You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by kx...@apache.org on 2015/02/27 15:49:03 UTC
[1/4] couchdb-global-changes git commit: Introduce an `allowed_owner`
hook
Repository: couchdb-global-changes
Updated Branches:
refs/heads/master 0e9c3eb15 -> a7a45633e
Introduce an `allowed_owner` hook
COUCHDB-2585
Project: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/commit/9c867e88
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/tree/9c867e88
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/diff/9c867e88
Branch: refs/heads/master
Commit: 9c867e88779f8976631882680db9abd865d04b75
Parents: 0e9c3eb
Author: ILYA Khlopotov <ii...@ca.ibm.com>
Authored: Mon Feb 16 12:05:57 2015 -0800
Committer: ILYA Khlopotov <ii...@ca.ibm.com>
Committed: Mon Feb 16 12:05:57 2015 -0800
----------------------------------------------------------------------
src/global_changes_httpd.erl | 13 ++-
test/global_changes_hooks_tests.erl | 142 +++++++++++++++++++++++++++++++
2 files changed, 153 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/blob/9c867e88/src/global_changes_httpd.erl
----------------------------------------------------------------------
diff --git a/src/global_changes_httpd.erl b/src/global_changes_httpd.erl
index af25b7c..be6cfdc 100644
--- a/src/global_changes_httpd.erl
+++ b/src/global_changes_httpd.erl
@@ -41,9 +41,9 @@ handle_global_changes_req(#httpd{method='GET'}=Req) ->
Limit = couch_util:get_value(limit, Options),
%Options1 = lists:keydelete(limit, 1, Options),
Options1 = Options,
- chttpd:verify_is_server_admin(Req),
+ Owner = allowed_owner(Req),
Acc = #acc{
- username=admin,
+ username=Owner,
feed=Feed,
resp=Req,
heartbeat_interval=Heartbeat,
@@ -248,3 +248,12 @@ to_non_neg_int(Value) ->
catch error:badarg ->
throw({bad_request, invalid_integer})
end.
+
+allowed_owner(Req) ->
+ case application:get_env(global_changes, allowed_owner) of
+ undefined ->
+ chttpd:verify_is_server_admin(Req),
+ admin;
+ {ok, {M, F, A}} ->
+ M:F(Req, A)
+ end.
http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/blob/9c867e88/test/global_changes_hooks_tests.erl
----------------------------------------------------------------------
diff --git a/test/global_changes_hooks_tests.erl b/test/global_changes_hooks_tests.erl
new file mode 100644
index 0000000..3b6ccbc
--- /dev/null
+++ b/test/global_changes_hooks_tests.erl
@@ -0,0 +1,142 @@
+-module(global_changes_hooks_tests).
+
+-include_lib("couch/include/couch_eunit.hrl").
+-include_lib("couch/include/couch_db.hrl").
+
+-export([allowed_owner/2]).
+
+start() ->
+ Ctx = test_util:start_couch([chttpd]),
+ DbName = ?tempdb(),
+ ok = fabric:create_db(DbName, [?ADMIN_CTX]),
+ application:set_env(global_changes, dbname, DbName),
+ {Ctx, DbName}.
+
+stop({Ctx, DbName}) ->
+ ok = fabric:delete_db(DbName, [?ADMIN_CTX]),
+ test_util:stop_couch(Ctx),
+ ok.
+
+setup(default) ->
+ add_admin("admin", <<"pass">>),
+ config:delete("couch_httpd_auth", "authentication_redirect", false),
+ config:set("couch_httpd_auth", "require_valid_user", "false", false),
+ get_host();
+setup(A) ->
+ Host = setup(default),
+ ok = application:set_env(global_changes, allowed_owner,
+ {?MODULE, allowed_owner, A}),
+ Host.
+
+teardown(_) ->
+ delete_admin("admin"),
+ application:unset_env(global_changes, allowed_owner),
+ ok.
+
+allowed_owner(Req, "throw") ->
+ throw({unauthorized, <<"Exception thrown.">>});
+allowed_owner(Req, "pass") ->
+ "super".
+
+allowed_owner_hook_test_() ->
+ {
+ "Check allowed_owner hook",
+ {
+ setup,
+ fun start/0, fun stop/1,
+ [
+ disabled_allowed_owner_integration_point(),
+ enabled_allowed_owner_integration_point()
+ ]
+ }
+ }.
