Return-Path: 
 <user-return-20993-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-user-archive@www.apache.org
Delivered-To: apmail-couchdb-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id CD34CC8DF
	for <apmail-couchdb-user-archive@www.apache.org>;
 Mon, 28 May 2012 13:04:06 +0000 (UTC)
Received: (qmail 34926 invoked by uid 500); 28 May 2012 13:04:05 -0000
Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org
Received: (qmail 34885 invoked by uid 500); 28 May 2012 13:04:05 -0000
Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@couchdb.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@couchdb.apache.org>
List-Post: <mailto:user@couchdb.apache.org>
List-Id: <user.couchdb.apache.org>
Reply-To: user@couchdb.apache.org
Delivered-To: mailing list user@couchdb.apache.org
Received: (qmail 34877 invoked by uid 99); 28 May 2012 13:04:05 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 May 2012 13:04:05 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of bchesneau@gmail.com designates
 209.85.217.180 as permitted sender)
Received: from [209.85.217.180] (HELO mail-lb0-f180.google.com)
 (209.85.217.180)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 May 2012 13:03:57 +0000
Received: by lbbgh12 with SMTP id gh12so2443779lbb.11
        for <user@couchdb.apache.org>; Mon, 28 May 2012 06:03:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=EKPKKSpkW9084Rn6xuws5cT87sE1M6L/GSbD5V1owTg=;
        b=zR2QfyhyxIXOCKV1MfY3jWV05Z/L29YKnZ6LSCnqpPieG9QoHKgAQsYauB+rTDFlvx
         Dc9ISjtCQqoRTu4jkTIMPDmYIR18l7LdFGGvJoo46VQgLnFCs/MBwKInnkieS9ZzJ4q0
         Icb8mYgRwZwiLSWMTMPHptZutmsg8nESQ4s40pcer7rBYjnyA5uE4Uy2oYmmWxXY3jAG
         FwHYldeZtAhkf+VX8C+aVes2uq2OSft5XIwFoRlCP62PdkY+KBtQRZ+xLchWxifZNVH+
         b1P2ZpFCKnBj/8htbc/BsZdkGYlYiQ78OTUhbttsIVyOvKemY7RoFtImnxLzZbsWGKcL
         QtNQ==
MIME-Version: 1.0
Received: by 10.112.23.42 with SMTP id j10mr3624050lbf.20.1338210217207; Mon,
 28 May 2012 06:03:37 -0700 (PDT)
Received: by 10.112.28.196 with HTTP; Mon, 28 May 2012 06:03:37 -0700 (PDT)
In-Reply-To: 
 <CABvT1DFxOK=bJ8YJGJRq-jiY3ZMYgD21KfwwK6mqRSDHDkkppQ@mail.gmail.com>
References: 
 <CALp38EM8oUraQ3dP3QVynSOJwgK1wnGXJdYcMcHsNGywGe5i_Q@mail.gmail.com>
	<CABvT1DFxOK=bJ8YJGJRq-jiY3ZMYgD21KfwwK6mqRSDHDkkppQ@mail.gmail.com>
Date: Mon, 28 May 2012 15:03:37 +0200
Message-ID: 
 <CAJNb-9rzUzj6bMQkBQZLGswQPn=AXPgRz7ri45KdypJungk3Tw@mail.gmail.com>
Subject: Re: Request object in validate_doc_update
From: Benoit Chesneau <bchesneau@gmail.com>
To: user@couchdb.apache.org
Content-Type: text/plain; charset=ISO-8859-1

On Fri, May 25, 2012 at 1:49 PM, Robert Newson <rnewson@apache.org> wrote:
> I can't think of a solid objection to this idea. The result of a
> validate_doc_update can already vary based on the local security
> object. Being able to inspect not only the new document, but any other
> property of the request seems useful.
>

Imo any security things should be distinct from authorization. So
someone can also athenticate itself wh

We could eventually add some extra data like proposed in my previous
mail, but rather I think having a role given to a user depending on
its IP would work better. And most of systems are working like this
today anyway.

- benoit