You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ii...@apache.org on 2016/11/11 14:34:43 UTC
[1/2] couch commit: updated refs/heads/master to 8f53c1f
Repository: couchdb-couch
Updated Branches:
refs/heads/master 7dbc670d6 -> 8f53c1fc9
Allow fixing users' documents
Allow adding missing fields:
- type
- roles
Allow update of the type field from incorrect value to the correct one
(currently it suppose to have value 'user').
COUCHDB-3231
Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/5763fd77
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/5763fd77
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/5763fd77
Branch: refs/heads/master
Commit: 5763fd772e1dad300cbe66a7b8c48d62bd0417e6
Parents: 7dbc670
Author: ILYA Khlopotov <ii...@apache.org>
Authored: Thu Nov 10 15:02:51 2016 -0800
Committer: ILYA Khlopotov <ii...@apache.org>
Committed: Thu Nov 10 16:59:37 2016 -0800
----------------------------------------------------------------------
include/couch_js_functions.hrl | 4 +-
test/couch_auth_cache_tests.erl | 116 +++++++++++++++++++++++++++++++++++
2 files changed, 118 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/5763fd77/include/couch_js_functions.hrl
----------------------------------------------------------------------
diff --git a/include/couch_js_functions.hrl b/include/couch_js_functions.hrl
index a48feae..0ae6427 100644
--- a/include/couch_js_functions.hrl
+++ b/include/couch_js_functions.hrl
@@ -23,7 +23,7 @@
}
}
- if ((oldDoc && oldDoc.type !== 'user') || newDoc.type !== 'user') {
+ if (newDoc.type !== 'user') {
throw({forbidden : 'doc.type must be user'});
} // we only allow user docs for now
@@ -108,7 +108,7 @@
});
}
// validate role updates
- var oldRoles = oldDoc.roles.sort();
+ var oldRoles = (oldDoc.roles || []).sort();
var newRoles = newDoc.roles.sort();
if (oldRoles.length !== newRoles.length) {
http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/5763fd77/test/couch_auth_cache_tests.erl
----------------------------------------------------------------------
diff --git a/test/couch_auth_cache_tests.erl b/test/couch_auth_cache_tests.erl
index bf89a88..76179de 100644
--- a/test/couch_auth_cache_tests.erl
+++ b/test/couch_auth_cache_tests.erl
@@ -58,6 +58,81 @@ couch_auth_cache_test_() ->
}
}.
+auth_vdu_test_() ->
+ Cases = [
+ %% Old , New , Result
+ %% [Roles, Type] , [Roles, Type] ,
+
+ %% Updating valid user doc with valid one
+ {[custom, user], [custom, user], "ok"},
+
+ %% Updating invalid doc (missing type or roles field) with valid one
+ {[missing, missing], [custom, user], "ok"},
+ {[missing, user], [custom, user], "ok"},
+ {[custom, missing], [custom, user], "ok"},
+
+ %% Updating invalid doc (wrong type) with valid one
+ {[missing, other], [custom, user], "ok"},
+ {[custom, other], [custom, user], "ok"},
+
+ %% Updating valid document with invalid one
+ {[custom, user], [missing, missing], "doc.type must be user"},
+ {[custom, user], [missing, user], "doc.roles must exist"},
+ {[custom, user], [custom, missing], "doc.type must be user"},
+ {[custom, user], [missing, other], "doc.type must be user"},
+ {[custom, user], [custom, other], "doc.type must be user"},
+
+ %% Updating invalid doc with invalid one
+ {[missing, missing], [missing, missing], "doc.type must be user"},
+ {[missing, missing], [missing, user], "doc.roles must exist"},
+ {[missing, missing], [custom, missing], "doc.type must be user"},
+ {[missing, missing], [missing, other], "doc.type must be user"},
+ {[missing, missing], [custom, other], "doc.type must be user"},
+
+ {[missing, user], [missing, missing], "doc.type must be user"},
+ {[missing, user], [missing, user], "doc.roles must exist"},
+ {[missing, user], [custom, missing], "doc.type must be user"},
+ {[missing, user], [missing, other], "doc.type must be user"},
+ {[missing, user], [custom, other], "doc.type must be user"},
+
+ {[missing, other], [missing, missing], "doc.type must be user"},
+ {[missing, other], [missing, user], "doc.roles must exist"},
+ {[missing, other], [custom, missing], "doc.type must be user"},
+ {[missing, other], [missing, other], "doc.type must be user"},
+ {[missing, other], [custom, other], "doc.type must be user"},
+
+ {[custom, missing], [missing, missing], "doc.type must be user"},
+ {[custom, missing], [missing, user], "doc.roles must exist"},
+ {[custom, missing], [custom, missing], "doc.type must be user"},
+ {[custom, missing], [missing, other], "doc.type must be user"},
+ {[custom, missing], [custom, other], "doc.type must be user"},
+
+ {[custom, other], [missing, missing], "doc.type must be user"},
+ {[custom, other], [missing, user], "doc.roles must exist"},
+ {[custom, other], [custom, missing], "doc.type must be user"},
+ {[custom, other], [missing, other], "doc.type must be user"},
+ {[custom, other], [custom, other], "doc.type must be user"}
+ ],
+
+ %% Make sure we covered all combinations
+ AllPossibleDocs = couch_tests_combinatorics:product([
+ [missing, custom],
+ [missing, user, other]
+ ]),
+ AllPossibleCases = couch_tests_combinatorics:product(
+ [AllPossibleDocs, AllPossibleDocs]),
+ ?assertEqual([], AllPossibleCases -- [[A, B] || {A, B, _} <- Cases]),
+
+ {
+ "Check User doc validation",
+ {
+ setup,
+ fun test_util:start_couch/0, fun test_util:stop_couch/1,
+ [
+ make_validate_test(Case) || Case <- Cases
+ ]
+ }
+ }.
