Reputation: 1955
CouchDB per app role based security
Is there anyway to have a Role Based Access Control user management mechanism for a javascript app that uses couchDb as the database backend? According to what I have been looking into, when it comes to security all the talks are about setting up different users for the couchDb instance itself, rather than having user and role information inside one database that belongs to a specific application.
In addition, I would like to know how does authentication and role-based authorization work if you have per-app, in-database user & role information? Is there a token-based authentication way or what?
Upvotes: 0
Views: 413
Answers (1)
Reputation: 35613
In CouchDB, the only "read" access control is at the database level. If you need role or user based access to subsets of data, then you need to replicate filtered subsets to a database for each role or user you want to grant access to.
On the other hand, write access control can be implemented with validation functions.
Upvotes: 1
Related Questions
- Per document user access control for PouchDB / CouchDB
- Couchbase lite - user access control
- Advanced permissions with couchdb
- CouchDB Authorization on a Per-Database Basis
- Best practice for a multiuser CouchDB-based app?
- Couchdb Authentication / Authorisation
- How to create a users database in a couchapp with per user database security model? (per document read access)
- CouchApps and user authentication
- Multiple Apps with CouchDB
- Is there access control for CouchDB databases like PostgreSQL and MySQL privilege management?