In terms of authorization, does anyone know of any documentation or guidance out there for users / developers?
I have my authentication setup and working fine, but I am looking for best practices around database authorization. Basics, e.g. implementing least privilege model, restrict access per document and/or document attachment, is it good practice to build out one view per access profile/role? Best Practices <https://docs.couchdb.org/en/stable/best-practices/index.html> does not appear to address authorization concepts. All I can find is below. 1.1.5. Security and Validation <https://docs.couchdb.org/en/stable/intro/overview.html#security-and-validation> To protect who can read and update documents, CouchDB has a simple reader access and update validation model that can be extended to implement custom security models. 1.5.3. Authorization <https://docs.couchdb.org/en/stable/intro/security.html#cookie-authentication> Each database on a CouchDB server can contain its own set of authorization rules that specify which users are allowed to read and write documents members, who are allowed to read all documents and create and modify any document 4.1.5. Adding client-side security with a translucent database <https://docs.couchdb.org/en/stable/best-practices/documents.html#adding-client-side-security-with-a-translucent-database> It is possible to use a modest amount of encryption and one-way functions to obscure the sensitive columns or key-value pairs, a technique often called a translucent database.
