[
https://issues.apache.org/jira/browse/COUCHDB-576?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13466916#comment-13466916
]
Benoit Chesneau commented on COUCHDB-576:
-----------------------------------------
this has no sense . Somehow like the stupid thing we do to accept JSON only if
we pass the accept header in some parts of our api. We make our api hard to use
for any client because of such things. If someone is enough relax to delete
any content without checking the resource to delete we can't do anything for
him.
However other databases system are suppose to have real admins and consider
that only admins or superuser can delete a database. Imo this is the way to go:
force the use of couchdb with an admin and only allow admins to delete dbs. The
last one is already the case, but our defaults make any user an admin so ...
> Require current update_seq when deleting a database for extra safety.
> ---------------------------------------------------------------------
>
> Key: COUCHDB-576
> URL: https://issues.apache.org/jira/browse/COUCHDB-576
> Project: CouchDB
> Issue Type: Improvement
> Components: Database Core
> Reporter: Robert Newson
> Assignee: Benoit Chesneau
> Attachments: delete-db-safety-with-tests.patch
>
>
> Require the current update_seq before deleting a database to prevent
> accidental deletion.
> DELETE /db2?seq=12
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
