You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by "Mike Wallace (JIRA)" <ji...@apache.org> on 2016/02/10 13:14:18 UTC
[jira] [Resolved] (COUCHDB-2948) Internal server error returned
instead of 403 Forbidden when cassim is disabled
[ https://issues.apache.org/jira/browse/COUCHDB-2948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mike Wallace resolved COUCHDB-2948.
-----------------------------------
Resolution: Fixed
Fix Version/s: 2.0.0
> Internal server error returned instead of 403 Forbidden when cassim is disabled
> -------------------------------------------------------------------------------
>
> Key: COUCHDB-2948
> URL: https://issues.apache.org/jira/browse/COUCHDB-2948
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Reporter: Mike Wallace
> Fix For: 2.0.0
>
>
> When cassim is disabled and an authenticated user attempts to access a database that they do not have permission to access, we should be returning an HTTP 403, e.g.:
> {"error":"forbidden","reason":"You are not allowed to access this db."}
> Currently we get the following:
> {"error":"internal_server_error","reason":"No DB shards could be opened.","ref":1865933553}
> What is happening is we're attempting to open all the shards with the user context then throwing an internal server error when we run out of shards:
> https://github.com/apache/couchdb-fabric/blob/master/src/fabric_util.erl#L179-L180
> There is a special case for unauthorized errors: https://github.com/apache/couchdb-fabric/blob/master/src/fabric_util.erl#L188-L189
> If we add something similar for forbidden errors then that would solve this issue.
> Note this is not an issue when using cassim because it stores the security metadata in the _metadata database.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)