You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/11/02 02:07:27 UTC

[jira] [Commented] (COUCHDB-2865) Tests in chttpd_db_test rely on implicit admin authorization

    [ https://issues.apache.org/jira/browse/COUCHDB-2865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14984618#comment-14984618 ] 

ASF GitHub Bot commented on COUCHDB-2865:
-----------------------------------------

GitHub user jaydoane opened a pull request:

    https://github.com/apache/couchdb-chttpd/pull/91

    Explicitly create admin user and authenticate requests in chttpd_db_test cases

    This patch explicitly configures an admin user and then makes all requests using that user's credentials. This approach continues to work under the CouchDB's security model, and also allows the tests to pass under Cloudant's security model.
    
    COUCHDB-2865
    BugzID: 55502

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/cloudant/couchdb-chttpd 55502-chttpd_db_test-explicit-auth

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/couchdb-chttpd/pull/91.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #91
    
----
commit 68d40cce7d89e86515dec88ff2899bafb1ee3e0c
Author: Jay Doane <ja...@gmail.com>
Date:   2015-11-02T00:59:32Z

    Explicitly create admin user and authenticate requests in chttpd_db_test cases
    
    COUCHDB-2865
    BugzID: 55502

----


> Tests in chttpd_db_test rely on implicit admin authorization
> ------------------------------------------------------------
>
>                 Key: COUCHDB-2865
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2865
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Test Suite
>            Reporter: Jay Doane
>
> These tests currently work because they assume an admin party, which will implicitly grant the requestor the <<"_admin">> role, which is sufficient to permit the actions in the test using the CouchDB security model.
> Unfortunately when the tests are run under the Cloudant security model, the <<"_admin">> role is not sufficient to create dbs, nor perform the other actions required by the tests, causing them to fail.
> These tests could be improved by explicitly configuring an admin user, and then using that user's credentials for performing requests. A pleasant side effect is that the tests will also begin to run under Cloudant's eunit test suite again. A patch is forthcoming.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)