couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject [44/50] couchdb commit: updated refs/heads/auth-tests-wip to c34d871
Date Tue, 12 Jul 2016 19:41:27 GMT
auth-tests wip

*Get cookie-auth to pass \o/*

Current remaining issues are with users_db.js and users_db_security.js.

./dev/run -n1 --with-admin-party-please

Second terminal:
./tests/javascript/run users_db

or

./tests/javascript/run users_db_security

* * *

users_db.js:

JS test output:

test/javascript/tests/users_db.js
    Error: function_clause
Trace back (most recent call first):

 546: test/javascript/couch.js
      CouchError([object Object])
 509: test/javascript/couch.js
      ([object CouchHTTP])
  58: test/javascript/couch.js
      ([object Object])
  71: test/javascript/tests/users_db.js # <<<<< place in users_db.js where
the error is triggered
      testFun()
 385: test/javascript/couch_test_runner.js
      run_on_modified_server([object Array],testFun)
 181: test/javascript/tests/users_db.js
      ()
  37: test/javascript/cli_runner.js
      runTest()
  48: test/javascript/cli_runner.js

fail

dev/logs/node1.log:

2016-05-16 14:34:31.903 [error] node1@127.0.0.1 <0.682.0> req_err(2080506428) unknown_error
: function_clause[<<"chttpd_db:update_doc/4 L970">>,<<"chttpd_db:send_updated_doc/6
L934">>,<<"chttpd:process_request/1 L293">>,<<"chttpd:handle_request_int/1
L229">>,<<"mochiweb_http:headers/6 L122">>,<<"proc_lib:init_p_do_apply/3
L239">>]

* * *

users_db_security.js:

JS test output:

    Error: expected 'true', got 'null'
Trace back (most recent call first):

  52: test/javascript/test_setup.js
      T(false,"expected 'true', got 'null'",(void 0))
 321: test/javascript/couch_test_runner.js
      TEquals(true,(void 0))
 186: test/javascript/tests/users_db_security.js  # <<<<< place in users_db_security.js
where
      ()                                          #       the error is triggered
 385: test/javascript/couch_test_runner.js
      run_on_modified_server([object Array],(function () {var res = usersDb.
 114: test/javascript/tests/users_db_security.js
      ()
 385: test/javascript/couch_test_runner.js
      run_on_modified_server([object Array],(function () {var userDoc = {_id
 419: test/javascript/tests/users_db_security.js
      ()
  37: test/javascript/cli_runner.js
      runTest()
  48: test/javascript/cli_runner.js

dev/logs/node1.log:

2016-05-16 19:46:20.092 [error] Undefined emulator Error in process <0.1938.0> on node
'node1@127.0.0.1' with exit value: {function_clause,[{fabric_doc_update,handle_message,[not_found,{shard,<<42
bytes>>,'node1@127.0.0.1',<<6 bytes>>,[3221225472,3758096383],#Ref<0.0.0.40541>},{1,1,1,[{{shard,<<42
bytes>>,'node1@127.0.0.1',<<6 bytes>>,[3221225472,3758096383],#Ref<0.0.0.40541>},[{doc,<<24
bytes>>,{1,[<<16 bytes>>]},{[{<<4 bytes>>,<<4 bytes>>},{<<4
bytes>>,<<7 bytes>>},{<<4 bytes>>,<<32 bytes>>},{<<5
bytes>>,[]},{<<15 bytes>>,<<6 bytes>>},{<<10 bytes>>,1},{<<11
bytes>>,<<40 bytes>>}]},[],false,[{ref,#Ref<0.0.0.40540>}]}]}],{dict,0,16,16,8,80,48,{[],[],[],[],[],[],[],[],[],[],[],[],...

