我想实现一个webapp-一个feed,该feed集成了来自各种来源的数据并将其显示给用户。用户应该只能看到他有权读取的供稿项目(例如,因为它们属于他所属的项目)。但是,供稿项可能(并且将)对许多用户可见。
I want to implement a webapp - a feed that integrates data from various sources and displays them to users. A user should only be able to see the feed items that he has permissions to read (e.g. because they belong to a project that he is a member of). However, a feed item might (and will) be visible by many users.
我真的很想使用CouchDB(主要是因为_changes feed和map /减少观看次数)。我当时曾考虑将应用程序实现为纯沙发应用程序,但是权限模型遇到了麻烦。 AFAIK,CouchDB中没有每个文档的权限,通常使用每个用户的数据库和复制来实现。
I'd really like to use CouchDB (mainly because of the cool _changes feed and map/reduce views). I was thinking about implementing the app as a pure couchapp, but I'm having trouble with the permissions model. AFAIK, there are no per-document permissions in CouchDB and this is commonly implemented using per-user databases and replication.
但是当不同版本之间存在很多重叠时用户看到的话,会带来很多开销……东西将被复制到各处并在许多数据库中被复制。我喜欢这种方法的优雅之处,但是巨大的开销感觉就像是一个破坏交易的人……(假设我有50个用户,他们都看到相同的数据...)。
But when there is a lot of overlap between what various users see, that would introduce a LOT of overhead...stuff would be replicated all over the place and duplicated in many databases. I like the elegance of this approach, but the massive overhead just feels like a dealbreaker... (Let's say I have 50 users and they all see the same data...).
有什么想法吗?另一种解决方案?
Any ideas how on that, please? Alternative solution?
推荐答案您可以按照基于每个数据库的CouchDB授权。
对于写入权限,可以使用 CouchDB 权威指南-安全性。
For write permissions you can use validation functions as described on CouchDB The Definitive Guide - Security.
您可以为每个项目创建一个数据库并在其中执行权限,然后所有数据在用户之间高效共享。如果用户自己共享供稿,并且也需要权限,则可以使该用户成为项目,因此相同的逻辑适用于所有地方。
You can create a database for each project and enforce the permissions there, then all the data is shared efficiently between the users. If a user shares a feed himself and needs permissions on that as well you can make the user into a "project" so the same logic applies everywhere.
使用此设计,您可以为每个项目授权一个用户或一组用户(角色)。
Using this design you can authorize a user or a group of users (roles) for each project.
更多推荐
CouchDB每用户数据库方法对于拥有大量共享数据的用户是否可行?
发布评论