[
https://issues.apache.org/jira/browse/COUCHDB-441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12738023#action_12738023
]
Jason Davies commented on COUCHDB-441:
--------------------------------------
Nice work Paul! One thing I noticed about your patch is that _update expects a
JSON body in the request. Can we remove this requirement and make it so the
function signature is simply (doc, req, userCtx)? In my oauth branch I've
modified couch_httpd_external.erl to always populate req.userCtx so the
function signature will be even shorter when this gets merged.
Then we can do fun things like handle XML bodies in the request.
> Finally implement pre-write-doc-edit handlers.
> ----------------------------------------------
>
> Key: COUCHDB-441
> URL: https://issues.apache.org/jira/browse/COUCHDB-441
> Project: CouchDB
> Issue Type: Improvement
> Components: HTTP Interface
> Affects Versions: 0.10
> Reporter: Curt Arnold
> Fix For: 0.10
>
> Attachments: COUCHDB-441.patch
>
>
> It would be useful for auditing to have the identity of the user who inserted
> a new revision and the timestamp of the operation to be inserted in the
> document in the same way that the new revision number is.
> Doing this at the application level is not adequate since it would be readily
> spoofable and would bypass the authentication handler.
> There is a comment in couch_db:update_docs about generating new revision ids,
> but I couldn't quite comprehend what specific code was responsible for
> inserting the id into the document.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
