couchbaselabs mini-hacks
https://github.com/couchbaselabs/mini-hacks
Important !!
channels-users-roles
https://github.com/couchbaselabs/mini-hacks/tree/master/channels-users-roles
=====
level-1:未註冊使用者(發文要核準)
level-2:註冊使用者(發文不用核準)
level-3:版主(可核準或取消)
程式動態新增role
藍線:建立role
綠線:回覆結果
.角色(Roles)和使用者(users) 是可以被授權 而訪問 Channels.
使用者(users) 被附予角色(Roles),則可以 用角色的授權 進而訪問 Channels
.channel(channelname) 有讀取權限
access(doc.owner, channelname); 給 寫入權限
requireUser(doc.owner) requireRole(doc.role) 也可以給 寫入權限
document content (using throw) ???
讀和寫權限是分開的。
寫的權限完全是用sync function控制:除非sync function拒絕………
Write
requireUser(username) 是否是該使用者(User)
requireRole(rolename) 是否有該角色(Role)
requireAccess(channels) 是否有該Channel
curl -vX POST -H ‘Content-Type: application/json’ \ –cookie ‘SyncGatewaySession=d007ceb561f0111512c128040c32c02ea9d90234’ \ :4984/db/ \ -d ‘{“type”: “review”, “role”: “level-1”, “owner”: “jens”}’
{“type”: “review”, “role”: “level-1”, “owner”: “jens”} =>
type => doc.type
role => doc.role
owner => doc.owner
So
doc.type review
doc.role level-1
doc.owner jens
=====
curl -vX POST -H ‘Content-Type: application/json’ \ –cookie ‘SyncGatewaySession=6e7ce145ae53c83de436b47ae37d8d94beebebea’ \ :4984/db/ \
-d ‘{“type”: “review”, “role”: “level-2”, “owner”: “andy”, “restaurant_id”: “123”}’
So
doc.type review
doc.role level-2
doc.owner andy
doc.restaturant_id 123
=====
curl -vX POST -H ‘Content-Type: application/json’ \ –cookie ‘SyncGatewaySession=3a5c5a67ff67643f8ade175363c65354584429e9’ \ :4984/db/ \ -d ‘{“type”: “profile”, “name”: “william”, “role”: “level-3”}’
So
doc.type profile
doc.name william
doc.role level-3