[ https://issues.apache.org/jira/browse/COUCHDB-441?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Curt Arnold reopened COUCHDB-441:
---------------------------------
Reopened the bug with a new title that focuses more on the use-case than the approach.
I guess I could see situations where you may not want to have that info inserted into the
documents, so it would need to be configurable.
Could be something similar to validate_doc_update (would likely need to occur before validate_doc_update)
but would have the ability to modify the document, would need to have access to the user_ctx
and maybe something equivalent for the server context.
> Mechanism for inserting user from user_ctx into documents on writes
> --------------------------------------------------------------------
>
> Key: COUCHDB-441
> URL: https://issues.apache.org/jira/browse/COUCHDB-441
> Project: CouchDB
> Issue Type: Improvement
> Components: Database Core
> Reporter: Curt Arnold
> Assignee: Paul Joseph Davis
> Fix For: 0.10
>
>
> It would be useful for auditing to have the identity of the user who inserted a new revision
and the timestamp of the operation to be inserted in the document in the same way that the
new revision number is.
> Doing this at the application level is not adequate since it would be readily spoofable
and would bypass the authentication handler.
> There is a comment in couch_db:update_docs about generating new revision ids, but I couldn't
quite comprehend what specific code was responsible for inserting the id into the document.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
|