You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by Apache Wiki <wi...@apache.org> on 2011/07/21 20:22:39 UTC

[Couchdb Wiki] Update of "Document_Update_Validation" by GabrielLesperance

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Document_Update_Validation" page has been changed by GabrielLesperance:
http://wiki.apache.org/couchdb/Document_Update_Validation?action=diff&rev1=4&rev2=5

  = Document Update Validation =
  <<TableOfContents()>>
  
- A design document may define a member function called "validate_doc_update". Requests to create or update a document are validated against every "validate_doc_update" function defined in the database. The validation functions are executed in an unspecified order. A design document can contain only one validation function. Errors are thrown as javascript objects. 
+ A design document may define a member function called "validate_doc_update". Requests to create or update a document are validated against every "validate_doc_update" function defined in the database. The validation functions are executed in an unspecified order. A design document can contain only one validation function. Errors are thrown as javascript objects.
  
  Example of a design document that validates the presence of an "address" field and returns :
  
@@ -16, +16 @@

        }"
  }
  }}}
+ The result of a document update without the address field will look like this:
  
- The result of a document update without the address field will look like this:
  {{{
  HTTP/1.1 403 Forbidden
  WWW-Authenticate: Basic realm="administrator"
@@ -27, +27 @@

  Content-Length: 57
  Cache-Control: must-revalidate
  
- {"error":"forbbiden","reason":"Document must have an address."} 
+ {"error":"forbidden","reason":"Document must have an address."}
  }}}
+ The "validate_doc_update" function accepts three arguments:
  
- 
- The "validate_doc_update" function accepts three arguments:
   1. newDoc - The document to be created or used for update.
   1. oldDoc - The current document if document id was specified in the HTTP request
   1. userCtx - User context object, which contains three properties:
-    a. db - String name of database
+   a. db - String name of database
-    a. name - String user name
+   a. name - String user name
-    a. roles - Array of roles to which user belongs. Currently only admin role is supported.
+   a. roles - Array of roles to which user belongs. Currently only admin role is supported.
- 
  
  == Toolbox ==
  Some of these functions are found in http://guide.couchdb.org/draft/validation.html . Use them inside your validate_doc_update functions.
+ 
  {{{
- 
    function required(field, message /* optional */) {
      message = message || "Document must have a " + field;
      if (!newDoc[field]) throw({forbidden : message});
@@ -57, +55 @@

    function user_is(role) {
      return userCtx.roles.indexOf(role) >= 0;
    }
- 
  }}}
- 
  Here is a validation function I use to manage update Authorization using the roles as an ACL. A user may modify documents for which the accounts listed in his "roles" ACL are a prefix of the account specified.
  
  {{{