Merged revision 1095649 from trunk

By default, allow only admins to trigger delegated replications git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.1.x@1095650 13f79535-47bb-0310-9956-ffa450edef68
author: Filipe David Borba Manana <fdmanana@apache.org> 2011-04-21 10:48:50 +0000
committer: Filipe David Borba Manana <fdmanana@apache.org> 2011-04-21 10:48:50 +0000
commit: 55aa33cb2cb6634c49812ce7c51171c8c45fbe2a (patch)
tree: 024e3415ca05610822a01e970e3d1a656dec63eb /src
parent: 86e5f81bdef5a623d82c9e07598a6ae37843a295 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/couchdb/couch_js_functions.hrl b/src/couchdb/couch_js_functions.hrl
index 6c2ad8df..0cc49d62 100644
--- a/src/couchdb/couch_js_functions.hrl
+++ b/src/couchdb/couch_js_functions.hrl
@@ -138,6 +138,8 @@
         }
 
         var isReplicator = (userCtx.roles.indexOf('_replicator') >= 0);
+        var isAdmin = (userCtx.roles.indexOf('_admin') >= 0);
+
         if (oldDoc && !newDoc._deleted && !isReplicator) {
             reportError('Only the replicator can edit replication documents.');
         }
@@ -178,6 +180,12 @@
             }
 
             if (newDoc.user_ctx) {
+                if (!isAdmin) {
+                    reportError('Delegated replications (use of the ' +
+                        '`user_ctx\\' property) can only be triggered by ' +
+                        'administrators.');
+                }
+
                 var user_ctx = newDoc.user_ctx;
 
                 if ((typeof user_ctx !== 'object') || (user_ctx === null)) {
author	Filipe David Borba Manana <fdmanana@apache.org>	2011-04-21 10:48:50 +0000
committer	Filipe David Borba Manana <fdmanana@apache.org>	2011-04-21 10:48:50 +0000
commit	55aa33cb2cb6634c49812ce7c51171c8c45fbe2a (patch)
tree	024e3415ca05610822a01e970e3d1a656dec63eb /src
parent	86e5f81bdef5a623d82c9e07598a6ae37843a295 (diff)