2016-05-16 19:46:20.093 [error] node1@127.0.0.1 <0.1602.0> req_err(1320117845) badmatch
: {function_clause,
    [{fabric_doc_update,handle_message,
         [not_found,
          {shard,<<"shards/c0000000-dfffffff/_users.1463420709">>,
              'node1@127.0.0.1',<<"_users">>,
              [3221225472,3758096383],
              #Ref<0.0.0.40541>},
          {1,1,1,
           [{{shard,<<"shards/c0000000-dfffffff/_users.1463420709">>,
                 'node1@127.0.0.1',<<"_users">>,
                 [3221225472,3758096383],
                 #Ref<0.0.0.40541>},
             [{doc,<<"org.couchdb.user:rnewson">>,
                  {1,
                   [<<160,186,22,20,84,62,68,165,50,104,255,197,135,68,137,
                      132>>]},
                  {[{<<"type">>,<<"user">>},
                    {<<"name">>,<<"rnewson">>},
                    {<<"salt">>,<<"455064159003b44956d0deeab778ba77">>},
                    {<<"roles">>,[]},
                    {<<"password_scheme">>,<<"pbkdf2">>},
                    {<<"iterations">>,1},
                    {<<"derived_key">>,
                     <<"dcfaca803d9fcd53c7882beccddb074760d7da5f">>}]},
                  [],false,
                  [{ref,#Ref<0.0.0.40540>}]}]}],
           {dict,0,16,16,8,80,48,
               {[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]},
               {{[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]}}}}],
         [{file,"src/fabric_doc_update.erl"},{line,55}]},
     {rexi_utils,process_mailbox,6,[{file,"src/rexi_utils.erl"},{line,55}]},
     {fabric_doc_update,go,3,[{file,"src/fabric_doc_update.erl"},{line,39}]},
     {fabric,update_docs,3,[{file,"src/fabric.erl"},{line,245}]},
     {fabric,update_doc,3,[{file,"src/fabric.erl"},{line,225}]},
     {chttpd_auth_cache,'-update_user_creds/3-fun-0-',1,
         [{file,"src/chttpd_auth_cache.erl"},{line,55}]}]}
    [<<"couch_httpd_auth:maybe_upgrade_password_hash/6 L408">>,<<"couch_httpd_auth:handle_session_req/2
L311">>,<<"chttpd:process_request/1 L293">>,<<"chttpd:handle_request_int/1
L229">>,<<"mochiweb_http:headers/6 L122">>,<<"proc_lib:init_p_do_apply/3
L239">>]
2016-05-16 19:46:20.093 [notice] node1@127.0.0.1 <0.1602.0> fa720ffc9c 127.0.0.1 127.0.0.1:15984
undefined POST /_session 500 ok 2

Applying https://github.com/apache/couchdb-mem3/pull/21 makes no difference.

* * *


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/6411a404
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/6411a404
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/6411a404

Branch: refs/heads/auth-tests-wip
Commit: 6411a40494f0e8f59a8852c17a7d9692b2a19ad9
Parents: 01be91c
Author: Jan Lehnardt <jan@apache.org>
Authored: Mon May 16 19:30:19 2016 +0200
Committer: Jan Lehnardt <jan@apache.org>
Committed: Tue Jul 12 20:55:58 2016 +0200

----------------------------------------------------------------------
 test/javascript/couch.js                   |  2 +-
 test/javascript/couch_test_runner.js       |  7 +++++
 test/javascript/tests/cookie_auth.js       | 35 +++++++++++--------------
 test/javascript/tests/users_db.js          | 22 +++++++++++-----
 test/javascript/tests/users_db_security.js | 31 +++++++++++-----------
 5 files changed, 54 insertions(+), 43 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/6411a404/test/javascript/couch.js
----------------------------------------------------------------------
diff --git a/test/javascript/couch.js b/test/javascript/couch.js
index 1a2f950..dd9a408 100644
--- a/test/javascript/couch.js
+++ b/test/javascript/couch.js
@@ -470,7 +470,7 @@ CouchDB.requestStats = function(path, test) {
     query_arg = "?flush=true";
   }
 
-  var url = "/_stats/" + path.join("/") + query_arg;
+  var url = "/_node/node1@127.0.0.1/_stats/" + path.join("/") + query_arg;
   var stat = CouchDB.request("GET", url).responseText;
   return JSON.parse(stat);
 };

