couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject [5/11] git commit: Fix admin users creation and user password change in futon.
Date Tue, 03 Jan 2012 19:33:21 GMT
Fix admin users creation and user password change in futon.

main patch from jan, reviewed & updated by me.


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/6d6400c3
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/6d6400c3
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/6d6400c3

Branch: refs/heads/1.2.x
Commit: 6d6400c37dad2fffdc28939eef1c03af953fd949
Parents: 4cf699d
Author: benoitc <bchesneau@gmail.com>
Authored: Sat Dec 3 06:13:34 2011 +0100
Committer: Jan Lehnardt <jan@apache.org>
Committed: Tue Jan 3 19:23:59 2012 +0100

----------------------------------------------------------------------
 share/www/script/couch.js             |   16 ------
 share/www/script/couch_test_runner.js |   17 +++++++
 share/www/script/futon.js             |   73 +++++++++++++++++----------
 share/www/script/jquery.couch.js      |   32 ++----------
 src/couchdb/couch_users_db.erl        |    4 +-
 5 files changed, 72 insertions(+), 70 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/6d6400c3/share/www/script/couch.js
----------------------------------------------------------------------
diff --git a/share/www/script/couch.js b/share/www/script/couch.js
index 2ee5cbf..fdb2964 100644
--- a/share/www/script/couch.js
+++ b/share/www/script/couch.js
@@ -335,22 +335,6 @@ CouchDB.session = function(options) {
   return JSON.parse(CouchDB.last_req.responseText);
 };
 
-CouchDB.user_prefix = "org.couchdb.user:";
-
-CouchDB.prepareUserDoc = function(user_doc, new_password) {
-  user_doc._id = user_doc._id || CouchDB.user_prefix + user_doc.name;
-  if (new_password) {
-    // handle the password crypto
-    user_doc.salt = CouchDB.newUuids(1)[0];
-    user_doc.password_sha = hex_sha1(new_password + user_doc.salt);
-  }
-  user_doc.type = "user";
-  if (!user_doc.roles) {
-    user_doc.roles = [];
-  }
-  return user_doc;
-};
-
 CouchDB.allDbs = function() {
   CouchDB.last_req = CouchDB.request("GET", "/_all_dbs");
   CouchDB.maybeThrowError(CouchDB.last_req);

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6d6400c3/share/www/script/couch_test_runner.js
----------------------------------------------------------------------
diff --git a/share/www/script/couch_test_runner.js b/share/www/script/couch_test_runner.js
index db0b8de..c1e7a72 100644
--- a/share/www/script/couch_test_runner.js
+++ b/share/www/script/couch_test_runner.js
@@ -453,3 +453,20 @@ function restartServer() {
   waitForRestart();
 }
 
+// legacy functions for CouchDB < 1.2.0
+// we keep them to make sure we keep BC
+CouchDB.user_prefix = "org.couchdb.user:";
+
+CouchDB.prepareUserDoc = function(user_doc, new_password) {
+  user_doc._id = user_doc._id || CouchDB.user_prefix + user_doc.name;
+  if (new_password) {
+    // handle the password crypto
+    user_doc.salt = CouchDB.newUuids(1)[0];
+    user_doc.password_sha = hex_sha1(new_password + user_doc.salt);
+  }
+  user_doc.type = "user";
+  if (!user_doc.roles) {
+    user_doc.roles = [];
+  }
+  return user_doc;
+};

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6d6400c3/share/www/script/futon.js
----------------------------------------------------------------------
diff --git a/share/www/script/futon.js b/share/www/script/futon.js
index fb73e3c..74b36a8 100644
--- a/share/www/script/futon.js
+++ b/share/www/script/futon.js
@@ -134,6 +134,31 @@ function $$(node) {
     };
 
