I fear I've derailed this thread, so let's shelve the [email protected] idea for another time and thread.
To address the original question; "I have a scenario where I'm building a CouchApp that needs to deny certain behavior from happening based on the user's IP address. Would it be good to consider this as a new feature to be implemented?" Being able to build richer applications within the 2-tier couchapp model is a project goal so I'm generally for the proposal to expose the req object in VDU (since you can access it in show and list and it seems to break nothing). I suspect the full feature set required for your application to not require a proxy or firewall has not been spelled out in detail and, I further suspect, some of it will be better done with a firewall. Could you expand on the 'certain behavior' that should be restricted based on IP? A few examples would help. B. On 28 May 2012 14:38, Simon Metson <[email protected]> wrote: > Hi, > > > On Monday, 28 May 2012 at 14:12, Robert Newson wrote: > >> The other proposal might be to allow the granting of >> rights by IP address, much as MySQL does. In fact, I believe this idea >> is part of the Summit proposal to enhance our security model. I should >> be able to grant _admin rights to a user if and only if they come from >> 127.0.0.1, for example. > > We wrote something like this for our deployment at CERN. I thought it had > been contributed back to the trunk, but maybe it got lost along the way. I'll > see if I can find out the status of it. > Cheers > Simon
