From b1fea3c51e265b48c30eb18aa75c09981c29219a Mon Sep 17 00:00:00 2001
From: David Schwartz <davidjoelschwartz@gmail.com>
Date: Thu, 6 Mar 2014 12:56:08 -0800
Subject: [PATCH] Disable retrieving full state trees for non-admins.

---
 src/ripple_app/rpc/RPCHandler.cpp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/ripple_app/rpc/RPCHandler.cpp b/src/ripple_app/rpc/RPCHandler.cpp
index fcd18c808..19256d435 100644
--- a/src/ripple_app/rpc/RPCHandler.cpp
+++ b/src/ripple_app/rpc/RPCHandler.cpp
@@ -2302,8 +2302,16 @@ Json::Value RPCHandler::doLedger (Json::Value params, Resource::Charge& loadType
                               | (bTransactions ? LEDGER_JSON_DUMP_TXRP : 0)
                               | (bAccounts ? LEDGER_JSON_DUMP_STATE : 0);
 
-    if (bFull || bAccounts | bExpand)
+    if (bFull || bAccounts)
     {
+
+        if (mRole != Config::ADMIN)
+        {
+            // Until some sane way to get full ledgers has been implemented, disallow
+            // retrieving all state nodes
+            return rpcError (rpcNO_PERMISSION);
+        }
+
         if (getApp().getFeeTrack().isLoadedLocal() && (mRole != Config::ADMIN))
         {
             WriteLog (lsDEBUG, Peer) << "Too busy to give full ledger";