wohali commented on issue #1724: [Feature Proposal] Pull Request to add support for Erlang-only validate_doc_read functions URL: https://github.com/apache/couchdb/issues/1724#issuecomment-437473945 I'm -0.5 on the proposal. Concerns: 1) Overall throughput decrease if a database doesn't have any of these new functions, just from having to traverse your new code path on *every read*, 2) Lack of security and sandboxing in Erlang-based functions, which is why we ship with the Erlang query server disabled by default I know that point 2 above is why this feature will never land at Cloudant and would likely never land at anyone running a public/SaaS CouchDB offering. A potential alternative would be #1554 's approach. The only way to handling point 1 above is to actually have proper load testing & metrics showing the impact. This is something Cloudant devs have done with their major functionality changes in PRs over the past couple of years. Do you have any data points to share? The alternative to this was already proposed by the committer list and is in the roadmap is the per-document permissions: the `_access` proposal. See https://lists.apache.org/thread.html/6aa77dd8e5974a3a540758c6902ccb509ab5a2e4802ecf4fd724a5e4@%3Cdev.couchdb.apache.org%3E This approach already has a bunch of code behind it as well, and would vastly improve on the current db-per-user access model. With `_access` would we even need `validate_doc_read` functions? I don't think so.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