should_get_nil_on_missed_cache(_) ->
?_assertEqual(nil, couch_auth_cache:get_user_creds("joe")).
@@ -238,3 +313,44 @@ is_opened(DbName) ->
Monitors = couch_db:monitored_by(AuthDb) -- [self()],
ok = couch_db:close(AuthDb),
Monitors /= [].
+
+make_validate_test({Old, New, "ok"} = Case) ->
+ {test_id(Case), ?_assertEqual(ok, validate(doc(Old), doc(New)))};
+make_validate_test({Old, New, Reason} = Case) ->
+ Failure = ?l2b(Reason),
+ {test_id(Case), ?_assertThrow({forbidden, Failure}, validate(doc(Old), doc(New)))}.
+
+test_id({[OldRoles, OldType], [NewRoles, NewType], Result}) ->
+ lists:flatten(io_lib:format(
+ "(roles: ~w, type: ~w) -> (roles: ~w, type: ~w) ==> \"~s\"",
+ [OldRoles, OldType, NewRoles, NewType, Result])).
+
+doc([Roles, Type]) ->
+ couch_doc:from_json_obj({[
+ {<<"_id">>,<<"org.couchdb.user:foo">>},
+ {<<"_rev">>,<<"1-281c81adb1bf10927a6160f246dc0468">>},
+ {<<"name">>,<<"foo">>},
+ {<<"password_scheme">>,<<"simple">>},
+ {<<"salt">>,<<"00000000000000000000000000000000">>},
+ {<<"password_sha">>, <<"111111111111111111111111111111111111">>}]
+ ++ type(Type) ++ roles(Roles)}).
+
+roles(custom) -> [{<<"roles">>, [<<"custom">>]}];
+roles(missing) -> [].
+
+type(user) -> [{<<"type">>, <<"user">>}];
+type(other) -> [{<<"type">>, <<"other">>}];
+type(missing) -> [].
+
+validate(DiskDoc, NewDoc) ->
+ JSONCtx = {[
+ {<<"db">>, <<"foo/bar">>},
+ {<<"name">>, <<"foo">>},
+ {<<"roles">>, [<<"_admin">>]}
+ ]},
+ validate(DiskDoc, NewDoc, JSONCtx).
+
+validate(DiskDoc, NewDoc, JSONCtx) ->
+ {ok, DDoc0} = couch_auth_cache:auth_design_doc(<<"_design/anything">>),
+ DDoc = DDoc0#doc{revs = {1, [<<>>]}},
+ couch_query_servers:validate_doc_update(DDoc, NewDoc, DiskDoc, JSONCtx, []).
[2/2] couch commit: updated refs/heads/master to 8f53c1f
Posted by ii...@apache.org.
Merge remote branch 'cloudant:78142-allow-user-to-correct-invalid-user-docs'
This closes #211
Signed-off-by: ILYA Khlopotov <ii...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/8f53c1fc
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/8f53c1fc
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/8f53c1fc
Branch: refs/heads/master
Commit: 8f53c1fc97f36dc88c150768d1544d1fbf8d675e
Parents: 7dbc670 5763fd7
Author: ILYA Khlopotov <ii...@apache.org>
Authored: Fri Nov 11 06:34:25 2016 -0800
Committer: ILYA Khlopotov <ii...@apache.org>
Committed: Fri Nov 11 06:34:25 2016 -0800
----------------------------------------------------------------------
include/couch_js_functions.hrl | 4 +-
test/couch_auth_cache_tests.erl | 116 +++++++++++++++++++++++++++++++++++
2 files changed, 118 insertions(+), 2 deletions(-)
----------------------------------------------------------------------