Hi Thorsten, Apologies, I missed the comment on read. In my experience, couchdb only provides read access via the _security object, meaning that it's only an "on" or "off" type of thing for a database.
I can't speak to the customization of the database (this may be a question for the dev list), but perhaps you can get similar behavior using the show and list functions: http://wiki.apache.org/couchdb/Formatting_with_Show_and_List These functions take a req so you can customize the output based upon user/role. Perhaps someone else could give an idea of how to force all reads to go through the list function (rewrite, mod_rewrite, etc.). Cheers, Mike On Tue, Sep 24, 2013 at 10:28 AM, Thorsten Scherler <[email protected]>wrote: > On 09/23/2013 06:50 PM, Mike Marino wrote: > > Hi Thorsten, > > > > I believe you're asking how to implement read/write permissions on a > > database, but I'm a little bit confused by your subject. If this is so, > > the normal way is to use validate_doc_update functions in a design > > document, e.g.: > > > > > http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions > > > > http://guide.couchdb.org/editions/1/en/validation.html > > > > You will see the first link describes the code you linked to. > > Thank you Mike, but the above is only for UPDATE meaning write validation. > > However in > > https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl > we are doing READ checks (if I understand the following code correctly) > > after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) -> > #user_ctx{name=Name} = UserCtx, > DocName = get_doc_name(Doc), > case (catch couch_db:check_is_admin(Db)) of > ok -> > Doc; > _ when Name =:= DocName -> > Doc; > _ -> > Doc1 = strip_non_public_fields(Doc), > case Doc1 of > #doc{body={[]}} -> > throw(not_found); > _ -> > Doc1 > end > end. > > My understanding is when we are the owner or admin of the doc we will > get the doc. In case we have public fields we return only those > otherwise we throw a 404. > > I would like to implement the exact same behaviour for a database I am > developing. > > Regarding the subject my question is how can I implement above code > either in a design document (my guess is that is not possible) or in a > custom db? > > If the later then the question is how do I create my own > couch_myOwn_db.erl and let couchdb know about the existence? > > TIA > > salu2 > > -- > Thorsten Scherler <scherler.at.gmail.com> > codeBusters S.L. - web based systems > <consulting, training and solutions> > > http://www.codebusters.es/ > >
