CouchDB: Single Page Web Application accounts without middleware

Question

Is it possible to implement Single Page Web Application that would have sensitive data, e.g. accounts, with address etc, without middleware?

I've been evaluating CouchDb, as the best applicable, because it allows to implement author only updates. But is it possible to implement author only views with it?

I.e. is it possible to overwrite special _all_docs view, at least?

Or is there any other permissions ware data storage, including and not limiting to other (NoSQL) databases?

Thank you.

Answer 1

It's common issue when starting working with CouchDB, that there is no built-in way to have read access per document, and not possible to have access lists for views as well.

Common solution for this problem (although if it's main concern of your app then maybe CouchDB is not your weapon of choice, I don't know other NoSQL solutions very well to provide alternatives, unfortunately) - if you don't want to have any middleware - is to have per-user database scenario, in which users have access to the documents stored in their own databases.

When you want to share a document (i.e. have it visible for few users) you may use filtered replication, to fetch them from database A and put in database B - http://wiki.apache.org/couchdb/Replication#Filtered_Replication.