Setting Permissions on Arrays
Permissions apply to an entire array, not to individual elements in an array. However, it is possible to set permissions on fields within documents or maps that are stored in an array.
For example, granting a user read permission on array a[]
in this document
permits the user to read all of the elements in the array. It is not possible to grant read
permission on, say, a[1]
.
{"a" : [ "b", 1, "c", 2 ] }
However, suppose you have the following array of documents:
{
"a" : [
"{'name':{'last':'Smith'; 'first':'John'}}",
"{'name':{'last':'Subramanium'; 'first':'Ananya'}}"
]
}
If you grant a user read permission on array a[]
, that user can read every
field in every document within the array.
- Deny the user read permission on array
a[]
. - Grant the user traverse permission on array
a[]
. - Grant the user read permission on the specific fields. For example, you might grant
the user read permission only on the first names in the documents by granting this
permission on
a[].name.first
.