[MB-7381] [2.0.1RN]REST API for flush requires admin credentials while it makes sense to allow it with bucket credentials Created: 07/Dec/12 Updated: 14/Jan/13 Resolved: 14/Jan/13 |
|
| Status: | Resolved |
| Project: | Couchbase Server |
| Component/s: | ns_server |
| Affects Version/s: | 2.0 |
| Fix Version/s: | 2.0.1 |
| Security Level: | Public |
| Type: | Bug | Priority: | Critical |
| Reporter: | Aleksey Kondratenko | Assignee: | Aliaksey Artamonau |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Flagged: |
Release Note
|
||||||||
| Description |
|
SUBJ.
Matt convinced me that indeed we did it wrong: <alkby> I believe 1.7 and 1.6 always demanded admin <alkby> and 1.8 too <ingenthr> that's a real problem from a client perspective, since someone using a client is just using a bucket <alkby> right but flush is a very destructive operation <ingenthr> if buckets are in fact about multitenancy, then the tenant should be able to throw away their contents <ingenthr> yep, I know. :) <alkby> for unit tests you set it up for bucket with admin credentials <alkby> well, tenant is good argument <ingenthr> this means it's not functionally equivalent to memcached flush though, and that was the whole point of <ingenthr> that we couldn't do memcached flush safely, so we'd replace it with RESTful flush <alkby> you're right <alkby> lets file a bug and address it asap. Thanks for raising this <ingenthr> but if restful flush is different semantically (you can flush this only with super creds) <ingenthr> okay, will do, thanks <alkby> I'll file bug |
| Comments |
| Comment by Farshid Ghods [ 10/Dec/12 ] |
| per bug scrub - deferring to 2.1 |
| Comment by Matt Ingenthron [ 10/Dec/12 ] |
| 2.1? So we'll leave this broken for the remainder of 2.0.x? There's no API breakage in fixing it in 2.0.x that I'm aware of. |
| Comment by Aleksey Kondratenko [ 10/Dec/12 ] |
| IMHO clearly not 2.0.1 but good fit for 2.0.2 |
| Comment by Matt Ingenthron [ 21/Dec/12 ] |
|
Note that there was a request around this area and a workaround mentioned for the Java client mentioned here:
http://www.couchbase.com/forums/thread/flush-gui-works-not-spy-memcached |
| Comment by Dipti Borkar [ 10/Jan/13 ] |
|
Karen, Note that we will need a documentation change for this bug in 2.0.1.
|
| Comment by Karen Zeller [ 11/Jan/13 ] |
| Nominating for 2.0.1 RN |
| Comment by Aleksey Kondratenko [ 14/Jan/13 ] |
| Dipti said it's a good to have for 2.0.1, please help me with backporting. |
| Comment by Aliaksey Artamonau [ 14/Jan/13 ] |
|
http://review.couchbase.org/23930 Merged to 2.0.1. |
| Comment by Karen Zeller [ 14/Jan/13 ] |
| Note: Add to 2.0.1 Release Notes |