You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by Jan Lehnardt <ja...@apache.org> on 2015/06/27 14:56:58 UTC
Re: chttpd commit: updated refs/heads/add-manual-migration-logic to 73d6f33
What’s a security migration?
Best
Jan
--
> On 27 Jun 2015, at 00:40, chewbranca@apache.org wrote:
>
> Repository: couchdb-chttpd
> Updated Branches:
> refs/heads/add-manual-migration-logic [created] 73d6f3302
>
>
> Don't allow security updates during cassim migration
>
>
> Project: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/repo
> Commit: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/commit/73d6f330
> Tree: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/tree/73d6f330
> Diff: http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/diff/73d6f330
>
> Branch: refs/heads/add-manual-migration-logic
> Commit: 73d6f3302f43377bb6913265300c846aa247b2f8
> Parents: e7f9ed8
> Author: Russell Branca <ch...@apache.org>
> Authored: Fri Jun 26 22:30:23 2015 +0000
> Committer: Russell Branca <ch...@apache.org>
> Committed: Fri Jun 26 22:30:23 2015 +0000
>
> ----------------------------------------------------------------------
> src/chttpd.erl | 3 +++
> src/chttpd_db.erl | 10 +++++++---
> 2 files changed, 10 insertions(+), 3 deletions(-)
> ----------------------------------------------------------------------
>
>
> http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/73d6f330/src/chttpd.erl
> ----------------------------------------------------------------------
> diff --git a/src/chttpd.erl b/src/chttpd.erl
> index f6ce530..220f6a3 100644
> --- a/src/chttpd.erl
> +++ b/src/chttpd.erl
> @@ -806,6 +806,9 @@ error_info({missing_stub, Reason}) ->
> {412, <<"missing_stub">>, Reason};
> error_info(request_entity_too_large) ->
> {413, <<"too_large">>, <<"the request entity is too large">>};
> +error_info({error, security_migration_updates_disabled}) ->
> + {503, <<"security_migration">>, <<"Updates to security docs are disabled during "
> + "security migration.">>};
> error_info(not_implemented) ->
> {501, <<"not_implemented">>, <<"this feature is not yet implemented">>};
> error_info(timeout) ->
>
> http://git-wip-us.apache.org/repos/asf/couchdb-chttpd/blob/73d6f330/src/chttpd_db.erl
> ----------------------------------------------------------------------
> diff --git a/src/chttpd_db.erl b/src/chttpd_db.erl
> index 7f63023..e760958 100644
> --- a/src/chttpd_db.erl
> +++ b/src/chttpd_db.erl
> @@ -1436,8 +1436,8 @@ demonitor_refs(Refs) when is_list(Refs) ->
> %% record makes it difficult to separate. This function should be refactored and
> %% moved into cassim once couch_doc_from_req and update_doc are reworked.
> put_security(#httpd{user_ctx=Ctx}=Req, Db, FetchRev) ->
> - case cassim:is_enabled() of
> - true ->
> + case {cassim:is_enabled(), cassim:metadata_db_exists()} of
> + {true, true} ->
> DbName = Db#db.name,
> DocId = cassim_metadata_cache:security_meta_id(DbName),
> {SecObj0} = chttpd:json_body(Req),
> @@ -1467,7 +1467,11 @@ put_security(#httpd{user_ctx=Ctx}=Req, Db, FetchRev) ->
> HttpCode = http_code_from_status(Status),
> ResponseHeaders = [{"Etag", Etag}],
> send_json(Req, HttpCode, ResponseHeaders, Body);
> - false ->
> + {false, true} ->
> + throw({error, security_migration_updates_disabled});
> + %% handle completely disabled case and also cassim setting enabled but
> + %% metadata db does not exist.
> + _ ->
> SecObj = chttpd:json_body(Req),
> case fabric:set_security(Db, SecObj, [{user_ctx, Ctx}]) of
> ok ->
>
--
Professional Support for Apache CouchDB:
http://www.neighbourhood.ie/couchdb-support/