You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Daniel Truemper (Created) (JIRA)" <ji...@apache.org> on 2011/10/25 11:12:32 UTC
[jira] [Created] (COUCHDB-1316) Error in the validate_doc_update
function of the _users db
Error in the validate_doc_update function of the _users db
----------------------------------------------------------
Key: COUCHDB-1316
URL: https://issues.apache.org/jira/browse/COUCHDB-1316
Project: CouchDB
Issue Type: Bug
Components: Database Core
Affects Versions: 1.1
Reporter: Daniel Truemper
Priority: Trivial
Hi!
In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:
if (newDoc.roles && !isArray(newDoc.roles)) {
throw({forbidden: 'doc.roles must be an array'});
}
On the other hand the function iterates over the roles:
// no system roles in users db
for (var i = 0; i < newDoc.roles.length; i++) {
if (newDoc.roles[i][0] === '_') {
throw({
forbidden:
'No system roles (starting with underscore) in users db.'
});
}
}
So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.
I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess :)
Cheers,
Daniel
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (COUCHDB-1316) Error in the validate_doc_update
function of the _users db
Posted by "Jan Lehnardt (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Lehnardt reassigned COUCHDB-1316:
-------------------------------------
Assignee: Filipe Manana
> Error in the validate_doc_update function of the _users db
> ----------------------------------------------------------
>
> Key: COUCHDB-1316
> URL: https://issues.apache.org/jira/browse/COUCHDB-1316
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Affects Versions: 1.1
> Reporter: Daniel Truemper
> Assignee: Filipe Manana
> Priority: Trivial
>
> Hi!
> In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:
> if (newDoc.roles && !isArray(newDoc.roles)) {
> throw({forbidden: 'doc.roles must be an array'});
> }
> On the other hand the function iterates over the roles:
> // no system roles in users db
> for (var i = 0; i < newDoc.roles.length; i++) {
> if (newDoc.roles[i][0] === '_') {
> throw({
> forbidden:
> 'No system roles (starting with underscore) in users db.'
> });
> }
> }
> So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.
> I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess :)
> Cheers,
> Daniel
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1316) Error in the validate_doc_update
function of the _users db
Posted by "Filipe Manana (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1316?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139330#comment-13139330 ]
Filipe Manana commented on COUCHDB-1316:
----------------------------------------
Looks good to me Jan
> Error in the validate_doc_update function of the _users db
> ----------------------------------------------------------
>
> Key: COUCHDB-1316
> URL: https://issues.apache.org/jira/browse/COUCHDB-1316
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Affects Versions: 1.1
> Reporter: Daniel Truemper
> Assignee: Filipe Manana
> Priority: Trivial
>
> Hi!
> In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:
> if (newDoc.roles && !isArray(newDoc.roles)) {
> throw({forbidden: 'doc.roles must be an array'});
> }
> On the other hand the function iterates over the roles:
> // no system roles in users db
> for (var i = 0; i < newDoc.roles.length; i++) {
> if (newDoc.roles[i][0] === '_') {
> throw({
> forbidden:
> 'No system roles (starting with underscore) in users db.'
> });
> }
> }
> So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.
> I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess :)
> Cheers,
> Daniel
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1316) Error in the validate_doc_update
function of the _users db
Posted by "Jan Lehnardt (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1316?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139320#comment-13139320 ]
Jan Lehnardt commented on COUCHDB-1316:
---------------------------------------
Good catch, http://git-wip-us.apache.org/repos/asf/couchdb/repo?p=couchdb.git;a=commit;h=b25cb7456e52dbce94d30da9b0c6f810cccf5a60 fixes the validation function and a sets a default for couch_util:get_value() in the auth cache to [] (instead of the undefined atom).
I'd appreciate a review from Filipe here :)
> Error in the validate_doc_update function of the _users db
> ----------------------------------------------------------
>
> Key: COUCHDB-1316
> URL: https://issues.apache.org/jira/browse/COUCHDB-1316
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Affects Versions: 1.1
> Reporter: Daniel Truemper
> Priority: Trivial
>
> Hi!
> In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:
> if (newDoc.roles && !isArray(newDoc.roles)) {
> throw({forbidden: 'doc.roles must be an array'});
> }
> On the other hand the function iterates over the roles:
> // no system roles in users db
> for (var i = 0; i < newDoc.roles.length; i++) {
> if (newDoc.roles[i][0] === '_') {
> throw({
> forbidden:
> 'No system roles (starting with underscore) in users db.'
> });
> }
> }
> So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.
> I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess :)
> Cheers,
> Daniel
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira