Hey, I have a difficulty with understanding setup of read access control for different users.
In my scenario I want to have 3 users in the Sync Gateway:
-
master
- for uploading/editing/reading all documents stored in this database -
userA
- with read access to a subset of the documents in this database -
userB
- with read access to another subset of the documents in this database
I created my documents in a way so the contain channels array in JSON, and in this array I specify FEATURE name to which document belong (like featureA
, featureB
, featureZ
).
My goal is for userA
to access documents from channels featureA
and featureZ
only, and userB
from , featureB
and featureZ
only, As I’m using Couchbase Lite, I want syncing of those documents to exclude not needed documents.
Now I setup my database in following way:
"mydatabase": {
"server": "http://server",
"bucket": "bucketname",
"username": "bucketname",
"password": "password",
"users": {
"GUEST": {
"disabled": true,
"admin_channels": ["*"]
},
"master": {
"disabled": false,
"password": "password",
"admin_channels": ["*"]
},
"userA": {
"disabled": false,
"password": "password",
"admin_channels": [
"featureA",
"featureZ"
]
},
"userB": {
"disabled": false,
"password": "password",
"admin_channels": [
"featureB",
"featureZ"
]
}
},
"sync":
`
function(doc, oldDoc){
channel(doc.channels);
}`
}
With such config I can access all documents regardless of which user I’m authenticated with against Sync Gateway.
Can you tell me what I am missing in this config?