The sync fn can control who is allowed to set or change ACLs, so that's not a security problem.
Sync Gateway 1.1 supports web-hooks the sync fn can call. --Jens [via iPhone] > On Jul 1, 2015, at 9:20 PM, atom992 <[email protected]> wrote: > > I want to extend the capacity of Sync Function, in the follows user cases: > some ACL datas can stored in the third party databases, in Sync Function can > call the databases APIs to handle channel route, assigns etc. > As we know, ACL datas must be with the same docs which can be handled by > Sync Function, A hacker can fake ACL data to sync the docs he want, even I > do some control in Sync Function(I can not predict all possibilities). > -- > You received this message because you are subscribed to the Google Groups > "Couchbase Mobile" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/mobile-couchbase/76a4f48b-63fd-4b35-a2b9-5c4f0ee86575%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/EDC4EB2C-9B56-4C22-A69A-093C302760B0%40mooseyard.com. For more options, visit https://groups.google.com/d/optout.
