Consider using _rewrite as a function, see https://docs.couchdb.org/en/stable/api/ddoc/rewrites.html#using-a-stringified-function-for-rewrites for more details.
ermouth On Sat, Jul 8, 2023 at 10:28 PM Ronnie Royston <ron...@ronnieroyston.com> wrote: > I am a CouchDB user. I need more granularity in terms of DB authorization, > e.g. limit who can read a document in a shared database. > > It appears that show functions do get passed the request object, (doc, > req), however it looks like this is discouraged via a deprecation warning. > Update validation documents pass (newDoc, oldDoc, userCtx, secObj) to the > query server, however I need the request object, and for *all* HTTP > methods. > > src/chttpd/src/chttpd_node.erl seems to handle HTTP requests but I do not > know Erlang well enough to pipe all requests out. I would really like to > allow clients/browsers to communicate directly with couch (albeit via > recommended reverse proxy) and not force all db requests through, for > example, Node.js. > > It seems like the query server architecture is 99% there in terms of what I > need - it's just that I need the full request object and need my validation > to get called for every HTTP method. > > How can I restrict access to a document in a shared database based on > userID? I believe I need to intercept HTTP requests and validate them, > right? > > -- >