+
+disabled_allowed_owner_integration_point() ->
+ {
+ "disabled allowed_owner integration point",
+ {
+ foreach,
+ fun() -> setup(default) end, fun teardown/1,
+ [
+ fun should_not_fail_for_admin/1,
+ fun should_fail_for_non_admin/1
+ ]
+ }
+ }.
+
+enabled_allowed_owner_integration_point() ->
+ {
+ "enabled allowed_owner integration point",
+ [
+ {
+ foreach,
+ fun() -> setup("throw") end, fun teardown/1,
+ [fun should_throw/1]
+ },
+ {
+ foreach,
+ fun() -> setup("pass") end, fun teardown/1,
+ [fun should_pass/1]
+ }
+ ]
+ }.
+
+should_not_fail_for_admin(Host) ->
+ ?_test(begin
+ Headers = [{basic_auth, {"admin", "pass"}}],
+ {Status, [Error, Reason]} =
+ request(Host, Headers, [<<"error">>, <<"reason">>]),
+ ?assertEqual(200, Status),
+ ?assertEqual(undefined, Error),
+ ?assertEqual(undefined, Reason)
+ end).
+
+should_fail_for_non_admin(Host) ->
+ ?_test(begin
+ Headers = [],
+ {Status, [Error, Reason]} =
+ request(Host, Headers, [<<"error">>, <<"reason">>]),
+ ?assertEqual(401, Status),
+ ?assertEqual(<<"unauthorized">>, Error),
+ ?assertEqual(<<"You are not a server admin.">>, Reason)
+ end).
+
+should_pass(Host) ->
+ ?_test(begin
+ Headers = [{basic_auth, {"admin", "pass"}}],
+ {Status, [Error, Reason]} =
+ request(Host, Headers, [<<"error">>, <<"reason">>]),
+ ?assertEqual(200, Status),
+ ?assertEqual(undefined, Error),
+ ?assertEqual(undefined, Reason)
+ end).
+
+should_throw(Host) ->
+ ?_test(begin
+ Headers = [{basic_auth, {"admin", "pass"}}],
+ {Status, [Error, Reason]} =
+ request(Host, Headers, [<<"error">>, <<"reason">>]),
+ ?assertEqual(401, Status),
+ ?assertEqual(<<"unauthorized">>, Error),
+ ?assertEqual(<<"Exception thrown.">>, Reason)
+ end).
+
+request(Host, Headers, ToDecode) ->
+ Url = Host ++ "/_db_updates",
+ {ok, Status, _Headers, BinBody} = test_request:get(Url, Headers),
+ {Body} = jiffy:decode(BinBody),
+ Values = [couch_util:get_value(Key, Body) || Key <- ToDecode],
+ {Status, Values}.
+
+add_admin(User, Pass) ->
+ Hashed = couch_passwords:hash_admin_password(Pass),
+ config:set("admins", User, ?b2l(Hashed), false).
+
+delete_admin(User) ->
+ config:delete("admins", User, false).
+
+get_host() ->
+ Addr = config:get("httpd", "bind_address", "127.0.0.1"),
+ Port = config:get("chttpd", "port", "5984"),
+ Host = "http://" ++ Addr ++ ":" ++ Port,
+ Host.
[2/4] couchdb-global-changes git commit: Use `config` module for
`allowed_owner` setting
Posted by kx...@apache.org.
Use `config` module for `allowed_owner` setting
COUCHDB-2585
Project: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/commit/861fade1
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/tree/861fade1
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/diff/861fade1
Branch: refs/heads/master
Commit: 861fade15517e2edac4fc96ec3cc164083ca6ab7
Parents: 9c867e8
Author: ILYA Khlopotov <ii...@ca.ibm.com>
Authored: Wed Feb 18 07:48:16 2015 -0800
Committer: ILYA Khlopotov <ii...@ca.ibm.com>
Committed: Wed Feb 18 07:48:16 2015 -0800
----------------------------------------------------------------------
src/global_changes_httpd.erl | 5 +++--
test/global_changes_hooks_tests.erl | 8 +++++---
2 files changed, 8 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/blob/861fade1/src/global_changes_httpd.erl
----------------------------------------------------------------------
diff --git a/src/global_changes_httpd.erl b/src/global_changes_httpd.erl
index be6cfdc..00f87af 100644
--- a/src/global_changes_httpd.erl
+++ b/src/global_changes_httpd.erl
@@ -250,10 +250,11 @@ to_non_neg_int(Value) ->
end.
