4

I'm trying to filter my collection of documents according to the users who logs in. I followed the instructions for auth given by the people of cloudant.com , I created an _user db and it works.

Now my question is: is it possible to add some ad-hoc key to the user object and retrieve it from my code, with some js plugin like jquery.couchLogin?

example of what I want to create:

{
    "_id": "org.couchdb.user:agata",
    "_rev": "1-03a67c25da054b5f24d215f4db059d71",
    "name": "agata",
    "type": "user",
    "roles": ["admin"],
    "password_sha": "***",
    "salt": "***",
    "MYKEY1":"my val",
    "MYKEY2":"my val2"
}

and then retrieve MYKEY1 AND MYKEY2....

I already tried with $.couchLogin but all I can retrieve is a userCtx object which reports only some of the above fields (name, roles). It seems that I should trick with the couchdb code to add keys to the userCtx object, and I really don't want to.

Is there a simplier solution?

Daniele B
  • 3,117
  • 2
  • 23
  • 46

1 Answers1

3

As this question received no answers, I report here the answer of cloudant support:

You can’t store that information in your user document on Cloudant’s public cluster for security purposes. Whereas you could if you were running CouchDB, BigCouch, or a private Cloudant cluster.

However, you can store that information in one of your databases and have the client (assuming it’s an app server and not a browser) do the filtering and permissions.

So my strategy now will be to

  1. create another DB with all the information I need about a user.
  2. make this db accessible only to authorized users
  3. retrieve client side (after checking the login) all the info I need.

I'll keep you updated to verify it works and what issues I faced.

UPDATE

It worked! So the strategy is basically to make two databases:

  1. one (_users) with name, sha passwords etc, specific to cloudant
  2. another one (your_users_DB) with just username and other keys you need for various actions you need to perform.

So what I did was to create this second database with documents structured like this:

{"_id":"org.couchdb.user:USERONE",
"name":"USERONE",
"type":"user",
"roles":["user"],
"filters":{"FILTER1":"VAL1","FLTER2":"VAL2"}}

Then when the user (let's say USERONE) logs in succesfully, also this doc is retrieved, and the "filters" field is used to filter my collection.

Kind of workaround, but it works robustly

dreftymac
  • 31,404
  • 26
  • 119
  • 182
Daniele B
  • 3,117
  • 2
  • 23
  • 46