Hacker News new | comments | show | ask | jobs | submit login

From the doc: "Currently the client is given full write access to the collection. They can execute arbitrary Mongo update commands. Once we build authentication, you will be able to limit the client's direct access to insert, update, and remove. We are also considering validators and other ORM-like functionality."

Yeah, I read that too. :) It doesn't really address my questions about how they'll pull that off.

I would assume their client DB stubs invoke server RPCs. A few server hooks for your webapp would solve that.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact