You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Jan Lehnardt (Assigned) (JIRA)" <ji...@apache.org> on 2011/10/29 16:37:32 UTC
[jira] [Assigned] (COUCHDB-1316) Error in the validate_doc_update
function of the _users db
[ https://issues.apache.org/jira/browse/COUCHDB-1316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Lehnardt reassigned COUCHDB-1316:
-------------------------------------
Assignee: Filipe Manana
> Error in the validate_doc_update function of the _users db
> ----------------------------------------------------------
>
> Key: COUCHDB-1316
> URL: https://issues.apache.org/jira/browse/COUCHDB-1316
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Affects Versions: 1.1
> Reporter: Daniel Truemper
> Assignee: Filipe Manana
> Priority: Trivial
>
> Hi!
> In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:
> if (newDoc.roles && !isArray(newDoc.roles)) {
> throw({forbidden: 'doc.roles must be an array'});
> }
> On the other hand the function iterates over the roles:
> // no system roles in users db
> for (var i = 0; i < newDoc.roles.length; i++) {
> if (newDoc.roles[i][0] === '_') {
> throw({
> forbidden:
> 'No system roles (starting with underscore) in users db.'
> });
> }
> }
> So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.
> I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess :)
> Cheers,
> Daniel
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira