You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Thorsten Scherler <sc...@gmail.com> on 2013/09/23 18:06:35 UTC
How to implement system hooks
Hi all,
I just started to play around with couchdb and I was trying to implement
the same behaviour of the user db in terms of read/write access. After a
while I figured that the user db is special since the logic I want is
implemented in after_doc_read of
https://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=blob_plain;f=src/couchdb/couch_users_db.erl
Now my question is how can I implement such a code in a custom database?
I could not find find any guides to roll out your own db in this way.
Can somebody point me to some docus or examples.
TIA
salu2
--
Thorsten Scherler <scherler.at.gmail.com>
codeBusters S.L. - web based systems
<consulting, training and solutions>
http://www.codebusters.es/
Re: How to implement system hooks
Posted by Thorsten Scherler <sc...@gmail.com>.
On 09/24/2013 10:40 AM, Benoit Chesneau wrote:
> On Tue, Sep 24, 2013 at 10:28 AM, Thorsten Scherler <sc...@gmail.com>wrote:
>
>> On 09/23/2013 06:50 PM, Mike Marino wrote:
>>> Hi Thorsten,
>>>
>>> I believe you're asking how to implement read/write permissions on a
>>> database, but I'm a little bit confused by your subject. If this is so,
>>> the normal way is to use validate_doc_update functions in a design
>>> document, e.g.:
>>>
>>>
>> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
>>> http://guide.couchdb.org/editions/1/en/validation.html
>>>
>>> You will see the first link describes the code you linked to.
>> Thank you Mike, but the above is only for UPDATE meaning write validation.
>>
>> However in
>>
>> https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
>> we are doing READ checks (if I understand the following code correctly)
>>
>> after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
>> #user_ctx{name=Name} = UserCtx,
>> DocName = get_doc_name(Doc),
>> case (catch couch_db:check_is_admin(Db)) of
>> ok ->
>> Doc;
>> _ when Name =:= DocName ->
>> Doc;
>> _ ->
>> Doc1 = strip_non_public_fields(Doc),
>> case Doc1 of
>> #doc{body={[]}} ->
>> throw(not_found);
>> _ ->
>> Doc1
>> end
>> end.
>>
>> My understanding is when we are the owner or admin of the doc we will
>> get the doc. In case we have public fields we return only those
>> otherwise we throw a 404.
>>
>> I would like to implement the exact same behaviour for a database I am
>> developing.
>>
>> Regarding the subject my question is how can I implement above code
>> either in a design document (my guess is that is not possible) or in a
>> custom db?
>>
>> If the later then the question is how do I create my own
>> couch_myOwn_db.erl and let couchdb know about the existence?
>>
>> TIA
>>
>> salu2
>>
>> --
>> Thorsten Scherler <scherler.at.gmail.com>
>> codeBusters S.L. - web based systems
>> <consulting, training and solutions>
>>
>> http://www.codebusters.es/
>>
>>
> I think you want something like
>
> https://github.com/refuge/couch_core/commit/49af86dee8f1e2240ac0c26e9ab9a9c87347b536
No, not "like" - it is exactly that. ;)
>
> I have been really busy these latest month but such thing should come asap
> in couch. (ie when I send this form which must be this week.)
>
Sweet that sound awesome and thank you very much.
salu2
--
Thorsten Scherler <scherler.at.gmail.com>
codeBusters S.L. - web based systems
<consulting, training and solutions>
http://www.codebusters.es/
Re: How to implement system hooks
Posted by Benoit Chesneau <bc...@gmail.com>.
On Tue, Sep 24, 2013 at 10:28 AM, Thorsten Scherler <sc...@gmail.com>wrote:
> On 09/23/2013 06:50 PM, Mike Marino wrote:
> > Hi Thorsten,
> >
> > I believe you're asking how to implement read/write permissions on a
> > database, but I'm a little bit confused by your subject. If this is so,
> > the normal way is to use validate_doc_update functions in a design
> > document, e.g.:
> >
> >
> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
> >
> > http://guide.couchdb.org/editions/1/en/validation.html
> >
> > You will see the first link describes the code you linked to.
>
> Thank you Mike, but the above is only for UPDATE meaning write validation.
>
> However in
>
> https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
> we are doing READ checks (if I understand the following code correctly)
>
> after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
> #user_ctx{name=Name} = UserCtx,
> DocName = get_doc_name(Doc),
> case (catch couch_db:check_is_admin(Db)) of
> ok ->
> Doc;
> _ when Name =:= DocName ->
> Doc;
> _ ->
> Doc1 = strip_non_public_fields(Doc),
> case Doc1 of
> #doc{body={[]}} ->
> throw(not_found);
> _ ->
> Doc1
> end
> end.
>
> My understanding is when we are the owner or admin of the doc we will
> get the doc. In case we have public fields we return only those
> otherwise we throw a 404.
>
> I would like to implement the exact same behaviour for a database I am
> developing.
>
> Regarding the subject my question is how can I implement above code
> either in a design document (my guess is that is not possible) or in a
> custom db?
>
> If the later then the question is how do I create my own
> couch_myOwn_db.erl and let couchdb know about the existence?
>
> TIA
>
> salu2
>
> --
> Thorsten Scherler <scherler.at.gmail.com>
> codeBusters S.L. - web based systems
> <consulting, training and solutions>
>
> http://www.codebusters.es/
>
>
I think you want something like
https://github.com/refuge/couch_core/commit/49af86dee8f1e2240ac0c26e9ab9a9c87347b536
I have been really busy these latest month but such thing should come asap
in couch. (ie when I send this form which must be this week.)
- benoit
Re: How to implement system hooks
Posted by Thorsten Scherler <sc...@gmail.com>.
On 09/24/2013 10:41 AM, Robert Newson wrote:
> Hi,
>
> The after_doc_read feature is not available to users at this time, it's an internal feature used for _users and _replicator.
Yeah I figured, or are you hinting that I should ask the question on the
dev list?
salu2
> B.
>
>
> On 24 Sep 2013, at 09:28, Thorsten Scherler <sc...@gmail.com> wrote:
>
>> On 09/23/2013 06:50 PM, Mike Marino wrote:
>>> Hi Thorsten,
>>>
>>> I believe you're asking how to implement read/write permissions on a
>>> database, but I'm a little bit confused by your subject. If this is so,
>>> the normal way is to use validate_doc_update functions in a design
>>> document, e.g.:
>>>
>>> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
>>>
>>> http://guide.couchdb.org/editions/1/en/validation.html
>>>
>>> You will see the first link describes the code you linked to.
>> Thank you Mike, but the above is only for UPDATE meaning write validation.
>>
>> However in
>> https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
>> we are doing READ checks (if I understand the following code correctly)
>>
>> after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
>> #user_ctx{name=Name} = UserCtx,
>> DocName = get_doc_name(Doc),
>> case (catch couch_db:check_is_admin(Db)) of
>> ok ->
>> Doc;
>> _ when Name =:= DocName ->
>> Doc;
>> _ ->
>> Doc1 = strip_non_public_fields(Doc),
>> case Doc1 of
>> #doc{body={[]}} ->
>> throw(not_found);
>> _ ->
>> Doc1
>> end
>> end.
>>
>> My understanding is when we are the owner or admin of the doc we will
>> get the doc. In case we have public fields we return only those
>> otherwise we throw a 404.
>>
>> I would like to implement the exact same behaviour for a database I am
>> developing.
>>
>> Regarding the subject my question is how can I implement above code
>> either in a design document (my guess is that is not possible) or in a
>> custom db?
>>
>> If the later then the question is how do I create my own
>> couch_myOwn_db.erl and let couchdb know about the existence?
>>
>> TIA
>>
>> salu2
>>
>> --
>> Thorsten Scherler <scherler.at.gmail.com>
>> codeBusters S.L. - web based systems
>> <consulting, training and solutions>
>>
>> http://www.codebusters.es/
>>
--
Thorsten Scherler <scherler.at.gmail.com>
codeBusters S.L. - web based systems
<consulting, training and solutions>
http://www.codebusters.es/
Re: How to implement system hooks
Posted by Robert Newson <rn...@apache.org>.
Hi,
The after_doc_read feature is not available to users at this time, it's an internal feature used for _users and _replicator.
B.
On 24 Sep 2013, at 09:28, Thorsten Scherler <sc...@gmail.com> wrote:
> On 09/23/2013 06:50 PM, Mike Marino wrote:
>> Hi Thorsten,
>>
>> I believe you're asking how to implement read/write permissions on a
>> database, but I'm a little bit confused by your subject. If this is so,
>> the normal way is to use validate_doc_update functions in a design
>> document, e.g.:
>>
>> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
>>
>> http://guide.couchdb.org/editions/1/en/validation.html
>>
>> You will see the first link describes the code you linked to.
>
> Thank you Mike, but the above is only for UPDATE meaning write validation.
>
> However in
> https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
> we are doing READ checks (if I understand the following code correctly)
>
> after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
> #user_ctx{name=Name} = UserCtx,
> DocName = get_doc_name(Doc),
> case (catch couch_db:check_is_admin(Db)) of
> ok ->
> Doc;
> _ when Name =:= DocName ->
> Doc;
> _ ->
> Doc1 = strip_non_public_fields(Doc),
> case Doc1 of
> #doc{body={[]}} ->
> throw(not_found);
> _ ->
> Doc1
> end
> end.
>
> My understanding is when we are the owner or admin of the doc we will
> get the doc. In case we have public fields we return only those
> otherwise we throw a 404.
>
> I would like to implement the exact same behaviour for a database I am
> developing.
>
> Regarding the subject my question is how can I implement above code
> either in a design document (my guess is that is not possible) or in a
> custom db?
>
> If the later then the question is how do I create my own
> couch_myOwn_db.erl and let couchdb know about the existence?
>
> TIA
>
> salu2
>
> --
> Thorsten Scherler <scherler.at.gmail.com>
> codeBusters S.L. - web based systems
> <consulting, training and solutions>
>
> http://www.codebusters.es/
>
Re: How to implement system hooks
Posted by Mike Marino <mm...@gmail.com>.
Hi Thorsten,
Apologies, I missed the comment on read. In my experience, couchdb only
provides read access via the _security object, meaning that it's only an
"on" or "off" type of thing for a database.
I can't speak to the customization of the database (this may be a question
for the dev list), but perhaps you can get similar behavior using the show
and list functions:
http://wiki.apache.org/couchdb/Formatting_with_Show_and_List
These functions take a req so you can customize the output based upon
user/role.
Perhaps someone else could give an idea of how to force all reads to go
through the list function (rewrite, mod_rewrite, etc.).
Cheers,
Mike
On Tue, Sep 24, 2013 at 10:28 AM, Thorsten Scherler <sc...@gmail.com>wrote:
> On 09/23/2013 06:50 PM, Mike Marino wrote:
> > Hi Thorsten,
> >
> > I believe you're asking how to implement read/write permissions on a
> > database, but I'm a little bit confused by your subject. If this is so,
> > the normal way is to use validate_doc_update functions in a design
> > document, e.g.:
> >
> >
> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
> >
> > http://guide.couchdb.org/editions/1/en/validation.html
> >
> > You will see the first link describes the code you linked to.
>
> Thank you Mike, but the above is only for UPDATE meaning write validation.
>
> However in
>
> https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
> we are doing READ checks (if I understand the following code correctly)
>
> after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
> #user_ctx{name=Name} = UserCtx,
> DocName = get_doc_name(Doc),
> case (catch couch_db:check_is_admin(Db)) of
> ok ->
> Doc;
> _ when Name =:= DocName ->
> Doc;
> _ ->
> Doc1 = strip_non_public_fields(Doc),
> case Doc1 of
> #doc{body={[]}} ->
> throw(not_found);
> _ ->
> Doc1
> end
> end.
>
> My understanding is when we are the owner or admin of the doc we will
> get the doc. In case we have public fields we return only those
> otherwise we throw a 404.
>
> I would like to implement the exact same behaviour for a database I am
> developing.
>
> Regarding the subject my question is how can I implement above code
> either in a design document (my guess is that is not possible) or in a
> custom db?
>
> If the later then the question is how do I create my own
> couch_myOwn_db.erl and let couchdb know about the existence?
>
> TIA
>
> salu2
>
> --
> Thorsten Scherler <scherler.at.gmail.com>
> codeBusters S.L. - web based systems
> <consulting, training and solutions>
>
> http://www.codebusters.es/
>
>
Re: How to implement system hooks
Posted by Thorsten Scherler <sc...@gmail.com>.
On 09/23/2013 06:50 PM, Mike Marino wrote:
> Hi Thorsten,
>
> I believe you're asking how to implement read/write permissions on a
> database, but I'm a little bit confused by your subject. If this is so,
> the normal way is to use validate_doc_update functions in a design
> document, e.g.:
>
> http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
>
> http://guide.couchdb.org/editions/1/en/validation.html
>
> You will see the first link describes the code you linked to.
Thank you Mike, but the above is only for UPDATE meaning write validation.
However in
https://github.com/apache/couchdb/blob/master/src/couchdb/couch_users_db.erl
we are doing READ checks (if I understand the following code correctly)
after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) ->
#user_ctx{name=Name} = UserCtx,
DocName = get_doc_name(Doc),
case (catch couch_db:check_is_admin(Db)) of
ok ->
Doc;
_ when Name =:= DocName ->
Doc;
_ ->
Doc1 = strip_non_public_fields(Doc),
case Doc1 of
#doc{body={[]}} ->
throw(not_found);
_ ->
Doc1
end
end.
My understanding is when we are the owner or admin of the doc we will
get the doc. In case we have public fields we return only those
otherwise we throw a 404.
I would like to implement the exact same behaviour for a database I am
developing.
Regarding the subject my question is how can I implement above code
either in a design document (my guess is that is not possible) or in a
custom db?
If the later then the question is how do I create my own
couch_myOwn_db.erl and let couchdb know about the existence?
TIA
salu2
--
Thorsten Scherler <scherler.at.gmail.com>
codeBusters S.L. - web based systems
<consulting, training and solutions>
http://www.codebusters.es/
Re: How to implement system hooks
Posted by Mike Marino <mm...@gmail.com>.
Hi Thorsten,
I believe you're asking how to implement read/write permissions on a
database, but I'm a little bit confused by your subject. If this is so,
the normal way is to use validate_doc_update functions in a design
document, e.g.:
http://docs.couchdb.org/en/latest/ddocs.html#validate-document-update-functions
http://guide.couchdb.org/editions/1/en/validation.html
You will see the first link describes the code you linked to.
Cheers and good luck,
Mike
On Mon, Sep 23, 2013 at 6:06 PM, Thorsten Scherler <sc...@gmail.com>wrote:
> Hi all,
>
> I just started to play around with couchdb and I was trying to implement
> the same behaviour of the user db in terms of read/write access. After a
> while I figured that the user db is special since the logic I want is
> implemented in after_doc_read of
>
> https://git-wip-us.apache.org/repos/asf?p=couchdb.git;a=blob_plain;f=src/couchdb/couch_users_db.erl
>
> Now my question is how can I implement such a code in a custom database?
> I could not find find any guides to roll out your own db in this way.
> Can somebody point me to some docus or examples.
>
> TIA
>
> salu2
>
> --
> Thorsten Scherler <scherler.at.gmail.com>
> codeBusters S.L. - web based systems
> <consulting, training and solutions>
>
> http://www.codebusters.es/
>
>