Author: fdmanana
Date: Thu Apr 21 10:48:50 2011
New Revision: 1095650
URL: http://svn.apache.org/viewvc?rev=1095650&view=rev
Log:
Merged revision 1095649 from trunk
By default, allow only admins to trigger delegated replications
Modified:
couchdb/branches/1.1.x/src/couchdb/couch_js_functions.hrl
Modified: couchdb/branches/1.1.x/src/couchdb/couch_js_functions.hrl
URL:
http://svn.apache.org/viewvc/couchdb/branches/1.1.x/src/couchdb/couch_js_functions.hrl?rev=1095650&r1=1095649&r2=1095650&view=diff
==============================================================================
--- couchdb/branches/1.1.x/src/couchdb/couch_js_functions.hrl (original)
+++ couchdb/branches/1.1.x/src/couchdb/couch_js_functions.hrl Thu Apr 21
10:48:50 2011
@@ -138,6 +138,8 @@
}
var isReplicator = (userCtx.roles.indexOf('_replicator') >= 0);
+ var isAdmin = (userCtx.roles.indexOf('_admin') >= 0);
+
if (oldDoc && !newDoc._deleted && !isReplicator) {
reportError('Only the replicator can edit replication documents.');
}
@@ -178,6 +180,12 @@
}
if (newDoc.user_ctx) {
+ if (!isAdmin) {
+ reportError('Delegated replications (use of the ' +
+ '`user_ctx\\' property) can only be triggered by ' +
+ 'administrators.');
+ }
+
var user_ctx = newDoc.user_ctx;
if ((typeof user_ctx !== 'object') || (user_ctx === null)) {
