Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@couchdb.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: davisp@apache.org
To: commits@couchdb.apache.org
Subject: [21/50] [abbrv] git commit: make /_users/_changes admin-only
Message-Id: <20120314222801.D7B6570F2@tyr.zones.apache.org>
Date: Wed, 14 Mar 2012 22:28:01 +0000 (UTC)

make /_users/_changes admin-only


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/46c84880
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/46c84880
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/46c84880

Branch: refs/heads/COUCHDB-1426
Commit: 46c8488091f3203602e2c6737c7c5bd0be61aed1
Parents: a1c9c99
Author: Jan Lehnardt <jan@apache.org>
Authored: Thu Feb 16 16:36:42 2012 +0100
Committer: Jan Lehnardt <jan@apache.org>
Committed: Tue Feb 21 14:39:05 2012 +0100

----------------------------------------------------------------------
 share/www/script/test/users_db_security.js |   24 +++++++++++++++++++++++
 src/couchdb/couch_httpd_db.erl             |    1 +
 2 files changed, 25 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/46c84880/share/www/script/test/users_db_security.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/users_db_security.js b/share/www/script/test/users_db_security.js
index faa2be4..6491eaf 100644
--- a/share/www/script/test/users_db_security.js
+++ b/share/www/script/test/users_db_security.js
@@ -59,6 +59,18 @@ couchTests.users_db_security = function(debug) {
     }
   };
 
+  var changes_as = function(db, username)
+  {
+    loginUser(username);
+    try {
+      return db.changes();
+    } catch(ex) {
+      return ex;
+    } finally {
+      CouchDB.logout();
+    }
+  };
+
   var testFun = function()
   {
     usersDb.deleteDb();
@@ -98,10 +110,22 @@ couchTests.users_db_security = function(debug) {
       var res = usersDb.open("org.couchdb.user:jchris");
       TEquals(null, res, "anonymous user doc read should be not found");
 
+      // anonymous should not be able to read /_users/_changes
+      try {
+        var ch = usersDb.changes();
+        T(false, "anonymous can read _changes");
+      } catch(e) {
+        TEquals("unauthorized", e.error, "anoymous can't read _changes");
+      }
+
       // user should be able to read their own document
       var jchrisDoc = open_as(usersDb, "org.couchdb.user:jchris", "jchris");
       TEquals("org.couchdb.user:jchris", jchrisDoc._id);
 
+      // user should not be able to read /_users/_changes
+      var changes = changes_as(usersDb, "jchris");
+      TEquals("unauthorized", changes.error, "user can't read _changes");
+
       // new 'password' fields should trigger new hashing routine
       jchrisDoc.password = "couch";
 

http://git-wip-us.apache.org/repos/asf/couchdb/blob/46c84880/src/couchdb/couch_httpd_db.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_db.erl b/src/couchdb/couch_httpd_db.erl
index d7ecb4a..07a7a2d 100644
--- a/src/couchdb/couch_httpd_db.erl
+++ b/src/couchdb/couch_httpd_db.erl
@@ -64,6 +64,7 @@ handle_changes_req(#httpd{path_parts=[_,<<"_changes">>]}=Req, _Db) ->
     send_method_not_allowed(Req, "GET,HEAD,POST").
 
 handle_changes_req1(Req, Db) ->
+    ok = couch_db:check_is_admin(Db),
     MakeCallback = fun(Resp) ->
         fun({change, Change, _}, "continuous") ->
             send_chunk(Resp, [?JSON_ENCODE(Change) | "\n"]);