Author: jchris Date: Thu Jan 7 19:42:51 2010 New Revision: 896982 URL: http://svn.apache.org/viewvc?rev=896982&view=rev Log: cleanup patch for merge to trunk Modified: couchdb/branches/account/share/www/script/couch_test_runner.js couchdb/branches/account/share/www/script/jquery.couch.js couchdb/branches/account/share/www/script/test/oauth.js couchdb/branches/account/share/www/script/test/users_db.js couchdb/branches/account/src/couchdb/couch_db.hrl couchdb/branches/account/src/couchdb/couch_httpd.erl couchdb/branches/account/src/couchdb/couch_httpd_auth.erl couchdb/branches/account/src/couchdb/couch_httpd_db.erl couchdb/branches/account/src/couchdb/couch_httpd_oauth.erl couchdb/branches/account/src/couchdb/couch_server.erl Modified: couchdb/branches/account/share/www/script/couch_test_runner.js URL: http://svn.apache.org/viewvc/couchdb/branches/account/share/www/script/couch_test_runner.js?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/share/www/script/couch_test_runner.js (original) +++ couchdb/branches/account/share/www/script/couch_test_runner.js Thu Jan 7 19:42:51 2010 @@ -164,10 +164,13 @@ }, "admins"); } }); - } else { - // not a logged in admin. + } else if (userCtx.roles.indexOf("_admin") != -1) { + // admin party! readyToRun = true; fun(); + } else { + // not an admin + alert("Error: You need to be an admin to run the tests."); }; } }); Modified: couchdb/branches/account/share/www/script/jquery.couch.js URL: http://svn.apache.org/viewvc/couchdb/branches/account/share/www/script/jquery.couch.js?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/share/www/script/jquery.couch.js [utf-8] (original) +++ couchdb/branches/account/share/www/script/jquery.couch.js [utf-8] Thu Jan 7 19:42:51 2010 @@ -136,7 +136,6 @@ }, logout: function(options) { options = options || {}; - // TODO this should also login as the logged-out guy using basic auth $.ajax({ type: "DELETE", url: "/_session", dataType: "json", username : "_", password : "_", Modified: couchdb/branches/account/share/www/script/test/oauth.js URL: http://svn.apache.org/viewvc/couchdb/branches/account/share/www/script/test/oauth.js?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/share/www/script/test/oauth.js (original) +++ couchdb/branches/account/share/www/script/test/oauth.js Thu Jan 7 19:42:51 2010 @@ -115,8 +115,6 @@ usersDb.createDb(); // Create a user - // T(CouchDB.createUser("jason", "testpassword", "test@somemail.com", ['test'], adminBasicAuthHeaderValue()).ok); - // Create a user var jasonUserDoc = CouchDB.prepareUserDoc({ username: "jason", roles: ["test"] Modified: couchdb/branches/account/share/www/script/test/users_db.js URL: http://svn.apache.org/viewvc/couchdb/branches/account/share/www/script/test/users_db.js?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/share/www/script/test/users_db.js (original) +++ couchdb/branches/account/share/www/script/test/users_db.js Thu Jan 7 19:42:51 2010 @@ -43,6 +43,7 @@ } }); T(s.name == "jchris@apache.org"); + T(s.user_doc._id == "org.couchdb.user:jchris@apache.org") T(s.info.authenticated == "{couch_httpd_auth, default_authentication_handler}"); T(s.info.user_db == "test_suite_users"); TEquals(["{couch_httpd_oauth, oauth_authentication_handler}", Modified: couchdb/branches/account/src/couchdb/couch_db.hrl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_db.hrl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_db.hrl (original) +++ couchdb/branches/account/src/couchdb/couch_db.hrl Thu Jan 7 19:42:51 2010 @@ -110,7 +110,8 @@ { name=null, roles=[], - handler + handler, + user_doc }). % This should be updated anytime a header change happens that requires more Modified: couchdb/branches/account/src/couchdb/couch_httpd.erl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_httpd.erl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_httpd.erl (original) +++ couchdb/branches/account/src/couchdb/couch_httpd.erl Thu Jan 7 19:42:51 2010 @@ -233,7 +233,7 @@ AuthFun = make_arity_1_fun(AuthSrc), R = case AuthFun(Req) of #httpd{user_ctx=#user_ctx{}=UserCtx}=Req2 -> - Req2#httpd{user_ctx=UserCtx#user_ctx{handler=AuthSrc}}; + Req2#httpd{user_ctx=UserCtx#user_ctx{handler=?l2b(AuthSrc)}}; Else -> Else end, authenticate_request(R, Rest); Modified: