EventStoreDB Ideas Portal
Ideas for improvements and new features in EventStoreDB, client libraries, and database extensions.
Ideas for improvements and new features in EventStoreDB, client libraries, and database extensions.
Currently, reads and subscriptions to $all require admin access, which isn't good for security.
Supporting auth for $all will have performance impact when ACLs are used, but in combination with policies it could be fast enoguh because policies, unless misused, should be small enought o keep them all in memory.
When admin reads and subscribes to $all, keep it as a shortcut without auth.
