You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2022/08/06 13:43:58 UTC
[couchdb] 03/07: feat(access): add global off switch
This is an automated email from the ASF dual-hosted git repository.
jan pushed a commit to branch feat/access-2022
in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 17ec65823276c573dd527bd0907763edbc40ae97
Author: Jan Lehnardt <ja...@apache.org>
AuthorDate: Sat Aug 6 12:48:36 2022 +0200
feat(access): add global off switch
---
rel/overlay/etc/default.ini | 4 ++++
src/chttpd/src/chttpd_db.erl | 9 +++++++--
src/couch/test/eunit/couchdb_access_tests.erl | 1 +
3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini
index cefd9e493..6888f6fad 100644
--- a/rel/overlay/etc/default.ini
+++ b/rel/overlay/etc/default.ini
@@ -328,6 +328,10 @@ authentication_db = _users
; max_iterations, password_scheme, password_regexp, proxy_use_secret,
; public_fields, secret, users_db_public, cookie_domain, same_site
+; Per document access settings
+[per_doc_access]
+;enabled = false
+
; CSP (Content Security Policy) Support
[csp]
;utils_enable = true
diff --git a/src/chttpd/src/chttpd_db.erl b/src/chttpd/src/chttpd_db.erl
index e07b58223..58c801829 100644
--- a/src/chttpd/src/chttpd_db.erl
+++ b/src/chttpd/src/chttpd_db.erl
@@ -2084,9 +2084,14 @@ parse_shards_opt("placement", Req, Default) ->
parse_shards_opt("access", Req, Value) when is_list(Value) ->
parse_shards_opt("access", Req, list_to_existing_atom(Value));
parse_shards_opt("access", _Req, Value) when is_boolean(Value) ->
- Value;
+ case config:get_boolean("per_doc_access", "enabled", false) of
+ true -> Value;
+ false ->
+ Err = ?l2b(["The `access` is not available on this CouchDB installation."]),
+ throw({bad_request, Err})
+ end;
parse_shards_opt("access", _Req, _Value) ->
- Err = ?l2b(["The woopass `access` value should be a boolean."]),
+ Err = ?l2b(["The `access` value should be a boolean."]),
throw({bad_request, Err});
parse_shards_opt(Param, Req, Default) ->
diff --git a/src/couch/test/eunit/couchdb_access_tests.erl b/src/couch/test/eunit/couchdb_access_tests.erl
index 28f27ea72..1b656499c 100644
--- a/src/couch/test/eunit/couchdb_access_tests.erl
+++ b/src/couch/test/eunit/couchdb_access_tests.erl
@@ -46,6 +46,7 @@ before_all() ->
ok = config:set("admins", "a", binary_to_list(Hashed), _Persist=false),
ok = config:set("couchdb", "uuid", "21ac467c1bc05e9d9e9d2d850bb1108f", _Persist=false),
ok = config:set("log", "level", "debug", _Persist=false),
+ ok = config:set("per_doc_access", "enabled", "true", _Persist=false),
% cleanup and setup
{ok, _, _, _} = test_request:delete(url() ++ "/db", ?ADMIN_REQ_HEADERS),