couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mikewall...@apache.org
Subject [4/5] chttpd commit: updated refs/heads/2452-users-db-security-on-clustered-interface to 569b00f
Date Tue, 11 Nov 2014 00:24:12 GMT
Strip non-public fields from _users all_docs on 5984

A _users DB on the admin interface will strip non-public fields
from documents in the _all_docs view when include_docs=true.

This commit creates the same behaviour when the _users DB is on
the clustered interface by using the appropriate callback in
couch_mrview_http.

COUCHDB-2452 4/?


Project: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/commit/593462c1
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/tree/593462c1
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/diff/593462c1

Branch: refs/heads/2452-users-db-security-on-clustered-interface
Commit: 593462c1fa6b413aff903fac86c7110412a8dfd0
Parents: adc98ea
Author: Mike Wallace <mikewallace@apache.org>
Authored: Mon Nov 10 23:37:02 2014 +0000
Committer: Mike Wallace <mikewallace@apache.org>
Committed: Mon Nov 10 23:37:02 2014 +0000

----------------------------------------------------------------------
 src/chttpd_db.erl | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/593462c1/src/chttpd_db.erl
----------------------------------------------------------------------
diff --git a/src/chttpd_db.erl b/src/chttpd_db.erl
index 68a6f2f..695e540 100644
--- a/src/chttpd_db.erl
+++ b/src/chttpd_db.erl
@@ -549,9 +549,20 @@ all_docs_view(Req, Db, Keys) ->
     end,
     Args = Args0#mrargs{preflight_fun=ETagFun},
     Options = [{user_ctx, Req#httpd.user_ctx}],
+    DbName = ?b2l(Db#db.name),
+    UsersDbName = config:get("chttpd_auth",
+                             "authentication_db",
+                             "_users"),
+    IsAdmin = case catch couch_db:check_is_admin(Db) of
+    {unauthorized, _} ->
+        false;
+    ok ->
+        true
+    end,
+    Callback = couch_mrview_http:get_view_callback(DbName, UsersDbName, IsAdmin),
     {ok, Resp} = couch_httpd:etag_maybe(Req, fun() ->
         VAcc0 = #vacc{db=Db, req=Req},
-        fabric:all_docs(Db, Options, fun couch_mrview_http:view_cb/2, VAcc0, Args)
+        fabric:all_docs(Db, Options, Callback, VAcc0, Args)
     end),
     case is_record(Resp, vacc) of
         true -> {ok, Resp#vacc.resp};


Mime
View raw message