On Wed, Nov 18, 2009 at 7:31 AM, Ning Tan <[email protected]> wrote: > On Wed, Nov 18, 2009 at 12:35 AM, sftf <[email protected]> wrote: >> Are there plans to implement authorization at document's attributes >> granularity, >> or it should be implemented at the application level? >> >> In the current version I see only one version of access control at attribute >> granularity - >> create personal views for each application user with the emitting permitted >> fields only. >> But adding user in this scheme requires the creation of the new views and >> leads to >> time-consuming indexing of potentially large volumes of data. > > Haven't put much thought into this, but from your problem description, > I guess one way to alleviate the problem is to have views based on > groups and assign users to a certain group. >
you can use the user's name as a key in a single large view. so instead of a key like [tag, date] you could have [user, tag, date] and require user's to prefix their queries with their own name. Of course this doesn't help with the the huge on disk index (depending on your # of users) For write access of course the validation function is what you are looking for. -- Chris Anderson http://jchrisa.net http://couch.io