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6411a404/test/javascript/couch_test_runner.js
----------------------------------------------------------------------
diff --git a/test/javascript/couch_test_runner.js b/test/javascript/couch_test_runner.js
index 887e988..253b545 100644
--- a/test/javascript/couch_test_runner.js
+++ b/test/javascript/couch_test_runner.js
@@ -507,3 +507,10 @@ function retry_part(fct, n, duration) {
   }
 }
 
+function wait(ms) {
+  var t0 = new Date(), t1;
+  do {
+    CouchDB.request("GET", "/");
+    t1 = new Date();
+  } while ((t1 - t0) <= ms);
+}

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6411a404/test/javascript/tests/cookie_auth.js
----------------------------------------------------------------------
diff --git a/test/javascript/tests/cookie_auth.js b/test/javascript/tests/cookie_auth.js
index df4c9bd..9a14416 100644
--- a/test/javascript/tests/cookie_auth.js
+++ b/test/javascript/tests/cookie_auth.js
@@ -11,18 +11,17 @@
 // the License.
 
 couchTests.cookie_auth = function(debug) {
-  return console.log('TODO: config not available on cluster');
   // This tests cookie-based authentication.
-  //return console.log('TODO');
-  // TODO: re-write so we get along withOUT changed config
-  // poss.: re-write so we just use _users and add some docs (and we delete those b4 running).
Admin party should not hurt when logging in more
 
   var db_name = get_random_db_name();
   var db = new CouchDB(db_name, {"X-Couch-Full-Commit":"false"});
   db.createDb();
 
   // used later, needs to be global here
-  var users_db_name = get_random_db_name();
+  var users_db_name = '_users';
+  var usersDb = new CouchDB(users_db_name, {"X-Couch-Full-Commit":"false"});
+  try { usersDb.createDb(); } catch (e) { /* ignore if exists*/ }
+
   if (debug) debugger;
 
   var password = "3.141592653589";
@@ -90,13 +89,13 @@ couchTests.cookie_auth = function(debug) {
       TEquals("Jason Davies", checkDoc.name);
 
       var jchrisUserDoc = CouchDB.prepareUserDoc({
-        name: "jchris@apache.org"
+        name: "jchris"
       }, "funnybone");
       T(usersDb.save(jchrisUserDoc).ok);
 
       // make sure we cant create duplicate users
       var duplicateJchrisDoc = CouchDB.prepareUserDoc({
-        name: "jchris@apache.org"
+        name: "jchris"
       }, "eh, Boo-Boo?");
 
       try {
@@ -194,8 +193,8 @@ couchTests.cookie_auth = function(debug) {
       // test users db validations
       //
       // test that you can't update docs unless you are logged in as the user (or are admin)
-      T(CouchDB.login("jchris@apache.org", "funnybone").ok);
-      T(CouchDB.session().userCtx.name == "jchris@apache.org");
+      T(CouchDB.login("jchris", "funnybone").ok);
+      T(CouchDB.session().userCtx.name == "jchris");
       T(CouchDB.session().userCtx.roles.length == 0);
 
       jasonUserDoc.foo=3;
@@ -223,6 +222,7 @@ couchTests.cookie_auth = function(debug) {
 
       jchrisUserDoc.foo = ["foo"];
       T(save_as(usersDb, jchrisUserDoc, "jan"));
+      wait(5000) // wait for auth cache invalidation
 
       // test that you can't save system (underscore) roles even if you are admin
       jchrisUserDoc.roles = ["_bar"];
@@ -232,8 +232,8 @@ couchTests.cookie_auth = function(debug) {
       T(usersDb.last_req.status == 403);
 
       // make sure the foo role has been applied
-      T(CouchDB.login("jchris@apache.org", "funnybone").ok);
-      T(CouchDB.session().userCtx.name == "jchris@apache.org");
+      T(CouchDB.login("jchris", "funnybone").ok);
+      T(CouchDB.session().userCtx.name == "jchris");
       T(CouchDB.session().userCtx.roles.indexOf("_admin") == -1);
       T(CouchDB.session().userCtx.roles.indexOf("foo") != -1);
 
