You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by ja...@apache.org on 2020/07/26 18:10:09 UTC

[couchdb] 07/17: feat(utils): add ddoc validation fun

This is an automated email from the ASF dual-hosted git repository.

jan pushed a commit to branch feat/access-master-clean
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 0701b1afaaaa4a58ee50edcea229df963d240689
Author: Jan Lehnardt <ja...@apache.org>
AuthorDate: Sun Jul 26 19:59:27 2020 +0200

    feat(utils): add ddoc validation fun
---
 src/couch/src/couch_util.erl | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/couch/src/couch_util.erl b/src/couch/src/couch_util.erl
index dffb681..dbd7755 100644
--- a/src/couch/src/couch_util.erl
+++ b/src/couch/src/couch_util.erl
@@ -40,6 +40,7 @@
 -export([check_md5/2]).
 -export([set_mqd_off_heap/1]).
 -export([set_process_priority/2]).
+-export([validate_design_access/1, validate_design_access/2]).
 
 -include_lib("couch/include/couch_db.hrl").
 
@@ -763,3 +764,16 @@ check_config_blacklist(Section) ->
     _ ->
         ok
     end.
+
+validate_design_access(DDoc) ->
+    validate_design_access1(DDoc, true).
+
+validate_design_access(Db, DDoc) ->
+    validate_design_access1(DDoc, couch_db:has_access_enabled(Db)).
+
+validate_design_access1(_DDoc, false) -> ok;
+validate_design_access1(DDoc, true) ->
+    is_users_ddoc(DDoc).
+
+is_users_ddoc(#doc{access=[<<"_users">>]}) -> ok;
+is_users_ddoc(_) -> throw({forbidden, <<"per-user ddoc access">>}).