Querying directly to Server Documents

Hi, I’m trying to just do a query in the server and return the document if it is existing. The thing is CRUD operations are only limited locally, I will have to replicate all the documents from the server. The problem with this is what if I only want to check if the user registered from other devices is existing?

One of my first solution is to use the Couchbase Admin REST API, Im using GET request to return all the docs in that specific database and scan the returned JSON output of it. I have to loop through all that documents and break if that user is existing, is there any way to do this? A more sufficient way. Thank you

The thing is CRUD operations are only limited locally

They’re not. The Sync Gateway REST API is available to client apps. Of course, the requests to it have to be authenticated, and will only return documents that the user is allowed to access.

The admin REST API is not available, because it basically provides superuser access. You never want that to be reachable from the outside.

Im using GET request to return all the docs in that specific database and scan the returned JSON output of it.

Ow, don’t do that, it’ll be way too slow. Just GET the specific document you want.

Thank you for pointing this out. Can you recommend documentation of CRUD operations through Sync Gateway REST API in android?

The REST API documentation is here. REST APIs are platform agnostic, so you just need to use whatever classes you normally use in Android to make HTTP requests and parse the results.

Thank you very helpful, I also found a unofficial documentation here that extends the reference guides in your given documentation. Given this simple document query http://node:4984/mydb/{doc id here} where can i put the WHERE clause, example name=“somename”. Is it possible?

If you must run that kind of query then you’d probably be much better off implementing a web service that talks to Couchbase Server in your cloud and executes N1QL queries against it. Sync Gateway does not have any on-demand query capabilities. Usually if you are looking for “a certain user” though, then you should attempt to put enough information into the document ID that you can just check to see if that ID exists or not.

I’ve heard this ask from people but more they want internal application ,behind the firewall, to be able to do PREPARED STATEMENT N1QL queries through SG. The Idea is that they want internal apps to be able to run reports or ask N1QL question but do not want to create the REST endpoint + security themselves via Couchbase SDKs.

No. The REST API does not provide queries. The command you showed will just get a document given its ID.

One way to handle this without queries is to give user documents distinctive IDs, for example “user_newbee”. Then you can find whether a user document exists simply by looking up its ID.

Even so — do you really want these user documents to be publicly readable by anyone? That sounds like it could be a security or privacy problem.

The problem is enforcing access control. It’s difficult to filter the result set to include only data from documents that the user is allowed to see.

Also, letting remote clients run arbitrary queries on the server makes it easy for someone malicious to perform DoS attacks by flooding the server with very expensive queries.