This repository has been archived by the owner on Mar 31, 2021. It is now read-only.
Question: What about security of targeted databases? #28
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
If I'm understanding correctly, the ACLs setup for the DQL database (say Bob as Author) would then use "Bob" in the query to the targeted database. So, the results given are what "Bob" would be able to see in that target database.
If I make this query available to other users, will they also see what "Bob" would get from the query or what the end-user himself would be able to see from the target database.
This to me has been the fundamental flaw in keeping DQL from being truly useable at this stage in the game. I have not played with it enough to determine how I'd want to manage users of the Node app against their ACL rights in the targeted Domino DBs.
Perhaps I've missed something in more recent updates to DQL and it's been addressed?
The text was updated successfully, but these errors were encountered: