I am looking for advice on how to correctly delete (tombstone) a document, which is also used to grant channel access.
Here’s what I am seeing:
- CB Lite creates a document and pushes it
- my sync function does essentially 2 things:
- assign the document to a new channel, which is derived from the doc ID: channel(chnBasedOnDocId)
- grant access to the new channel: access(“role:X”, chnBasedOnDocId)
so far so good, all users of that role now have access to the document.
Later I’m deleting the document. My sync function assigns the tombstone to the same channel as before.
But now the tombstone won’t replicate to the users. Their CB Lite instances continue to have the last (pre-tombstone) revision of the document.
I think, the doc deletion has the effect of removing channel access from the role, and therefore subsequent pull replications by other users won’t see the tombstone. Does that sound right ?
How do you suggest I solve this ? I am considering to assign all deletions to a global channel that all users have access to. But is that secure and scalable ? Or is there a better solution ?