On Sun, Sep 9, 2012 at 6:50 PM, Dave Cottlehuber <[email protected]> wrote: > > My question is - what does this role actually do for you? All > authenticated users will have a UsrCtx available in ddocs, so the mere > fact it exists implies they're in users. Where else might you want a > specific, separate role? Am I missing something?
Quite often with a couchapp you need the main page, or certain parts, to be publicly accessible but not all the data. Personal profile data would be hidden. New users need read access to view the sign up form, which they cannot do if the whole couch is limited to authenticated user access. If you have a role of _user you can put the "authenticated users only" data into a separate database while still allowing access to the sign up and info about the application. At the document level, you could write validation functions allowing public read access but only authenticated users write access. A use-case is a forum. It's standard to allow public read access but require authentication to write. You need to easily group all signed-up members. I'm ruling out server-side scripts. There's little advantage in using CouchDB if you are doing things the LAMP way. Is there a client-side way that I'm missing? Thanks, Marcus
