Please use the form below to provide your feedback. Because your feedback is valuable to us, the information you submit in this form is recorded in our issue tracking system (JIRA), which is publicly available. You can track the status of your feedback using the ticket number displayed in the dialog once you submit the form.

A newer version of this documentation is available.

View Latest

How to Verify Access

      +

      How to verify Sync Gateway access to data in cloud-to-edge enterprise data synchronization.

      Related topics: Create Role | Create User | Add Role to User | Allow Access | Verify Access | Write Access

      Related Concepts

      Access control Model

      Purpose

      Use the Admin REST API to see the:

      • Channels a user has access to

      • Channels a role has access to

      • Channels a document is assigned to

      Context

      The all_channels property of a user account determines the channels a user can access. Its value is derived from the union of:

      • The user’s admin_channels property, which is set using the Admin REST API.

      • The channels the user has been granted access to by access() calls from sync functions invoked for current revisions of documents.

      • The all_channels properties of any roles the user belongs to. These are themselves computed using the above rules.

      Process

      • Users

      • Roles

      • Document

      Send a get request to the /{tkn-db}/_user/{name} endpoint

      curl http://localhost:4985/db/_user/pupshaw

      The output shows that the user pupshaw has access to the following channels:

      1 all through its own admin_channels setting
      2 hoopy through the froods role’s admin_channels setting 
      {
    "admin_channels": [
        "all" (1)
    ],
    "admin_roles": [
        "froods"
    ],
    "all_channels": [
        "all",
        "hoopy" (2)
    ],
    "name": "pupshaw",
    "roles": [
        "froods"
    ]
}

      Send a get request to the /{tkn-db}/_role/ endpoint

      curl http://localhost:4985/db/_role/frood

      The output shows that the role froods has access to the following channels:

      1 hoopy through its role’s admin_channels setting 
      {
    "name": "froods",
    "admin_channels": [
        "hoopy" (1)
    ],
    "admin_roles": [
        "froods"
    ],
    "all_channels": [
        "hoopy" (2)
    ]
}

      Send a get request to the /{tkn-db}/_alldocs endpoint

      curl http://localhost:4985/ourdb/_all_docs?channels=true&keys=[ourdoc]" -H "accept: application/json"
      1 The output shows that the document ourdoc is assigned to the channels: all and hoopy
      That assignment to hoopy is what makes it available to our froods role and therefore to our user pupshaw.      		 
      {
  "id": "ourdoc",
  "key": "ourdoc",
  "value": {
      "channels": [ (1)
          "short",
          "hoopy"
      ],
      "rev": "1-86effb929acbf953905dd0e3974f6051"
  }
}

      Related Content

      Learn more …​
      Reference material …​
      Community

      Mobile Forum | Blog | Blog (Mobile) | Tutorials

      Sync Function Blogs