I made a list to filter view result because of security issues. The list filters a defined view in the database according to the user session attributes. Thats exactly what I wanted.
Example Uri: http://localhost:5984/hrtool/_design/hrtool/_list/candidates/candidates
But there's still one problem: By guessing the couch Rest api, someone can get the complete view: Example: http://localhost:5984/hrtool/_design/hrtool/_view/candidates/
Is there a posibility to prevent such calls on the view?
Thanks in advance fadh
localhost
, don't you? Posting URLs to servers on your laptop doesn't help. Similarly, the people on TV cannot see you. – Malvolio