@@ -245,9 +245,9 @@ couchTests.cookie_auth = function(debug) {
 
       TEquals(true, CouchDB.login("jan", "apple").ok);
       run_on_modified_server([{section: "admins",
-        key: "jchris@apache.org", value: "funnybone"}], function() {
-          T(CouchDB.login("jchris@apache.org", "funnybone").ok);
-          T(CouchDB.session().userCtx.name == "jchris@apache.org");
+        key: "jchris", value: "funnybone"}], function() {
+          T(CouchDB.login("jchris", "funnybone").ok);
+          T(CouchDB.session().userCtx.name == "jchris");
           T(CouchDB.session().userCtx.roles.indexOf("_admin") != -1);
           // test that jchris still has the foo role
           T(CouchDB.session().userCtx.roles.indexOf("foo") != -1);
@@ -258,9 +258,9 @@ couchTests.cookie_auth = function(debug) {
           delete jchrisUserDoc.password_sha;
           T(usersDb.save(jchrisUserDoc).ok);
           T(CouchDB.logout().ok);
-          T(CouchDB.login("jchris@apache.org", "funnybone").ok);
+          T(CouchDB.login("jchris", "funnybone").ok);
           var s = CouchDB.session();
-          T(s.userCtx.name == "jchris@apache.org");
+          T(s.userCtx.name == "jchris");
           T(s.userCtx.roles.indexOf("_admin") != -1);
           // test session info
           T(s.info.authenticated == "cookie");
@@ -277,9 +277,6 @@ couchTests.cookie_auth = function(debug) {
     TEquals(true, CouchDB.login("jan", "apple").ok);
   };
 
-  var usersDb = new CouchDB(users_db_name, {"X-Couch-Full-Commit":"false"});
-  usersDb.createDb();
-
   run_on_modified_server(
     [
      {section: "couch_httpd_auth",

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6411a404/test/javascript/tests/users_db.js
----------------------------------------------------------------------
diff --git a/test/javascript/tests/users_db.js b/test/javascript/tests/users_db.js
index ada0047..7027b07 100644
--- a/test/javascript/tests/users_db.js
+++ b/test/javascript/tests/users_db.js
@@ -15,8 +15,9 @@ couchTests.users_db = function(debug) {
   // This tests the users db, especially validations
   // this should also test that you can log into the couch
   
-  var users_db_name = '_users'; //get_random_db_name();
+  var users_db_name = '_users';
   var usersDb = new CouchDB(users_db_name, {"X-Couch-Full-Commit":"false"});
+  try { usersDb.createDb(); } catch (e) { /* ignore if exists*/ }
 
   // test that you can treat "_user" as a db-name
   // this can complicate people who try to secure the users db with 
@@ -32,8 +33,8 @@ couchTests.users_db = function(debug) {
     // since it doesn’t wait for the ddoc to be created.
     // in a full test suite run, this is fine.
     // dev trick: run `test/javascript/run basics users_db`
-    var ddoc = usersDb.open("_design/_auth");
-    T(ddoc.validate_doc_update);
+    // var ddoc = usersDb.open("_design/_auth");
+    // T(ddoc.validate_doc_update);
     
     // test that you can login as a user using basic auth
     var jchrisUserDoc = CouchDB.prepareUserDoc({
@@ -60,14 +61,14 @@ couchTests.users_db = function(debug) {
       }
     });
     T(s.name == null);
-    T(s.info.authenticated == "default");
+    T(s.info.authenticated == "local");
     
     
     // ok, now create a conflicting edit on the jchris doc, and make sure there's no login.
     var jchrisUser2 = JSON.parse(JSON.stringify(jchrisUserDoc));
     jchrisUser2.foo = "bar";
-    var r = usersDb.save(jchrisUser2)
-    T(r.ok);
+
+    T(usersDb.save(jchrisUser2).ok);
     try {
       usersDb.save(jchrisUserDoc);
       T(false && "should be an update conflict");
@@ -80,6 +81,7 @@ couchTests.users_db = function(debug) {
 
     var jchrisWithConflict = usersDb.open(jchrisUserDoc._id, {conflicts : true});
     T(jchrisWithConflict._conflicts.length == 1);
+    wait(5000) // wait for auth_cache invalidation
 
     // no login with conflicted user doc
     try {
@@ -171,7 +173,13 @@ couchTests.users_db = function(debug) {
 
