You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2022/06/21 09:47:15 UTC
[GitHub] [couchdb] big-r81 commented on a diff in pull request #4070: Fix #3960
big-r81 commented on code in PR #4070:
URL: https://github.com/apache/couchdb/pull/4070#discussion_r902404844
##########
src/couch/src/couch_db.erl:
##########
@@ -742,18 +742,16 @@ is_authorized(#user_ctx{name = UserName, roles = UserRoles}, Security) ->
false -> check_security(names, UserName, Names)
end.
-check_security(roles, [], _) ->
- false;
-check_security(roles, UserRoles, Roles) ->
+check_security(roles, [_ | _] = UserRoles, [_ | _] = Roles) ->
UserRolesSet = ordsets:from_list(UserRoles),
RolesSet = ordsets:from_list(Roles),
not ordsets:is_disjoint(UserRolesSet, RolesSet);
-check_security(names, _, []) ->
- false;
-check_security(names, null, _) ->
+check_security(roles, _, _) ->
false;
-check_security(names, UserName, Names) ->
- lists:member(UserName, Names).
+check_security(names, UserName, [_ | _] = Names) ->
+ lists:member(UserName, Names);
+check_security(names, _, _) ->
Review Comment:
Then I would change the `names` clause back to
```
check_security(names, UserName, [_ | _] = Names) ->
lists:member(UserName, Names);
check_security(names, null, _) ->
false;
check_security(names, _, _) ->
```
Then we should have the same behavior for `names` and automaticall check `UserRoles`. `Roles` and `Names` for lists with the Robot Butt Role... ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@couchdb.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org