removing access to doc

[Seung Chan Lim]

I think I still lack a more fundamental understanding of what's going on with the sync function. The part that's confusing me is what's happening _implicitly_.

If I understand correctly. Each time a document is created/updated the sync function is called. 

From what I understand, there is an _implicit_ connection between a call to "access," "role," or "channel" and the document being created/updated.

Now...

If I want to remove a user's access to a document. I have 3 choices:

1) Stop routing the document to a channel that the usr has access to.

2) Remove the user's access to the channel that the document is routed to.

3) Remove the user from the role that has access to the channel the document is routed to

To do 1) I simply don't call "channel" when a new revision of the doc is passed to the sync function. While the old revision may have been accessible to the user, the new revision will not be. That part is clear.

But for some reason doing 2) and 3) is very fuzzy for me... Could someone help me better understand this? Something invisible and implicit is confusing me.

slim

[xiangyu wang]

I'm new to this as well. Though to control access to a document, there is a sample project to refer to: https://github.com/couchbaselabs/ToDoLite-iOS.

It give each doc a property: memebers, it is an array where all users that has access would be set in this array.

Then each time sync function is processing the doc, channel access is given to these user within the array. The code below.

    if (Array.isArray(doc.members)) {
      var memberNames = [];
      for (var i = doc.members.length - 1; i >= 0; i--) {
        memberNames.push(doc.members[i].substring(doc.members[i].indexOf(":")+1))
      };
      access(memberNames, "list-"+doc._id); //"list-"+doc._id is the channel name
    }

I've not yet been using roles yet, so lets count on the others.

-Sean

[Seung Chan Lim]

I have no problem understanding how to _give_ access. My question is about how to _take away_ access. More specifically how to take access away from channels, not docs.

Do you have any insights on how that works under the hood? 

slim

[Jens Alfke]

On Feb 20, 2015, at 8:33 PM, Seung Chan Lim <djs...@gmail.com> wrote:

But for some reason doing 2) and 3) is very fuzzy for me... Could someone help me better understand this? Something invisible and implicit is confusing me.

Maybe it’ll help to explain what’s going on behind the scenes.

Internally, every document stores a couple of pieces of metadata:

- the set of channels it’s in

- a set of (user, channel) pairs, each of which declares that a user gets access to a channel

- a set of (role, channel) pairs with similar meanings.

All of that metadata is produced by the callbacks invoked by the sync function. And it’s updated every time the doc is updated.

The way a user’s access privileges are computed is to start with the ‘admin_channels’ property, i.e. the channels the user is specifically given access to, and then add in all of the channels granted by documents — all the channels in (user, channel) pairs where the user matches. (A role’s access privileges are computed the same way.) Finally all the channels accessible to all the users’ roles are added.

So basically, user/role X has access to channel C if any of these is true:

- channel C is in X's admin_channels property

- there is some document that declares a (X, C) pair

- X is a user and has a role R such that R has access to C by the rules above

Does that help?

—Jens