On Fri, Apr 10, 2009 at 5:31 PM, Samuel Wan <[email protected]> wrote: > Thanks for the pointers, Patrick! > > Is the "validate_doc_update" a special function that CouchDB looks for > when processing a PUT request? If the design document contains the > validation function, but you're updating a regular document, how will > CouchDB know which design document contains the validation function to > run? > > -Sam >
Yep, "validate_doc_update" is a special member name on _design documents. CouchDB loads all of these functions and runs them in non-deterministic order on your document updates. If any of these functions forbids an update the update is rejected. HTH, Paul Davis > On Fri, Apr 10, 2009 at 12:27 PM, Patrick Antivackis > <[email protected]> wrote: >> Hi Samuel, >> No real doc nor wiki yet. >> What is implemented already is administrator acces and update validation. >> Reader access nothing yet. >> >> About update validation, the only reliable source is the test suite : >> http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/security_validation.js?view=markup >> >> About administrator you have a light wiki info there : >> http://wiki.apache.org/couchdb/Setting_up_an_Admin_account >> >> Hope you fill find what you need >> >> >> 2009/4/10 Samuel Wan <[email protected]> >> >>> Hi all, >>> >>> I waited for security support in CouchDB 0.9 before jumping back in, >>> and saw Administrator Access, Reader Access, and Update Validation >>> features mentioned at http://couchdb.apache.org/docs/overview.html. >>> Where can I find the most recent information on CouchDB's security >>> support, and ways to implement authentication and authorization? >>> >>> I found a 5-month old post here, but wasn't sure how much had changed: >>> >>> http://jchrisa.net/drl/_design/sofa/_show/post/couchdb_edge__security_and_vali >>> >>> Any hints on where to look would be much appreciated. >>> >>> -Sam >>> >> >
