How do I limit a CouchApp's access to CouchDB's `_user` table?

Question

I'd like to get some advice on how to structure the user data for my CouchDB application.

Here's what we're building: We are creating a suite of applications (mostly leveraging the video api of html5) that train people on different skills. We're going to start with a few simple video lectures coupled with interactive activities. We'd like to save individual user's progress, and in the near future we'd like to create some mini-courses that users take in small and large groups. Multiple users would participate in the same activity either live (like google docs), or over some long duration (like a wiki).

My concern is with private user data. Ultimately it would be the simplest, for us and the user, for them to sign up with their email address and a password. But, in CouchDB's _user database read access to the data is essentially public, and I'd rather not make all my user's email addresses public. How to make those email addresses private is my biggest concern. In addition it would be nice if we could have all user data be private unless the user chooses to make it public.

I have thought of a few options, and read through this article and many others on the wiki: http://wiki.apache.org/couchdb/PerDocumentAuthorization

I'm really not leaning toward anything yet, and would love some advice.

Answer 1

In the soon-to-be-released CouchDB-1.2.0, documents in the _users database can only be read by the respective authenticated user and administrators.