's data
A real world scenario would the be the Couchbase Labs ToDo app - I can
share my lists with others but I can also decide whether invited users can
readwrite or only read.
While just looking at the requirements it doesn't seem that complex but I
get stuck within the details. I would think that channels are the correct
path but should have manage finer grained permission control within the app
logic? If so, what would be the best approach? Add another field to
documents like document.members_readwrite? But then its get relatively
cumbersome to share as I need to add a user to members AND
members_readwrite and they can get easily out of sync.
Does any one have any suggestions how to implement this?
*Second topic*
On a related note I would also have another question which I couldn't find
any documentation for:
1. Do child objects (documents) of parent documents inherit
permissions automatically or do I have to assign channels individual and if
so how?
Real world example based on the todo app:
1. User A has 100 tasks with related objects (documents):
1. List *myList contains of
1. NSDate *created_at
2. NSString *name
3. NSArray *members
2. Task *task contains
1. List *list
2. NSString *name
3. bool checked
4. NSArray *members
3. File *file contains of
1. Task *task
2. NSString name
3. NSDate crated_at
4. NSArray *members
My question would be whether I need iterate through all document manually
and change the members (when new user is added)?
*OR *
Do child objects inherit permissions?
*OR *
I shouldn't care because users cannot access the parent (list) object and
therefore won't get the reference id?
Questions over questions :) but thanks so much for your help.
Christoph
--
You received this message because you are subscribed to the Google Groups
"Couchbase Mobile" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/mobile-couchbase/8e140966-7550-4249-a878-112189a72f47%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