   };
 
-  testFun()
+  run_on_modified_server(
+    [{section: "couch_httpd_auth",
+      key: "iterations", value: "1"},
+     {section: "admins",
+      key: "jan", value: "apple"}],
+    testFun
+  );
   usersDb.deleteDb(); // cleanup
   
 }

http://git-wip-us.apache.org/repos/asf/couchdb/blob/6411a404/test/javascript/tests/users_db_security.js
----------------------------------------------------------------------
diff --git a/test/javascript/tests/users_db_security.js b/test/javascript/tests/users_db_security.js
index 2c606a1..355bb03 100644
--- a/test/javascript/tests/users_db_security.js
+++ b/test/javascript/tests/users_db_security.js
@@ -11,18 +11,11 @@
 // the License.
 
 couchTests.users_db_security = function(debug) {
-  return console.log('TODO after at least COUCHDB-2991 is adressed');
-  var db_name = get_random_db_name();
+  var db_name = '_users';
   var usersDb = new CouchDB(db_name, {"X-Couch-Full-Commit":"false"});
-  if (debug) debugger;
+  try { usersDb.createDb(); } catch (e) { /* ignore if exists*/ }
 
-  function wait(ms) {
-    var t0 = new Date(), t1;
-    do {
-      CouchDB.request("GET", "/");
-      t1 = new Date();
-    } while ((t1 - t0) <= ms);
-  }
+  if (debug) debugger;
 
   var loginUser = function(username) {
     var pws = {
@@ -32,6 +25,9 @@ couchTests.users_db_security = function(debug) {
       fdmanana: "foobar",
       benoitc: "test"
     };
+    // we are changing jchris’s password further down
+    // the next two lines keep the code cleaner in
+    // the actual tests
     var username1 = username.replace(/[0-9]$/, "");
     var password = pws[username];
     T(CouchDB.login(username1, pws[username]).ok);
@@ -98,7 +94,7 @@ couchTests.users_db_security = function(debug) {
 
     // jan's gonna be admin as he's the first user
     TEquals(true, usersDb.save(userDoc).ok, "should save document");
-    userDoc = usersDb.open("org.couchdb.user:jchris");
+    userDoc = open_as(usersDb, "org.couchdb.user:jchris", "jchris");
     TEquals(undefined, userDoc.password, "password field should be null 1");
     TEquals(40, userDoc.derived_key.length, "derived_key should exist");
     TEquals(32, userDoc.salt.length, "salt should exist");
@@ -141,7 +137,7 @@ couchTests.users_db_security = function(debug) {
       jchrisDoc.password = "couch";
 
       TEquals(true, save_as(usersDb, jchrisDoc, "jchris").ok);
-      wait(100);
+      wait(5000);
       var jchrisDoc = open_as(usersDb, "org.couchdb.user:jchris", "jchris1");
 
       TEquals(undefined, jchrisDoc.password, "password field should be null 2");
@@ -184,8 +180,11 @@ couchTests.users_db_security = function(debug) {
       T(!rnewsonDoc.derived_key);
       T(!rnewsonDoc.iterations);
 
-      TEquals(true, CouchDB.login("rnewson", "plaintext_password").ok);
-      rnewsonDoc = usersDb.open(rnewsonDoc._id);
+      wait(5000); // wait for auth cache invalidation
+      var r = CouchDB.login("rnewson", "plaintext_password")
+      log(r)
+      TEquals(true, r.ok);
+      rnewsonDoc = open_as(usersDb, rnewsonDoc._id, "rnewson");
       TEquals("pbkdf2", rnewsonDoc.password_scheme);
       T(rnewsonDoc.salt != salt);
       T(!rnewsonDoc.password_sha);
@@ -415,8 +414,8 @@ couchTests.users_db_security = function(debug) {
   run_on_modified_server(
     [{section: "couch_httpd_auth",
       key: "iterations", value: "1"},
-     {section: "couch_httpd_auth",
-      key: "authentication_db", value: usersDb.name}],
+   {section: "admins",
+    key: "jan", value: "apple"}],
     testFun
   );
   usersDb.deleteDb(); // cleanup


Mime
View raw message