jhs/admin.diff

## admin.diff
commit 08b26333c44f9a86a8d9b87f4a1e6d51e9ac624c
Author: Jason Smith <jhs@iriscouch.com>
Date:   Wed May 18 08:08:36 2011 +0700

    A configuration option httpd.cors_admin to allow _admin over CORS

diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index db6809b..3193855 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -528,7 +528,14 @@ verify_is_server_admin(#httpd{user_ctx=UserCtx}=Req) ->
             % Normal verification for non-CORS request.
             verify_is_server_admin(UserCtx);
         _ ->
-            throw({unauthorized, <<"Cross-origin admin is not allowed.">>})
+            case couch_config:get("httpd", "cors_admin", "false") of
+                "true" ->
+                    % Allow admin over CORS.
+                    verify_is_server_admin(UserCtx);
+                _False ->
+                    throw({unauthorized,
+                           <<"Cross-origin admin is not allowed.">>})
+            end
     end;

 verify_is_server_admin(#user_ctx{roles=Roles}) ->
	commit 08b26333c44f9a86a8d9b87f4a1e6d51e9ac624c
	Author: Jason Smith <jhs@iriscouch.com>
	Date: Wed May 18 08:08:36 2011 +0700

	A configuration option httpd.cors_admin to allow _admin over CORS

	diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
	index db6809b..3193855 100644
	--- a/src/couchdb/couch_httpd.erl
	+++ b/src/couchdb/couch_httpd.erl
	@@ -528,7 +528,14 @@ verify_is_server_admin(#httpd{user_ctx=UserCtx}=Req) ->
	% Normal verification for non-CORS request.
	verify_is_server_admin(UserCtx);
	_ ->
	- throw({unauthorized, <<"Cross-origin admin is not allowed.">>})
	+ case couch_config:get("httpd", "cors_admin", "false") of
	+ "true" ->
	+ % Allow admin over CORS.
	+ verify_is_server_admin(UserCtx);
	+ _False ->
	+ throw({unauthorized,
	+ <<"Cross-origin admin is not allowed.">>})
	+ end
	end;

	verify_is_server_admin(#user_ctx{roles=Roles}) ->