It would be nice if the auth system supported both full-access users and read-only accounts. Even better if you can support requiring auth only for modification and not for queries, eval, group, etc. There would need to be some way to prevent modification even in server-side JS code.

I'm working on an internal web front-end to query the db and it would be great if users could safely write their own group-by queries when the provided aggregators prove insufficient. If I allow that now there is a risk that they could destroy data.