Forbid access to _local_docs for non-system dbs COUCHDB-1145

commit: 9e249858b4c942d841faa75953e549fcd044b33d [log] [tgz]
author: ILYA Khlopotov <iilyak@ca.ibm.com> Wed Dec 31 11:32:58 2014 -0800
committer: ILYA Khlopotov <iilyak@ca.ibm.com> Wed Dec 31 11:33:17 2014 -0800
tree: 3853dae20c0028656bdc8c33eb20e5c46e9f9fde
parent: 0828a39c3ae408baf01c0afd57bd1c510735c2e5 [diff]
diff --git a/src/couch_mrview_http.erl b/src/couch_mrview_http.erl
index 75e2c54..dc50f59 100644
--- a/src/couch_mrview_http.erl
+++ b/src/couch_mrview_http.erl

@@ -180,7 +180,7 @@
     all_docs_req(Req, Db, Keys, undefined).
 
 all_docs_req(Req, Db, Keys, NS) ->
-    case couch_db:is_system_db(Db) of
+    case is_restricted(Db, NS) of
     true ->
         case (catch couch_db:check_is_admin(Db)) of
         ok ->
@@ -200,6 +200,11 @@
         do_all_docs_req(Req, Db, Keys, NS)
     end.
 
+is_restricted(_Db, <<"_local">>) ->
+    true;
+is_restricted(Db, _) ->
+    couch_db:is_system_db(Db).
+
 is_public_fields_configured(Db) ->
     DbName = ?b2l(Db#db.name),
     case config:get("couch_httpd_auth",
commit	9e249858b4c942d841faa75953e549fcd044b33d	[log] [tgz]
author	ILYA Khlopotov <iilyak@ca.ibm.com>	Wed Dec 31 11:32:58 2014 -0800
committer	ILYA Khlopotov <iilyak@ca.ibm.com>	Wed Dec 31 11:33:17 2014 -0800
tree	3853dae20c0028656bdc8c33eb20e5c46e9f9fde
parent	0828a39c3ae408baf01c0afd57bd1c510735c2e5 [diff]