     function changePassword () {
+      var updateUserDoc = function(resp, data) {
+        // regular users get their _users doc updated
+        $.couch.db(resp.info.authentication_db).openDoc("org.couchdb.user:"+resp.userCtx.name,
{
+          error: function () {
+            // ignore 404
+            location.reload();
+          },
+          success: function (user) {
+            user.password = data.password;
+            $.couch.db(resp.info.authentication_db).saveDoc(user, {
+              success: function() {
+                doLogin(user.name, user.password, function(errors) {
+                    if(!$.isEmptyObject(errors)) {
+                      callback(errors);
+                      return;
+                    } else {
+                      location.reload();
+                    }
+                  });
+                }
+              });
+            }
+        });
+      }
+
       $.showDialog("dialog/_change_password.html", {
         submit: function(data, callback) {
           if (validatePassword(data, callback)) {
@@ -145,36 +170,30 @@ function $$(node) {
             return false;
           }
           $.couch.session({success: function (resp) {
-            if (resp.userCtx.roles.indexOf("_admin") > -1) {
+            // admin users may have a config entry, change the password
+            // there first. Update their user doc later, if it exists
+            if (resp.userCtx.roles.indexOf("_admin") > -1) { // user is admin
+              // check whether we have a config entry
               $.couch.config({
-                success : function () {
-                  doLogin(resp.userCtx.name, data.password, function(errors) {
-                    if(!$.isEmptyObject(errors)) {
-                      callback(errors);
-                      return;
-                    } else {
-                      location.reload();
+                success : function (response) { // er do have a config entry
+                  $.couch.config({
+                    success : function () {
+                      window.setTimeout(function() {
+                        doLogin(resp.userCtx.name, data.password, function(errors) {
+                          if(!$.isEmptyObject(errors)) {
+                            callback(errors);
+                            return;
+                          } else {
+                            location.reload();
+                          }
+                        });
+                      }, 1000);
                     }
-                  });
+                  }, "admins", resp.userCtx.name, data.password);
                 }
-              }, "admins", resp.userCtx.name, data.password);
-            } else {
-              $.couch.db(resp.info.authentication_db).openDoc("org.couchdb.user:"+resp.userCtx.name,
{
-                success: function (user) {
-                    $.couch.db(resp.info.authentication_db).saveDoc($.couch.prepareUserDoc(user,
data.password), {
-                      success: function() {
-                          doLogin(user.name, data.password, function(errors) {
-                              if(!$.isEmptyObject(errors)) {
-                                callback(errors);
-                                return;
-                              } else {
-                                location.reload();
-                              }
-                            });
-                          }
-                      });
-                  }
-              });
+              }, "admins", resp.userCtx.name);
+            } else { // non-admin users, update their user doc
+              updateUserDoc(resp, data);
             }
           }});
         }

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6d6400c3/share/www/script/jquery.couch.js
----------------------------------------------------------------------
diff --git a/share/www/script/jquery.couch.js b/share/www/script/jquery.couch.js
index 2c4c89e..a1f1ad2 100644
--- a/share/www/script/jquery.couch.js
+++ b/share/www/script/jquery.couch.js
@@ -182,38 +182,18 @@
      */
     signup: function(user_doc, password, options) {      
       options = options || {};
-      // prepare user doc based on name and password
-      user_doc = this.prepareUserDoc(user_doc, password);
+      user_doc.password = password;
+      user_doc.roles =  user_doc.roles || [];
+      user_doc.type =  user_doc.type = "user" || [];
+      var user_prefix = "org.couchdb.user:";
+      user_doc._id = user_doc._id || user_prefix + user_doc.name;
+
       $.couch.userDb(function(db) {
         db.saveDoc(user_doc, options);
       });
     },
 
     /**
-     * Populates a user doc with a new password.
-     * @param {Object} user_doc User details
-     * @param {String} new_password New Password
-     */
-    prepareUserDoc: function(user_doc, new_password) {
-      if (typeof hex_sha1 == "undefined") {
-        alert("creating a user doc requires sha1.js to be loaded in the page");
-        return;
-      }
-      var user_prefix = "org.couchdb.user:";
-      user_doc._id = user_doc._id || user_prefix + user_doc.name;
-      if (new_password) {
-        // handle the password crypto
-        user_doc.salt = $.couch.newUUID();
-        user_doc.password_sha = hex_sha1(new_password + user_doc.salt);
-      }
-      user_doc.type = "user";
-      if (!user_doc.roles) {
-        user_doc.roles = [];
-      }
-      return user_doc;
-    },
-
-    /**
      * Authenticate against CouchDB, the <code>options</code> parameter is
       *expected to have <code>name</code> and <code>password</code>
fields.
      * @param {ajaxSettings} options

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6d6400c3/src/couchdb/couch_users_db.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_users_db.erl b/src/couchdb/couch_users_db.erl
index d6e522e..adac719 100644
--- a/src/couchdb/couch_users_db.erl
+++ b/src/couchdb/couch_users_db.erl
@@ -46,7 +46,7 @@ before_doc_update(Doc, #db{user_ctx = UserCtx} = Db) ->
         throw(not_found)
     end.
 
-% If newDoc.password == null:
+% If newDoc.password == null || newDoc.password == undefined:
 %   ->
 %   noop
 % Else -> // calculate password hash server side
@@ -55,6 +55,8 @@ before_doc_update(Doc, #db{user_ctx = UserCtx} = Db) ->
 %    newDoc.password = null
 save_doc(#doc{body={Body}} = Doc) ->
     case couch_util:get_value(?PASSWORD, Body) of
+    null -> % server admins don't have a user-db password entry
+        Doc;
     undefined ->
         Doc;
     ClearPassword ->


Mime
View raw message