From dev-return-16024-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org Tue May 10 15:47:30 2011 Return-Path: X-Original-To: apmail-couchdb-dev-archive@www.apache.org Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 047545104 for ; Tue, 10 May 2011 15:47:30 +0000 (UTC) Received: (qmail 18174 invoked by uid 500); 10 May 2011 15:47:29 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 18128 invoked by uid 500); 10 May 2011 15:47:29 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 18120 invoked by uid 99); 10 May 2011 15:47:29 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 May 2011 15:47:29 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 May 2011 15:47:27 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 7B1B1365A3 for ; Tue, 10 May 2011 15:46:47 +0000 (UTC) Date: Tue, 10 May 2011 15:46:47 +0000 (UTC) From: "Johannes J. Schmidt (JIRA)" To: dev@couchdb.apache.org Message-ID: <783413885.465.1305042407500.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Created] (COUCHDB-1155) Etag send by list function does not depend on userCtx MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org Etag send by list function does not depend on userCtx ----------------------------------------------------- Key: COUCHDB-1155 URL: https://issues.apache.org/jira/browse/COUCHDB-1155 Project: CouchDB Issue Type: Bug Components: HTTP Interface Affects Versions: 1.0.2 Reporter: Johannes J. Schmidt List functions should send a different Etag when requested by different users. The following curl session shows identical Etags for different users. CouchDB must not be in admin party mode. PROTOCOL=http DOMAIN="127.0.0.1:5984" DB=testdb # admin credentials for db creation ADMIN=admin:secure # this user must have an empty roles array USER=user:secure curl -XDELETE $PROTOCOL://$ADMIN@$DOMAIN/$DB curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/foo -d '{"count":1}' curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/_design/foo -d '{ "views": { "bar": { "map": "function(doc) { emit(doc._id, null); }" } }, "lists": { "bar": "function(head, req) { return req.userCtx.name || \"anonymous\" }" }}' curl -s $PROTOCOL://$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep Etag curl -s $PROTOCOL://$USER@$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep Etag #=> Etag: "A1NKHA0935KMCSHFSK94EHZNL" #=> Etag: "A1NKHA0935KMCSHFSK94EHZNL" This issue is important for standalone CouchDB applications which use list functions depending on the user context, eg. showing a login button or username. regards Johannes PS: I tried to write a javascript test case but this issue can only be reproduced if the server is not in admin party mode, which the test suite requires. I am not so familar with those tests to temporarily change the admin party. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira