incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Anderson <jch...@apache.org>
Subject Re: CouchDB Validation function and security API ..
Date Sun, 13 Sep 2009 05:16:47 GMT
On Sat, Sep 12, 2009 at 7:47 AM, Debasish Ghosh
<ghosh.debasish@gmail.com> wrote:
> Hi -
>
> The validation function validate_doc_update takes 3 parameters, newdoc,
> olddoc and userContext. I am trying to get my head into how the
> authentication and authorization stuff is related to this. The CouchDB book
> has the following code snippet in 7.2.4 Authorship section ..
> function(newDoc, oldDoc, userCtx) {
>  if (newDoc.author) {
>    enforce(newDoc.author == userCtx.author,
>      "You may only update documents with author " + userCtx.author);
>  }
> }
>
> In my linux environment, when I run CouchDB validation functions with a
> user-id and password setup in local.ini under [admins], I get the following
> as the contents of the third parameter of the validation function :-
>
> {"db" : "test", "name" : null, "roles" : []}
>
> In the above snippet from the book there appears to be a field
> userCtx.author. Just wondering how to get it here and why I am not seeing it
> in my output.
>

heh, thanks for the catch.. It should read:

enforce(newDoc.author == userCtx.name

> Also any pointer on the security, authentication and authorization part will
> be appreciated.
>

I'm not sure, but you should be getting more when you are properly
logged in -- this is worth investigating more. What do you get for
this?:

$ curl http://jchris:mysecretpassword@localhost:5984/_session
{"ok":true,"name":"jchris","roles":["_admin"]}


> Thanks in advance ..
> - Debasish
>



-- 
Chris Anderson
http://jchrisa.net
http://couch.io

Mime
View raw message