commit | ac8094fa098a25726801f05480c172dc4c03188a | [log] [tgz] |
---|---|---|
author | Klaus Trainer <klaus_trainer@posteo.de> | Mon Aug 10 18:01:50 2015 +0200 |
committer | Klaus Trainer <klaus_trainer@posteo.de> | Mon Aug 10 18:04:04 2015 +0200 |
tree | 9c9de0d4ef3667c08c8bc5e90224b259f7d07161 | |
parent | 59605188af5ec4d37b4ef6a17923b5cfa15c5c82 [diff] |
Assert that shards have the same security object
couchdb_peruser is a CouchDB daemon that ensures that a private per-user database exists for each document in _users. These databases are writable only by the corresponding user. Databases are in the form:
userdb-{hex encoded username}
For example, the user bob
will have a database named userdb-626f62
.
The reason for hex encoding is that CouchDB usernames have no restrictions, but CouchDB databases have restrictions. Hex encoding the UTF-8 representation of the username is a transformation that's easy to correctly implement in just about any language, especially JavaScript and Erlang. Other encodings would be possible, but would require additional client and server-side code to support that encoding. This is the simplest scheme that is obviously correct.