Prev Next

Database / CouchDB Interview Questions

How do you implement document-level security in CouchDB using validate_doc_update functions?

The validate_doc_update (VDU) function is a JavaScript function stored in a design document that CouchDB calls before every document write to that database. If the function throws an error, the write is rejected with the specified HTTP status and message. This is the primary mechanism for enforcing document-level business rules and security policies.

// In _design/security:
{
  "validate_doc_update": "function(newDoc, oldDoc, userCtx, secObj) {
    // Reject if not logged in
    if (!userCtx.name) {
      throw({ unauthorized: 'You must be logged in to write documents.' });
    }
    // Enforce required fields
    if (!newDoc.type) {
      throw({ forbidden: 'Documents must have a type field.' });
    }
    // Prevent changing the owner field after creation
    if (oldDoc && oldDoc.owner !== newDoc.owner) {
      throw({ forbidden: 'Cannot change document owner.' });
    }
    // Only admins can set status to archived
    if (newDoc.status === 'archived' && userCtx.roles.indexOf('_admin') === -1) {
      throw({ forbidden: 'Only admins can archive documents.' });
    }
  }"
}

The function receives four arguments:

  • newDoc — the document being written (the new version).
  • oldDoc — the existing document (null if this is a new document creation).
  • userCtx — the user context: { name, roles, db }. Roles include _admin for server admins and _reader, _writer, or custom roles from the user's profile.
  • secObj — the database's _security object.

Throw { unauthorized: "message" } to return HTTP 401 (authentication required). Throw { forbidden: "message" } to return HTTP 403 (permission denied). Any other JavaScript throw returns HTTP 500.

What HTTP status code does CouchDB return when a validate_doc_update function throws { forbidden: "..." }?
What is the value of oldDoc in a validate_doc_update function when a brand-new document is being created?

Invest now in Acorns!!! 🚀 Join Acorns and get your $5 bonus!

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Earn passively and while sleeping

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

What is Apache CouchDB and what makes it different from relational databases? What data model does CouchDB use and how is a document structured? What is the CouchDB HTTP REST API and how do you perform basic CRUD operations? What is MVCC (Multi-Version Concurrency Control) in CouchDB and how does it handle write conflicts? What is the _rev field in CouchDB and why is it required for updates and deletes? What is the CouchDB storage engine (B-tree) and how does its append-only write work? What is database compaction in CouchDB and when should you run it? What are CouchDB attachments and when would you use them? What is the difference between CouchDB and Couchbase? What are the CAP theorem trade-offs for CouchDB — is it CP or AP? What are CouchDB design documents and what do they contain? What are MapReduce views in CouchDB and how do you define a map function? How does the reduce function work in CouchDB views and what are the built-in reduce functions? What are view indexes in CouchDB and how are they built and updated, including stale options? What is the Mango query language in CouchDB and how does it differ from MapReduce views? How do you create and use a Mango index in CouchDB (json and text indexes)? What are the query operators available in the Mango selector syntax? What is the _all_docs endpoint in CouchDB and how does it differ from a custom view? How do you paginate results in CouchDB views using startkey, endkey, and skip/limit? What is a list function in CouchDB and when would you use it? How does CouchDB replication work and what is the replication protocol? What is the difference between one-shot and continuous replication in CouchDB? What is filtered replication in CouchDB and how do you implement it? What is CouchDB Cluster mode (CouchDB 2.x+) and how does it differ from single-node CouchDB 1.x? How does CouchDB cluster sharding work — what are the Q, n, r, and w parameters? What is the _node and _cluster_setup API used for in CouchDB clustering? How does CouchDB handle replication conflicts and what strategies exist to resolve them? What is the CouchDB winning revision algorithm for conflict resolution? What is PouchDB and how does it enable offline-first applications with CouchDB sync? What is Couchbase Sync Gateway and how does it relate to CouchDB's replication model? How does CouchDB implement authentication — cookie auth, JWT, and proxy auth? What is CouchDB's permission model — admin party, database admins, and database readers? How do you implement document-level security in CouchDB using validate_doc_update functions? What is a CouchDB _security object and how do you configure roles and members? How do you enable SSL/TLS in CouchDB and what configuration is required? How do you monitor CouchDB performance using the _stats and _active_tasks endpoints? What are the key CouchDB configuration parameters to tune for production (max_dbs_open, os_process_limit, etc.)? How does CouchDB handle large document sets — what are the performance trade-offs of large vs many small documents? What is the CouchDB _changes feed and how do you use it for real-time event streaming? What are CouchDB update handlers and how do they differ from direct PUT operations? What are CouchDB show functions and when were they deprecated? How do you back up and restore a CouchDB database? How does CouchDB compare to MongoDB for document storage use cases? What are common CouchDB anti-patterns and how do you avoid them? How do you migrate data between CouchDB versions or instances?
Show more question and Answers...

MuleESB

Comments & Discussions

Interviews Questions

About Javapedia.net

Javapedia.net is for Java and J2EE developers, technologist and college students who prepare of interview. Also this site includes many practical examples.

This site is developed using J2EE technologies by Steve Antony, a senior Developer/lead at one of the logistics based company.

contact: javatutorials2016[at]gmail[dot]com

Kindly consider donating for maintaining this website. Thanks.

Copyright © 2026, javapedia.net, all rights reserved. privacy policy.

DMCA.com Protection Status