Because it just returns the results straight from Couchbase Server’s view engine, which ignores document ACLs. I have a branch of the Gateway that adds client support for queries, by interposing a filter that strips out results that come from docs the user doesn’t have access to, but it’s not been tested thoroughly yet.
I realise Couchbase just released new SDKs, but do they have any future plans to enhance the SDKs to work with Sync Gateway?
Good question; I don’t work on the SDKs, so you could try asking in those forums. The Gateway API is 90% identical to the CouchDB REST API, and there are CouchDB client libraries for most languages already.
I always thought one of the key selling points of CouchDB was its ability to define multiple masters and replicate between them, did this not carry over into Couchbase
The latter. The parts of CouchDB that were integrated into Couchbase Server 2 were the append-only B-tree storage format and the map/reduce view engine. The rest was stripped out, mostly because it wasn’t fast enough to keep up with the crazy speed at which Membase can create documents. So features like document revision histories and replication went away.
The intra-cluster communication in Couchbase Server comes straight out of the original memcached, with a lot of enhancements. Cross-data-center replication (XDCR) is a different protocol, but since docs have no revision histories it can’t work anything like CouchDB replication.
You can think of the Sync Gateway as adding CouchDB features back onto Couchbase Server. But it’s not fully integrated yet, so stuff like revision histories is added as ‘invisible’ data spliced into documents.