You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by da...@apache.org on 2019/02/07 17:58:41 UTC

[couchdb] branch master updated: Add check for repeated `partition` definitions

This is an automated email from the ASF dual-hosted git repository.

davisp pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/master by this push:
     new 7fe8bfb  Add check for repeated `partition` definitions
7fe8bfb is described below

commit 7fe8bfb6a329e4e6d460d6c2ab6455c711869e98
Author: Garren Smith <ga...@gmail.com>
AuthorDate: Tue Feb 5 16:47:39 2019 +0200

    Add check for repeated `partition` definitions
    
    This is a usability improvement. If someone specifies the a `partition`
    value in the query string that is different than the `partition` value
    in the URL path it is not clear which value would be used. This allows
    specifying it in both places as long as the query string matches the URL
    path and throws a 400 Bad Request error otherwise.
    
    Co-Authored-By: Garren Smith <ga...@gmail.com>
---
 src/chttpd/src/chttpd_db.erl             |  8 +++++++-
 test/elixir/test/partition_view_test.exs | 10 ++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/chttpd/src/chttpd_db.erl b/src/chttpd/src/chttpd_db.erl
index 7a00d2b..003b0d8 100644
--- a/src/chttpd/src/chttpd_db.erl
+++ b/src/chttpd/src/chttpd_db.erl
@@ -282,7 +282,13 @@ handle_partition_req(#httpd{path_parts=[DbName, _, PartId | Rest]}=Req, Db) ->
         true ->
             couch_partition:validate_partition(PartId),
             QS = chttpd:qs(Req),
-            NewQS = lists:ukeysort(1, [{"partition", ?b2l(PartId)} | QS]),
+            PartIdStr = ?b2l(PartId),
+            QSPartIdStr = couch_util:get_value("partition", QS, PartIdStr),
+            if QSPartIdStr == PartIdStr -> ok; true ->
+                Msg = <<"Conflicting value for `partition` in query string">>,
+                throw({bad_request, Msg})
+            end,
+            NewQS = lists:ukeysort(1, [{"partition", PartIdStr} | QS]),
             NewReq = Req#httpd{
                 path_parts = [DbName | Rest],
                 qs = NewQS
diff --git a/test/elixir/test/partition_view_test.exs b/test/elixir/test/partition_view_test.exs
index b9fbf17..0a55c24 100644
--- a/test/elixir/test/partition_view_test.exs
+++ b/test/elixir/test/partition_view_test.exs
@@ -106,6 +106,16 @@ defmodule ViewPartitionTest do
     assert Enum.dedup(partitions) == ["bar"]
   end
 
+  test "conflicting partitions in path and query string rejected", context do
+    db_name = context[:db_name]
+
+    url = "/#{db_name}/_partition/foo/_design/map/_view/some"
+    resp = Couch.get(url, query: %{partition: "bar"})
+    assert resp.status_code == 400
+    %{:body => %{"reason" => reason}} = resp
+    assert Regex.match?(~r/Conflicting value/, reason)
+  end
+
   test "query will return zero results for wrong inputs", context do
     db_name = context[:db_name]