allowed_owner(Req) ->
- case application:get_env(global_changes, allowed_owner) of
+ case config:get("global_changes", "allowed_owner", undefined) of
undefined ->
chttpd:verify_is_server_admin(Req),
admin;
- {ok, {M, F, A}} ->
+ SpecStr ->
+ {ok, {M, F, A}} = couch_util:parse_term(SpecStr),
M:F(Req, A)
end.
http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/blob/861fade1/test/global_changes_hooks_tests.erl
----------------------------------------------------------------------
diff --git a/test/global_changes_hooks_tests.erl b/test/global_changes_hooks_tests.erl
index 3b6ccbc..5dd42e2 100644
--- a/test/global_changes_hooks_tests.erl
+++ b/test/global_changes_hooks_tests.erl
@@ -5,6 +5,8 @@
-export([allowed_owner/2]).
+-define(t2l(V), lists:flatten(io_lib:format("~p", [V]))).
+
start() ->
Ctx = test_util:start_couch([chttpd]),
DbName = ?tempdb(),
@@ -24,13 +26,13 @@ setup(default) ->
get_host();
setup(A) ->
Host = setup(default),
- ok = application:set_env(global_changes, allowed_owner,
- {?MODULE, allowed_owner, A}),
+ ok = config:set("global_changes", "allowed_owner",
+ ?t2l({?MODULE, allowed_owner, A}), false),
Host.
teardown(_) ->
delete_admin("admin"),
- application:unset_env(global_changes, allowed_owner),
+ config:delete("global_changes", "allowed_owner", false),
ok.
allowed_owner(Req, "throw") ->
[3/4] couchdb-global-changes git commit: Validate callback defined
Posted by kx...@apache.org.
Validate callback defined
COUCHDB-2585
Project: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/commit/cedf542a
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/tree/cedf542a
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/diff/cedf542a
Branch: refs/heads/master
Commit: cedf542a341bac6a30b33532ca95f49f5ea898c1
Parents: 861fade
Author: ILYA Khlopotov <ii...@ca.ibm.com>
Authored: Tue Feb 24 13:17:54 2015 -0800
Committer: ILYA Khlopotov <ii...@ca.ibm.com>
Committed: Tue Feb 24 13:17:54 2015 -0800
----------------------------------------------------------------------
src/global_changes_httpd.erl | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/blob/cedf542a/src/global_changes_httpd.erl
----------------------------------------------------------------------
diff --git a/src/global_changes_httpd.erl b/src/global_changes_httpd.erl
index 00f87af..35572a8 100644
--- a/src/global_changes_httpd.erl
+++ b/src/global_changes_httpd.erl
@@ -256,5 +256,6 @@ allowed_owner(Req) ->
admin;
SpecStr ->
{ok, {M, F, A}} = couch_util:parse_term(SpecStr),
+ couch_util:validate_callback_exists(M, F, 2),
M:F(Req, A)
end.
[4/4] couchdb-global-changes git commit: Merge remote-tracking branch
'iilyak/2585-allowed_owner-hook'
Posted by kx...@apache.org.
Merge remote-tracking branch 'iilyak/2585-allowed_owner-hook'
This closes #3
Project: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/commit/a7a45633
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/tree/a7a45633
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-global-changes/diff/a7a45633
Branch: refs/heads/master
Commit: a7a45633e2c331f2b6984e079dc9cfc393e80ced
Parents: 0e9c3eb cedf542
Author: Alexander Shorin <kx...@apache.org>
Authored: Fri Feb 27 17:47:48 2015 +0300
Committer: Alexander Shorin <kx...@apache.org>
Committed: Fri Feb 27 17:47:48 2015 +0300
----------------------------------------------------------------------
src/global_changes_httpd.erl | 15 +++-
test/global_changes_hooks_tests.erl | 144 +++++++++++++++++++++++++++++++
2 files changed, 157 insertions(+), 2 deletions(-)
----------------------------------------------------------------------