couchdb/branches/account/src/couchdb/couch_httpd_auth.erl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_httpd_auth.erl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_httpd_auth.erl (original) +++ couchdb/branches/account/src/couchdb/couch_httpd_auth.erl Thu Jan 7 19:42:51 2010 @@ -75,7 +75,8 @@ ExpectedHash when ExpectedHash == PasswordHash -> Req#httpd{user_ctx=#user_ctx{ name=?l2b(User), - roles=proplists:get_value(<<"roles">>, UserProps, []) + roles=proplists:get_value(<<"roles">>, UserProps, []), + user_doc={UserProps} }}; _Else -> throw({unauthorized, <<"Name or password is incorrect.">>}) @@ -114,8 +115,9 @@ UserProps when is_list(UserProps) -> DocRoles = proplists:get_value(<<"roles">>, UserProps), [{<<"roles">>, [<<"_admin">> | DocRoles]}, - {<<"salt">>, ?l2b(Salt)}, - {<<"password_sha">>, ?l2b(HashedPwd)}] + {<<"salt">>, ?l2b(Salt)}, + {<<"password_sha">>, ?l2b(HashedPwd)}, + {<<"user_doc">>, {UserProps}}] end; Else -> get_user_props_from_db(UserName) @@ -250,8 +252,8 @@ Secret = ?l2b(SecretStr), case get_user(?l2b(User)) of nil -> Req; - Result -> - UserSalt = proplists:get_value(<<"salt">>, Result, <<"">>), + UserProps -> + UserSalt = proplists:get_value(<<"salt">>, UserProps, <<"">>), FullSecret = <>, ExpectedHash = crypto:sha_mac(FullSecret, User ++ ":" ++ TimeStr), Hash = ?l2b(string:join(HashParts, ":")), @@ -264,7 +266,8 @@ ?LOG_DEBUG("Successful cookie auth as: ~p", [User]), Req#httpd{user_ctx=#user_ctx{ name=?l2b(User), - roles=proplists:get_value(<<"roles">>, Result, []) + roles=proplists:get_value(<<"roles">>, UserProps, []), + user_doc=proplists:get_value(<<"user_doc">>, UserProps, null) }, auth={FullSecret, TimeLeft < Timeout*0.9}}; _Else -> Req @@ -351,7 +354,8 @@ {[ {ok, true}, {name, proplists:get_value(<<"username">>, User, null)}, - {roles, proplists:get_value(<<"roles">>, User, [])} + {roles, proplists:get_value(<<"roles">>, User, [])}, + {user_doc, proplists:get_value(<<"user_doc">>, User, null)} ]}); _Else -> % clear the session @@ -375,7 +379,7 @@ {handlers, [?l2b(H) || H <- couch_httpd:make_fun_spec_strs( couch_config:get("httpd", "authentication_handlers"))]} ] ++ maybe_value(authenticated, UserCtx#user_ctx.handler)}} - ]}) + ] ++ maybe_value(user_doc, UserCtx#user_ctx.user_doc)}) end; % logout by deleting the session handle_session_req(#httpd{method='DELETE'}=Req) -> @@ -391,7 +395,7 @@ send_method_not_allowed(Req, "GET,HEAD,POST,DELETE"). maybe_value(Key, undefined) -> []; -maybe_value(Key, Else) -> [{Key, ?l2b(Else)}]. +maybe_value(Key, Else) -> [{Key, Else}]. to_int(Value) when is_binary(Value) -> to_int(?b2l(Value)); Modified: couchdb/branches/account/src/couchdb/couch_httpd_db.erl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_httpd_db.erl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_httpd_db.erl (original) +++ couchdb/branches/account/src/couchdb/couch_httpd_db.erl Thu Jan 7 19:42:51 2010 @@ -328,6 +328,7 @@ do_db_req(#httpd{user_ctx=UserCtx,path_parts=[DbName|_]}=Req, Fun) -> LDbName = ?b2l(DbName), + % I hope this lookup is cheap. case couch_config:get("couch_httpd_auth", "authentication_db") of LDbName -> % make sure user's db always has the auth ddoc Modified: couchdb/branches/account/src/couchdb/couch_httpd_oauth.erl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_httpd_oauth.erl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_httpd_oauth.erl (original) +++ couchdb/branches/account/src/couchdb/couch_httpd_oauth.erl Thu Jan 7 19:42:51 2010 @@ -36,7 +36,7 @@ % Look up the consumer key and get the roles to give the consumer set_user_ctx(Req, AccessToken) -> - % weird that this is in the config and not a db + % TODO move to db storage Name = case couch_config:get("oauth_token_users", AccessToken) of undefined -> throw({bad_request, unknown_oauth_token}); Value -> ?l2b(Value) Modified: couchdb/branches/account/src/couchdb/couch_server.erl URL: http://svn.apache.org/viewvc/couchdb/branches/account/src/couchdb/couch_server.erl?rev=896982&r1=896981&r2=896982&view=diff ============================================================================== --- couchdb/branches/account/src/couchdb/couch_server.erl (original) +++ couchdb/branches/account/src/couchdb/couch_server.erl Thu Jan 7 19:42:51 2010 @@ -79,7 +79,6 @@ ok end. -% move to auth? is_admin(User, ClearPwd) -> case couch_config:get("admins", User) of "-hashed-" ++ HashedPwdAndSalt ->