A newer version of this documentation is available.

View Latest

requireAccess()

      +

      Enabling Sync Gateway data access

      Related Topics:    access()   |   channel()   |   expiry()   |   requireAccess()   |   requireAdmin()   |   requireRole()   |   requireUser()   |   role()   |   throw()

      Function

      requireAccess(channels)

      Purpose

      Use the requireAccess() function to reject document updates that are not made by the a user with access to at least one of the given channels, as shown in Example 1

      Arguments

      Argument Description

      channels

      Must be a string identifying a channel name, or an array of strings to specify multiple channel names (for example: (['channel1', 'channel2']); the function is applied to each element in the array.

      If the value resolves to null the function result is a no-op.

      Context

      The function signals rejection by throwing an exception, so the rest of the sync function will not be run.

      Note that requireAccess() will only recognize grants made explicitly using a channel name (not by a wildcard).

      So, if a user was granted access using only the all channels wildcard] (*), then requireAccess('anychannelname')' will fail because the user wasn’t granted access to that channel (only to the * channel).

      Use

      Example 1. requireAccess(channels)
      requireAccess("events"); (1)
      
      if (oldDoc) {
          requireAccess(oldDoc.channels); (2)
      }
      1 Throw an exception unless the user has access to read the "events" channel:
      2 Throw an exception unless the user can read one of the channels in the previous revision’s channels property: