You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2020/07/26 18:10:09 UTC
[couchdb] 07/17: feat(utils): add ddoc validation fun
This is an automated email from the ASF dual-hosted git repository.
jan pushed a commit to branch feat/access-master-clean
in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 0701b1afaaaa4a58ee50edcea229df963d240689
Author: Jan Lehnardt <ja...@apache.org>
AuthorDate: Sun Jul 26 19:59:27 2020 +0200
feat(utils): add ddoc validation fun
---
src/couch/src/couch_util.erl | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/couch/src/couch_util.erl b/src/couch/src/couch_util.erl
index dffb681..dbd7755 100644
--- a/src/couch/src/couch_util.erl
+++ b/src/couch/src/couch_util.erl
@@ -40,6 +40,7 @@
-export([check_md5/2]).
-export([set_mqd_off_heap/1]).
-export([set_process_priority/2]).
+-export([validate_design_access/1, validate_design_access/2]).
-include_lib("couch/include/couch_db.hrl").
@@ -763,3 +764,16 @@ check_config_blacklist(Section) ->
_ ->
ok
end.
+
+validate_design_access(DDoc) ->
+ validate_design_access1(DDoc, true).
+
+validate_design_access(Db, DDoc) ->
+ validate_design_access1(DDoc, couch_db:has_access_enabled(Db)).
+
+validate_design_access1(_DDoc, false) -> ok;
+validate_design_access1(DDoc, true) ->
+ is_users_ddoc(DDoc).
+
+is_users_ddoc(#doc{access=[<<"_users">>]}) -> ok;
+is_users_ddoc(_) -> throw({forbidden, <<"per-user ddoc access">>}).