You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by ja...@apache.org on 2020/04/26 06:16:46 UTC

[couchdb] branch origin/session-info-auth-db-3.x created (now af14885)

This is an automated email from the ASF dual-hosted git repository.

jaydoane pushed a change to branch origin/session-info-auth-db-3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git.


      at af14885  Report the chttpd_auth authentication db in session info

This branch includes the following new commits:

     new af14885  Report the chttpd_auth authentication db in session info

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[couchdb] 01/01: Report the chttpd_auth authentication db in session info

Posted by ja...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

jaydoane pushed a commit to branch origin/session-info-auth-db-3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit af1488573ef8b48b43341b399df64dc5721e255b
Author: Jay Doane <ja...@apache.org>
AuthorDate: Sat Apr 25 19:10:16 2020 -0700

    Report the chttpd_auth authentication db in session info
    
    Currently, result of GET `/_session` reports the `authentication_db` of
    the obsolete admin port 5986. This updates it to report the actual db
    used for authentication, provided it is configured. Otherwise, it omits
    `authentication_db` entirely from the session info.
    
    (cherry picked from commit 1e9d0e3c1828d828bb3e8efdbbbd2e348ff518f2)
---
 src/chttpd/test/eunit/chttpd_session_tests.erl | 74 ++++++++++++++++++++++++++
 src/chttpd/test/eunit/chttpd_test.hrl          | 35 ++++++++++++
 src/couch/src/couch_httpd_auth.erl             |  3 +-
 3 files changed, 111 insertions(+), 1 deletion(-)

diff --git a/src/chttpd/test/eunit/chttpd_session_tests.erl b/src/chttpd/test/eunit/chttpd_session_tests.erl
new file mode 100644
index 0000000..a802d9e
--- /dev/null
+++ b/src/chttpd/test/eunit/chttpd_session_tests.erl
@@ -0,0 +1,74 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(chttpd_session_tests).
+
+-include_lib("couch/include/couch_eunit.hrl").
+-include("chttpd_test.hrl").
+
+-define(USER, "chttpd_test_admin").
+-define(PASS, "pass").
+
+
+setup() ->
+    ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+    Hashed = couch_passwords:hash_admin_password(?PASS),
+    ok = config:set("admins", ?USER, binary_to_list(Hashed), _Persist=false),
+    root_url() ++ "/_session".
+
+
+cleanup(_) ->
+    ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+    ok = config:delete("admins", ?USER, _Persist=false).
+
+
+session_test_() ->
+    {
+        "Session tests",
+        {
+            setup,
+            fun() -> test_util:start_couch([fabric, chttpd]) end,
+            fun test_util:stop_couch/1,
+            {
+                foreach,
+                fun setup/0,
+                fun cleanup/1,
+                [
+                    ?TDEF_FE(session_authentication_db_absent),
+                    ?TDEF_FE(session_authentication_db_present)
+                ]
+            }
+        }
+    }.
+
+
+session_authentication_db_absent(Url) ->
+    ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+    ?assertThrow({not_found, _}, session_authentication_db(Url)).
+
+
+session_authentication_db_present(Url) ->
+    Name = "_users",
+    ok = config:set("chttpd_auth", "authentication_db", Name, false),
+    ?assertEqual(list_to_binary(Name), session_authentication_db(Url)).
+
+
+session_authentication_db(Url) ->
+    {ok, 200, _, Body} = test_request:get(Url, [{basic_auth, {?USER, ?PASS}}]),
+    couch_util:get_nested_json_value(
+        jiffy:decode(Body), [<<"info">>, <<"authentication_db">>]).
+
+
+root_url() ->
+    Addr = config:get("chttpd", "bind_address", "127.0.0.1"),
+    Port = mochiweb_socket_server:get(chttpd, port),
+    lists:concat(["http://", Addr, ":", Port]).
diff --git a/src/chttpd/test/eunit/chttpd_test.hrl b/src/chttpd/test/eunit/chttpd_test.hrl
new file mode 100644
index 0000000..6db97ec
--- /dev/null
+++ b/src/chttpd/test/eunit/chttpd_test.hrl
@@ -0,0 +1,35 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+
+% Borrowed from fabric2_test.hrl
+
+% Some test modules do not use with, so squash the unused fun compiler warning
+-compile([{nowarn_unused_function, [{with, 1}]}]).
+
+
+-define(TDEF(Name), {atom_to_list(Name), fun Name/1}).
+-define(TDEF(Name, Timeout), {atom_to_list(Name), Timeout, fun Name/1}).
+
+-define(TDEF_FE(Name), fun(Arg) -> {atom_to_list(Name), ?_test(Name(Arg))} end).
+-define(TDEF_FE(Name, Timeout), fun(Arg) -> {atom_to_list(Name), {timeout, Timeout, ?_test(Name(Arg))}} end).
+
+
+with(Tests) ->
+    fun(ArgsTuple) ->
+        lists:map(fun
+            ({Name, Fun}) ->
+                {Name, ?_test(Fun(ArgsTuple))};
+            ({Name, Timeout, Fun}) ->
+                {Name, {timeout, Timeout, ?_test(Fun(ArgsTuple))}}
+        end, Tests)
+    end.
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index 2383be7..de3943f 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -384,11 +384,12 @@ handle_session_req(#httpd{method='GET', user_ctx=UserCtx}=Req, _AuthModule) ->
                     {roles, UserCtx#user_ctx.roles}
                 ]}},
                 {info, {[
-                    {authentication_db, ?l2b(config:get("couch_httpd_auth", "authentication_db"))},
                     {authentication_handlers, [
                        N || {N, _Fun} <- Req#httpd.authentication_handlers]}
                 ] ++ maybe_value(authenticated, UserCtx#user_ctx.handler, fun(Handler) ->
                         Handler
+                    end) ++ maybe_value(authentication_db, config:get("chttpd_auth", "authentication_db"), fun(Val) ->
+                        ?l2b(Val)
                     end)}}
             ]})
     end;