Sure. For example I'm allowing my users to vote on certain "items" in my database. This will allow me to understand the amount of satisfaction of these items. I can easily validate and make sure each user is commenting only once, however, someone might simply create a new account and re-vote for that item. This defeats the purpose of the voting system. My solution would be to check based on the IP of the voter, no matter what user they're logged in with.
Does this make sense? Thanks. On Mon, May 28, 2012 at 3:50 PM, Robert Newson <[email protected]> wrote: > I fear I've derailed this thread, so let's shelve the [email protected] > idea for another time and thread. > > To address the original question; > > "I have a scenario where I'm building a CouchApp that needs to deny > certain behavior from happening based on the user's IP address. > Would it be good to consider this as a new feature to be implemented?" > > Being able to build richer applications within the 2-tier couchapp > model is a project goal so I'm generally for the proposal to expose > the req object in VDU (since you can access it in show and list and it > seems to break nothing). I suspect the full feature set required for > your application to not require a proxy or firewall has not been > spelled out in detail and, I further suspect, some of it will be > better done with a firewall. > > Could you expand on the 'certain behavior' that should be restricted > based on IP? A few examples would help. > > B. > > On 28 May 2012 14:38, Simon Metson <[email protected]> wrote: >> Hi, >> >> >> On Monday, 28 May 2012 at 14:12, Robert Newson wrote: >> >>> The other proposal might be to allow the granting of >>> rights by IP address, much as MySQL does. In fact, I believe this idea >>> is part of the Summit proposal to enhance our security model. I should >>> be able to grant _admin rights to a user if and only if they come from >>> 127.0.0.1, for example. >> >> We wrote something like this for our deployment at CERN. I thought it had >> been contributed back to the trunk, but maybe it got lost along the way. >> I'll see if I can find out the status of it. >> Cheers >> Simon
