diff options
author | Eric Avdey <eiri@eiri.ca> | 2018-10-11 16:00:59 -0300 |
---|---|---|
committer | Eric Avdey <eiri@eiri.ca> | 2018-10-11 16:00:59 -0300 |
commit | ec7ec28164dd62130aa475c7edae7241a48af164 (patch) | |
tree | a9cf7391128da27ced3a489ebc9076e888a3d074 | |
parent | 9675616d432b4553ebc5f77267ec05b71e05495b (diff) | |
download | couchdb-ec7ec28164dd62130aa475c7edae7241a48af164.tar.gz |
Restrict access to _active_tasks to server admin
-rw-r--r-- | src/chttpd/src/chttpd_misc.erl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/chttpd/src/chttpd_misc.erl b/src/chttpd/src/chttpd_misc.erl index c72ef7cd4..7b417b442 100644 --- a/src/chttpd/src/chttpd_misc.erl +++ b/src/chttpd/src/chttpd_misc.erl @@ -178,6 +178,7 @@ handle_dbs_info_req(Req) -> send_method_not_allowed(Req, "POST"). handle_task_status_req(#httpd{method='GET'}=Req) -> + ok = chttpd:verify_is_server_admin(Req), {Replies, _BadNodes} = gen_server:multi_call(couch_task_status, all), Response = lists:flatmap(fun({Node, Tasks}) -> [{[{node,Node} | Task]} || Task <- Tasks] |