couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mikewall...@apache.org
Subject [2/2] couch commit: updated refs/heads/2452-users-db-security-on-clustered-interface to 8c02996
Date Tue, 11 Nov 2014 00:23:04 GMT
Update auth DB docs via the auth module

Documents in the authentication DB were being updated directly
from couch_httpd_auth via couch_db:update_doc/3. This meant that
updates to documents with the authentication DB on the clustered
interface (5984) would fail.

This commit makes the auth module responsible for the document
update via a ?MODULE:update_doc/2 function and adds a function
for couch_httpd_auth which proxies to couch_db:update_doc/3.

COUCHDB-2452


Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/8c029964
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/8c029964
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/8c029964

Branch: refs/heads/2452-users-db-security-on-clustered-interface
Commit: 8c0299645e5ec0ea72de71c795c83a9b06d7b590
Parents: 2f069c8
Author: Mike Wallace <mikewallace@apache.org>
Authored: Tue Nov 11 00:06:19 2014 +0000
Committer: Mike Wallace <mikewallace@apache.org>
Committed: Tue Nov 11 00:10:55 2014 +0000

----------------------------------------------------------------------
 src/couch_httpd_auth.erl | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/8c029964/src/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couch_httpd_auth.erl b/src/couch_httpd_auth.erl
index 752dd20..4c65b2a 100644
--- a/src/couch_httpd_auth.erl
+++ b/src/couch_httpd_auth.erl
@@ -20,6 +20,7 @@
 -export([proxy_authentication_handler/1, proxy_authentification_handler/1]).
 -export([cookie_auth_header/2]).
 -export([handle_session_req/1, handle_session_req/2]).
+-export([update_doc/2]).
 
 -import(couch_httpd, [header_value/2, send_json/2,send_json/4, send_method_not_allowed/2]).
 
@@ -368,17 +369,20 @@ maybe_upgrade_password_hash(UserName, Password, UserProps, AuthModule)
->
     case {IsAdmin, couch_util:get_value(<<"password_scheme">>, UserProps, <<"simple">>)}
of
     {false, <<"simple">>} ->
         DbName = ?l2b(config:get("couch_httpd_auth", "authentication_db", "_users")),
-        couch_util:with_db(DbName, fun(UserDb) ->
-            UserProps2 = proplists:delete(<<"password_sha">>, UserProps),
-            UserProps3 = [{<<"password">>, Password} | UserProps2],
-            NewUserDoc = couch_doc:from_json_obj({UserProps3}),
-            {ok, _NewRev} = couch_db:update_doc(UserDb, NewUserDoc, []),
-            AuthModule:get_user_creds(UserName)
-        end);
+        UserProps2 = proplists:delete(<<"password_sha">>, UserProps),
+        UserProps3 = [{<<"password">>, Password} | UserProps2],
+        NewUserDoc = couch_doc:from_json_obj({UserProps3}),
+        {ok, _NewRev} = AuthModule:update_doc(DbName, NewUserDoc),
+        AuthModule:get_user_creds(UserName);
     _ ->
         UserProps
     end.
 
+update_doc(DbName, NewUserDoc) ->
+    couch_util:with_db(DbName, fun(UserDb) ->
+        couch_db:update_doc(UserDb, NewUserDoc, [])
+    end).
+
 authenticate(Pass, UserProps) ->
     UserSalt = couch_util:get_value(<<"salt">>, UserProps, <<>>),
     {PasswordHash, ExpectedHash} =


Mime
View raw message