From 438c3ab0dd8e2d1e7c2b82f6c2e068466e67f821 Mon Sep 17 00:00:00 2001
From: Russell Branca <chewbranca@apache.org>
Date: Thu, 9 Nov 2017 19:35:59 +0000
Subject: Look for forbidden and unauthorized in is_admin

In https://github.com/apache/couchdb-couch/pull/29/files the possible
security errors went from only "unauthorized" to "unauthorized" and
"forbidden", but the corresponding check for both was not done in
couch_mrview_http. This addresses that problem and fixes #974.
---
 src/couch_mrview/src/couch_mrview_http.erl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/couch_mrview/src/couch_mrview_http.erl b/src/couch_mrview/src/couch_mrview_http.erl
index 7b92034a9..9e23cbd9b 100644
--- a/src/couch_mrview/src/couch_mrview_http.erl
+++ b/src/couch_mrview/src/couch_mrview_http.erl
@@ -158,6 +158,8 @@ is_admin(Db) ->
     case catch couch_db:check_is_admin(Db) of
     {unauthorized, _} ->
         false;
+    {forbidden, _} ->
+        false;
     ok ->
         true
     end.
-- 
cgit v1.2.1