couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kxepal <...@git.apache.org>
Subject [GitHub] couchdb-couch-mrview pull request: 1145 local docs handler
Date Wed, 31 Dec 2014 19:48:22 GMT
Github user kxepal commented on a diff in the pull request:

    https://github.com/apache/couchdb-couch-mrview/pull/13#discussion_r22392328
  
    --- Diff: src/couch_mrview_http.erl ---
    @@ -159,41 +177,59 @@ handle_cleanup_req(Req, _Db) ->
     
     
     all_docs_req(Req, Db, Keys) ->
    -    case couch_db:is_system_db(Db) of
    +    all_docs_req(Req, Db, Keys, undefined).
    +
    +all_docs_req(Req, Db, Keys, NS) ->
    +    case is_restricted(Db, NS) of
         true ->
             case (catch couch_db:check_is_admin(Db)) of
             ok ->
    -            do_all_docs_req(Req, Db, Keys);
    +            do_all_docs_req(Req, Db, Keys, NS);
    +        _ when NS == <<"_local">> ->
    +            throw({forbidden, <<"Only admins can access _local_docs">>});
             _ ->
    -            DbName = ?b2l(Db#db.name),
    -            case config:get("couch_httpd_auth",
    -                                  "authentication_db",
    -                                  "_users") of
    -            DbName ->
    -                UsersDbPublic = config:get("couch_httpd_auth", "users_db_public", "false"),
    -                PublicFields = config:get("couch_httpd_auth", "public_fields"),
    -                case {UsersDbPublic, PublicFields} of
    -                {"true", PublicFields} when PublicFields =/= undefined ->
    -                    do_all_docs_req(Req, Db, Keys);
    -                {_, _} ->
    +            case is_public_fields_configured(Db) of
    +                true ->
    +                    do_all_docs_req(Req, Db, Keys, NS);
    +                false ->
                         throw({forbidden, <<"Only admins can access _all_docs",
                                             " of system databases.">>})
    -                end;
    -            _ ->
    -                throw({forbidden, <<"Only admins can access _all_docs",
    -                                    " of system databases.">>})
                 end
             end;
         false ->
    -        do_all_docs_req(Req, Db, Keys)
    +        do_all_docs_req(Req, Db, Keys, NS)
         end.
     
    -do_all_docs_req(Req, Db, Keys) ->
    +is_restricted(_Db, <<"_local">>) ->
    +    true;
    +is_restricted(Db, _) ->
    +    couch_db:is_system_db(Db).
    +
    +is_public_fields_configured(Db) ->
    +    DbName = ?b2l(Db#db.name),
    +    case config:get("couch_httpd_auth",
    +                          "authentication_db",
    --- End diff --
    
    Indention ):


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message