rnewson commented on issue #475: COUCHDB-3367: Require server admin user for db/_compact and db/_view_cleanup endpoints URL: https://github.com/apache/couchdb/pull/475#issuecomment-312955101 Ah true enough. My change might not be sufficient but it does show you the right path/module. Sent from my iPhone > On 4 Jul 2017, at 21:50, Frederick K?mpfer <[email protected]> wrote: > > Thanks for the comments! I have updated the PR according to @rnewson's request. > > If I understand correctly, this change now limits _compact to server admins, and disallows it for db admins (contrary to 1.6.1, see the lengthy discussion above). To do this right, something like db_authorization_check_admin could be implemented in chttpd_auth_request.erl. But I don't know if this feature would even be useful - I certainly don't need it and I'm happy with this smaller change going into 2.1. > > ? > You are receiving this because you were mentioned. > Reply to this email directly, view it on GitHub, or mute the thread. > ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
With regards, Apache Git Services
