couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mikewall...@apache.org
Subject [3/5] chttpd commit: updated refs/heads/2452-users-db-security-on-clustered-interface to 25ec565
Date Fri, 14 Nov 2014 19:35:05 GMT
Strip non-public fields from _users all_docs on 5984

A _users DB on the admin interface will strip non-public fields
from documents in the _all_docs view when include_docs=true.

This commit creates the same behaviour when the _users DB is on
the clustered interface by using the appropriate callback in
couch_mrview_http.

COUCHDB-2452 3/5


Project: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/commit/1cea10dc
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/tree/1cea10dc
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/diff/1cea10dc

Branch: refs/heads/2452-users-db-security-on-clustered-interface
Commit: 1cea10dc98cb1d04ed0b0a081687324f92177dea
Parents: ce83780
Author: Mike Wallace <mikewallace@apache.org>
Authored: Mon Nov 10 23:37:02 2014 +0000
Committer: Mike Wallace <mikewallace@apache.org>
Committed: Thu Nov 13 20:38:31 2014 +0000

----------------------------------------------------------------------
 src/chttpd_db.erl | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/1cea10dc/src/chttpd_db.erl
----------------------------------------------------------------------
diff --git a/src/chttpd_db.erl b/src/chttpd_db.erl
index d51143c..afe1bf6 100644
--- a/src/chttpd_db.erl
+++ b/src/chttpd_db.erl
@@ -548,9 +548,20 @@ all_docs_view(Req, Db, Keys) ->
     end,
     Args = Args0#mrargs{preflight_fun=ETagFun},
     Options = [{user_ctx, Req#httpd.user_ctx}],
+    DbName = ?b2l(Db#db.name),
+    UsersDbName = config:get("chttpd_auth",
+                             "authentication_db",
+                             "_users"),
+    IsAdmin = case catch couch_db:check_is_admin(Db) of
+    {unauthorized, _} ->
+        false;
+    ok ->
+        true
+    end,
+    Callback = couch_mrview_http:get_view_callback(DbName, UsersDbName, IsAdmin),
     {ok, Resp} = couch_httpd:etag_maybe(Req, fun() ->
         VAcc0 = #vacc{db=Db, req=Req},
-        fabric:all_docs(Db, Options, fun couch_mrview_http:view_cb/2, VAcc0, Args)
+        fabric:all_docs(Db, Options, Callback, VAcc0, Args)
     end),
     case is_record(Resp, vacc) of
         true -> {ok, Resp#vacc.resp};


Mime
View raw message