Enabling Sync Gateway data access

    Related Topics:    access()   |   channel()   |   expiry()   |   requireAccess()   |   requireAdmin()   |   requireRole()   |   requireUser()   |   role()   |   throw()




    Use the requireAccess() function to reject document updates that are not made by the a user with access to at least one of the given channels, as shown in Example 1


    Argument Description


    Must be a string identifying a channel name, or an array of strings to specify multiple channel names (for example: (['channel1', 'channel2']); the function is applied to each element in the array.

    If the value resolves to null the function result is a no-op.


    The function signals rejection by throwing an exception, so the rest of the sync function will not be run.

    Note that requireAccess() will only recognize grants made explicitly using a channel name (not by a wildcard).

    So, if a user was granted access using only the all channels wildcard] (*), then requireAccess('anychannelname')' will fail because the user wasn’t granted access to that channel (only to the * channel).


    Example 1. requireAccess(channels)
    requireAccess("events"); (1)
    if (oldDoc) {
        requireAccess(oldDoc.channels); (2)
    1 Throw an exception unless the user has access to read the "events" channel:
    2 Throw an exception unless the user can read one of the channels in the previous revision’s channels property: