From commits-return-4670-apmail-couchdb-commits-archive=couchdb.apache.org@couchdb.apache.org Thu Jul 08 19:48:05 2010 Return-Path: Delivered-To: apmail-couchdb-commits-archive@www.apache.org Received: (qmail 39694 invoked from network); 8 Jul 2010 19:48:05 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 8 Jul 2010 19:48:05 -0000 Received: (qmail 20404 invoked by uid 500); 8 Jul 2010 19:48:04 -0000 Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org Received: (qmail 20310 invoked by uid 500); 8 Jul 2010 19:48:04 -0000 Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list commits@couchdb.apache.org Received: (qmail 20303 invoked by uid 99); 8 Jul 2010 19:48:04 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jul 2010 19:48:04 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jul 2010 19:48:01 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id B14112388A2C; Thu, 8 Jul 2010 19:47:08 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r961904 - /couchdb/trunk/src/couchdb/couch_httpd_db.erl Date: Thu, 08 Jul 2010 19:47:08 -0000 To: commits@couchdb.apache.org From: jchris@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20100708194708.B14112388A2C@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: jchris Date: Thu Jul 8 19:47:08 2010 New Revision: 961904 URL: http://svn.apache.org/viewvc?rev=961904&view=rev Log: validate admin and content type for compact requests Modified: couchdb/trunk/src/couchdb/couch_httpd_db.erl Modified: couchdb/trunk/src/couchdb/couch_httpd_db.erl URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd_db.erl?rev=961904&r1=961903&r2=961904&view=diff ============================================================================== --- couchdb/trunk/src/couchdb/couch_httpd_db.erl (original) +++ couchdb/trunk/src/couchdb/couch_httpd_db.erl Thu Jul 8 19:47:08 2010 @@ -111,12 +111,15 @@ handle_changes_req(#httpd{method='GET'}= handle_changes_req(#httpd{path_parts=[_,<<"_changes">>]}=Req, _Db) -> send_method_not_allowed(Req, "GET,HEAD"). -handle_compact_req(#httpd{method='POST',path_parts=[DbName,_,Id|_]}=Req, _Db) -> +handle_compact_req(#httpd{method='POST',path_parts=[DbName,_,Id|_]}=Req, Db) -> + ok = couch_db:check_is_admin(Db), couch_httpd:validate_ctype(Req, "application/json"), ok = couch_view_compactor:start_compact(DbName, Id), send_json(Req, 202, {[{ok, true}]}); handle_compact_req(#httpd{method='POST'}=Req, Db) -> + ok = couch_db:check_is_admin(Db), + couch_httpd:validate_ctype(Req, "application/json"), ok = couch_db:start_compact(Db), send_json(Req, 202, {[{ok, true}]}); @@ -125,6 +128,8 @@ handle_compact_req(Req, _Db) -> handle_view_cleanup_req(#httpd{method='POST'}=Req, Db) -> % delete unreferenced index files + ok = couch_db:check_is_admin(Db), + couch_httpd:validate_ctype(Req, "application/json"), ok = couch_view:cleanup_index_files(Db), send_json(Req, 202, {[{ok, true}]});