How to validate user's channel in arrays that is not operator

Mobile Sync Gateway
1

my sample document like this:

{
    "type": "group",
    "members": [
        "user2",
        "user3",
        "user4"
    ],
    "owner": "user1"
}

I want to control as following:

  1. only doc.owner can modify doc.members property;
  2. that every modified user in the doc.members mush has a channel named friends-of-user1
    notice: I have assign suitable user to friends-of-user1 channel before I modify the document.

for the first condition, I can use requireUser(doc.owner) to control;
but for the second condition,how should I validate user’s channel? or any other suggestion for control users in the arrays that should have some channel?

2

The Sync Function doesn’t have an API to check that a given user has access to a channel. The closest to it is requireAccess(channel(s)) but that checks against the user persisting the document only.

You could have a server side script that checks that a particular user has access to the channel(s) using the /{db}/_user/{name} endpoint. It could be done using webhooks or the changes feed so that if a user shouldn’t be in the members array the script can create a new revision of the document without it.