couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: Request object in validate_doc_update
Date Mon, 28 May 2012 13:03:37 GMT
On Fri, May 25, 2012 at 1:49 PM, Robert Newson <rnewson@apache.org> wrote:
> I can't think of a solid objection to this idea. The result of a
> validate_doc_update can already vary based on the local security
> object. Being able to inspect not only the new document, but any other
> property of the request seems useful.
>

Imo any security things should be distinct from authorization. So
someone can also athenticate itself wh

We could eventually add some extra data like proposed in my previous
mail, but rather I think having a role given to a user depending on
its IP would work better. And most of systems are working like this
today anyway.

- benoit

Mime
View raw message