Base on this documentation, access to databases as well as collections can be adjusted based on the user.
But is there anyway to limit a user (user's queries) so that he can only query against a specific document (and not the whole documents of a collection)?
Related
Hi I working on a simple application using Azure CosmosDB. Now I want to use resource tokens to provide specific access to documents and collection in the DB. In the permission modes there are PermissionMode.Read and PermisssionMode.All. So I am assuming that PermissionMode.All allows the users to read, write, delete and post. If what I am assuming is correct, I specifically do not want my users to delete or post in a certain collection. How do I achieve this?
For better understanding, my database contains a container called users, which contains user information along with their posts and likes per post and stuff. Now I allow all my users to read (view posts of other users) and write (give a like or increment the like field), but I want to allow Post and Delete to a document to only the user of the document.
The finest granularity for assigning permissions is a partition key value so the only way to grant per document permissions is if your document id is also the partition key. If your partition key is userId and the user profile and posts, etc. all share that same partition key then that should work for you. Here is a sample that creates a permission on a partition key for a user.
I'm managing a multiuser app using Ionic 3.x, PouchDB, CouchDB and a node.js server running Superlogin. The app is steadily growing and I want to introduce a new feature.
My app has normal users and superusers. Each normal and superuser in my application gets it's own user database. There is also a shared database, let's call it the generaldb.
And here's my problem: Both users can create documents. These documents are synced to the userdb as well as to the general db. These documents have, amongst other things, a keyword (e.g. "colour": "green"). Superusers have access to a specific key. (In the above example that would mean that there are for example 5 superusers who can access the key green.)
Now, no normal user should be able to read, update or write other user's documents on the generaldb. Superusers should be able to read, update or write documents in the generaldb depending on which key they have access to. But they should not be allowed to change documents that don't match their key.
How can I restrict access for normal users in the generaldb, so that only documents created by themselves are synced to their devices and so that they couldn't change other users documents?
How can I ensure, superusers can change normal users documents, as long as they have access to the correct key?
How can I ensure superusers cannot change their own key, so that when number 2 is accomplished, they cannot manually work around the system?
One of the ideas of mine is to only let the users access their own db and have the shared db only accessible by superusers and then do a filtered replication of the userdb to the shared db. But this only solves 1 and seems very inefficient.
I have the following requirement: Retrieve the users from OpenAm which are members of a specific group. Alternatively, if possible, retrieve users defined in a specific data store. All this through web-services.
We have our own JDBC data store implementation which reads users from and authenticates users against our database. That works fine. The data store is one of two data stores in our sub realm. The other data store points to an LDAP.
Now I need to read the users (and later the user attributes) from users being defined in the LDAP data store, and only users of a specific group, if possible.
Previously we did that with wso2. There they had a web-service method that allowed you to retrieve users of a specific group only.
Currently I am looking into the IdentityServices web-service of OpenAm, and I am able to list all users of my realm, and get the attributes. But for performance reasons, it would be nice to be able to refine the search. Is that possible? Am I looking at the wrong web-service?
Regards,
Sascha
I have a rather very know Solr issue. The index contain a group of docs of employee records that has a set of public access fields and a set of secure fields. Based on the user's security credentials (which may be indexed in the doc as one field), if a document matched, all its public fields and some of the secured fields which he has access. This list of secure fields varies document to document in the same index. Example: a manage of a department (belonging to one company) can view all secure fields of employees (doc) under him but not for those who do not work under him (whether in the same company or not). But he can still see ALL the public fields of ALL the of the employees (matched and filtered docs).
So being manager, I can see all (public + secure) fields of every one working under me but my asst can see only some of the secure fields who are under him. How to implement this in Solr. Thanks.
The documentation states that Solr does not concern itself with security at the document level.
Solr is designed to be an index of your data, not a replacement for your database (Access control is an important DB feature, only adds complexity to an index)
My suggestions:
Remove all sensitive data from the index. Each Solr document could include a reference (or link) to a 3rd party system/database holding the sensitive data requiring access control.
Encrypt the sensitive content within the index Using public/private key encryption, you can control who is able to decrypt the sensitive fields of a Solr document. (This solution wouldn't scale very well, nor does it allow searching of encrypted fields)
Create a sensitive search index, for each manager: Use the web server's authentication mechanism to control access to the index and load sensitive data there.
I would suggest to take the following steps:
separate out the public and secure content, you can use two separate cores.
add a ServletFilter that sits between User and SOLR webapp and then you can use some basic ACL based security on top of SOLR results to filter out the content as per your application requirements.
I would like to restrict the user permissions so that a normal user is only able to read/write its own user document.
I managed to set the write permissions such that a user can only edit their own document (via the validate_doc_update function in the design document).
Now I only have to limit a user from viewing the user list or other user documents. If I set the database read permissions to the '_admin' role, then the user will not be able to view their own document, which it's not what I intend.
Can this be done in a more general way? I.e. to set read permissions such that a user is able to read only some specific documents in the database?
Unfortunately, per-document read control is not possible.
However, if you use a list function you can perform a "post-query filter" that limits the results of a view query based on the current session user. (via the userCtx parameter)
In CouchDB creating a new database is cheap and it was designed to keep the data as close as possible to the user who needs it.
So the suggested approach is to have one database for each user.