Allow user to only access specific data in a RethinkDB table

Question

I am implementing an application (HTML and AngularJS) that uses RethinkDB to store data.

Basically, anyone can get the RethinkDB connection credentials from the .js file.

So how can I allow the user to only get their own data?

In the RethinkDB documentation it is mentioned that you can control read and write on the db level and on the table level but nothing mentioned to control access on the document level !!!

How can I achieve this? (users can only get their own documents )

Regards,

score 0 · Answer 1 · answered Mar 12 '17 at 00:40

0

As described in the documentation, RethinkDB users are meant to be assigned to administrators or entire applications:

https://www.rethinkdb.com/docs/permissions-and-accounts/

Individual users of your applications and their document-level access rights should be managed by your application, not by rethinkdb itself.

answered Mar 12 '17 at 00:40

Etienne Laurin

6,731
2
27
31

1

Managing document-level access rights by the application is logical. However, since the application is based on JavaScript (I'm using AngularJS as I mentioned in the question) this will not prevent users from accessing all the table content and get all of the documents ! – Nabeel Mar 14 '17 at 15:52

Allow user to only access specific data in a RethinkDB table

1 Answers1