Conditional authentication in sync function
52 views
Skip to first unread message
Marcus Roberts
Nov 18, 2014, 12:36:43 PM11/18/14
to mobile-c...@googlegroups.com
Is it (or could it be) possible to have conditional authentication in the sync function?
I have a document that either the a user in a channel specific to the document or any admin (in my application domain) should be able to update.
What I really want to say is
requireAccess("access-channel") || requireAccess("admin-channel")
As I typed this, I realised I can do what I want by either adding all admins to the access-channel or better, adding an admin role to the access-channel and adding admins to the admin role, but I can think of other scenarios, e.g
requireAccess(oldDoc.user) || requireAccess("admin-channel")
or
requireAccess(oldDoc.user) || requireRole("admins")
Jens Alfke
Nov 18, 2014, 1:00:38 PM11/18/14
to mobile-c...@googlegroups.com
On Nov 18, 2014, at 9:36 AM, Marcus Roberts <marcus....@gmail.com> wrote:
What I really want to say is
requireAccess("access-channel") || requireAccess("admin-channel")
That would be:
requireAccess(["access-channel", "admin-channel"])
—Jens
Marcus Roberts
Nov 18, 2014, 2:25:35 PM11/18/14
to mobile-c...@googlegroups.com
On Tuesday, 18 November 2014 18:00:38 UTC, Jens Alfke wrote:
What I really want to say isrequireAccess("access-channel") || requireAccess("admin-channel")That would be:requireAccess(["access-channel", "admin-channel"])
Thanks, obvious when I re-read the documentation!
Marcus
James
Sep 14, 2015, 12:05:47 PM9/14/15
to Couchbase Mobile
I'd like to follow up on this.
Is there away to do requireAccess(...) || requireRole(...) ?
The above example handles requireAccess(...) || requireAccess(...)
James
Jens Alfke
Sep 14, 2015, 12:09:08 PM9/14/15
to mobile-c...@googlegroups.com
On Sep 14, 2015, at 1:48 AM, James <james....@bcgdv.com> wrote:
Is there away to do requireAccess(...) || requireRole(...) ?
No, there isn’t. It just never occurred to us. Can you explain what you’d use it for?
You can file an request for it on the Sync Gateway Github repo’s issue tracker.
—Jens
Matt Quinn
Sep 15, 2015, 2:31:21 PM9/15/15
to mobile-c...@googlegroups.com
On Mon, Sep 14, 2015 at 04:09:00PM +0000, Jens Alfke wrote:
try {
requireAccess('myChannel');
} catch(e) {
requireRole('myRole');
}
A user who passes either require check would carry on, while everyone
else would throw on the requireRole check. Right?
Matt
>
> On Sep 14, 2015, at 1:48 AM, James <james....@bcgdv.com<mailto:james....@bcgdv.com>> wrote:
>
> Is there away to do requireAccess(...) || requireRole(...) ?
>
> No, there isn’t. It just never occurred to us. Can you explain what you’d use it for?
> You can file an request for it on the Sync Gateway Github repo’s issue tracker.
Would it be possible to do this using try/catch?
> On Sep 14, 2015, at 1:48 AM, James <james....@bcgdv.com<mailto:james....@bcgdv.com>> wrote:
>
> Is there away to do requireAccess(...) || requireRole(...) ?
>
> No, there isn’t. It just never occurred to us. Can you explain what you’d use it for?
> You can file an request for it on the Sync Gateway Github repo’s issue tracker.
try {
requireAccess('myChannel');
} catch(e) {
requireRole('myRole');
}
A user who passes either require check would carry on, while everyone
else would throw on the requireRole check. Right?
Matt
Jens Alfke
Sep 15, 2015, 2:40:42 PM9/15/15
to mobile-c...@googlegroups.com
I think that would work, though I wouldn’t bet money on it. It’s worth an experiment!
—Jens
Reply all
Reply to author
Forward
0 new messages