使用CouchDB的选择性复制 [英] Selective replication with CouchDB
问题描述
我目前正在评估以下问题的可能解决方案:
I'm currently evaluating possible solutions to the follwing problem:
必须在多个客户端之间同步一组数据条目,每个客户端只能查看(或甚至不知道数据子集的存在。
每个客户拥有一些元素,其他人可以读取或修改这些元素的决定只能由所有者决定。为了使这种情况更加复杂,每个元素(以及每个元素修订版)必须具有一个对所有客户端都相等的唯一标识符。
A set of data entries must be synchonized between multiple clients, where each client may only view (or even know about the existence of) a subset of the data. Each client "owns" some of the elements, and the decision who else can read or modify those elements may only be made by the owner. To complicate this situation even more, each element (and each element revision) must have an unique identifier that is equal for all clients.
尽管后者听起来像是一项完美的任务对于CouchDB(以及基于文档的数据模型是否完全适合我的需求),我不确定CouchDB的身份验证/授权子系统是否可以满足以下要求:虽然应该可以使用验证功能限制写访问,但是没有。似乎是一种授权读取访问的方法。我为该问题找到的所有解决方案都建议通过处理授权的代理(或应用程序层)路由所有CouchDB请求。
While the latter sounds like a perfect task for CouchDB (and a document based data model would fit my needs perfectly), I'm not sure if the authentication/authorization subsystem of CouchDB can handle these requirements: While it should be possible to restict write access using validation functions, there doesn't seem to be a way to authorize read access. All solutions I've found for this problem propose to route all CouchDB requests through a proxy (or an application layer) that handles authorization.
因此,问题是:是是否有可能实现一个授权层,该授权层过滤对数据库的请求,以便仅将访问权限授予请求客户端具有读取权限并仍使用CouchDB复制机制的文档?简化后,这就是某种选择性复制,其中仅复制一些文档,而不复制整个数据库。
So, the question is: Is it possible to implement an authorization layer that filters requests to the database so that access is granted only to documents that the requesting client has read access to and still use the replication mechanism of CouchDB? Simplified, this would be some kind of "selective replication" where only some of the documents, and not the whole database is replicated.
我也将感谢您向有关复制如何工作的一些详细信息。 CouchDB Wiki甚至确定指南书对此都不是很明确。
I would also be thankful for directions to some detailed information about how replication works. The CouchDB wiki and even the "Definite Guide" Book are not too specific about that.
推荐答案
这乞求复制过滤器。您可以根据施加的条件过滤出站复制,并为目标所有者提供不受限制地访问自己的副本的权限。
this begs for replication filters. you filter outbound replication based on whatever criteria you impose, and give the owner of the target unrestricted access to their own copy.
我没有机会玩复制会直接过滤,但是其想法是每个文档都将具有有关谁有权访问它的一些信息,然后过滤机制将仅允许您有权访问的那些文档的出站复制。从目标复制回主服务器将不受限制,这将允许主服务器保持汇总副本,并可能对重叠的数据集进行多播更改。
i haven't had the opportunity to play with replication filters directly, but the idea would be that each doc would have some information about who has access to it, and the filtering mechanism would then allow outbound replication of only those documents that you have access to. replication from the target back to the master would be unrestricted, allowing for the master to remain a rollup copy, and potentially multicast changes to overlapping sets of data.
这篇关于使用CouchDB的选择性复制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
