You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wo...@apache.org on 2020/04/30 17:40:59 UTC
[couchdb] branch 3.x updated: Report the chttpd_auth authentication
db in session info (#2823)
This is an automated email from the ASF dual-hosted git repository.
wohali pushed a commit to branch 3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git
The following commit(s) were added to refs/heads/3.x by this push:
new ff0feea Report the chttpd_auth authentication db in session info (#2823)
ff0feea is described below
commit ff0feea2085190c33c3b9b82d074883a0a82bb74
Author: Jay Doane <ja...@apache.org>
AuthorDate: Thu Apr 30 10:40:50 2020 -0700
Report the chttpd_auth authentication db in session info (#2823)
Currently, result of GET `/_session` reports the `authentication_db` of
the obsolete admin port 5986. This updates it to report the actual db
used for authentication, provided it is configured. Otherwise, it omits
`authentication_db` entirely from the session info.
(cherry picked from commit 1e9d0e3c1828d828bb3e8efdbbbd2e348ff518f2)
---
src/chttpd/test/eunit/chttpd_session_tests.erl | 74 ++++++++++++++++++++++++++
src/chttpd/test/eunit/chttpd_test.hrl | 35 ++++++++++++
src/couch/src/couch_httpd_auth.erl | 3 +-
3 files changed, 111 insertions(+), 1 deletion(-)
diff --git a/src/chttpd/test/eunit/chttpd_session_tests.erl b/src/chttpd/test/eunit/chttpd_session_tests.erl
new file mode 100644
index 0000000..a802d9e
--- /dev/null
+++ b/src/chttpd/test/eunit/chttpd_session_tests.erl
@@ -0,0 +1,74 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+% http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(chttpd_session_tests).
+
+-include_lib("couch/include/couch_eunit.hrl").
+-include("chttpd_test.hrl").
+
+-define(USER, "chttpd_test_admin").
+-define(PASS, "pass").
+
+
+setup() ->
+ ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+ Hashed = couch_passwords:hash_admin_password(?PASS),
+ ok = config:set("admins", ?USER, binary_to_list(Hashed), _Persist=false),
+ root_url() ++ "/_session".
+
+
+cleanup(_) ->
+ ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+ ok = config:delete("admins", ?USER, _Persist=false).
+
+
+session_test_() ->
+ {
+ "Session tests",
+ {
+ setup,
+ fun() -> test_util:start_couch([fabric, chttpd]) end,
+ fun test_util:stop_couch/1,
+ {
+ foreach,
+ fun setup/0,
+ fun cleanup/1,
+ [
+ ?TDEF_FE(session_authentication_db_absent),
+ ?TDEF_FE(session_authentication_db_present)
+ ]
+ }
+ }
+ }.
+
+
+session_authentication_db_absent(Url) ->
+ ok = config:delete("chttpd_auth", "authentication_db", _Persist=false),
+ ?assertThrow({not_found, _}, session_authentication_db(Url)).
+
+
+session_authentication_db_present(Url) ->
+ Name = "_users",
+ ok = config:set("chttpd_auth", "authentication_db", Name, false),
+ ?assertEqual(list_to_binary(Name), session_authentication_db(Url)).
+
+
+session_authentication_db(Url) ->
+ {ok, 200, _, Body} = test_request:get(Url, [{basic_auth, {?USER, ?PASS}}]),
+ couch_util:get_nested_json_value(
+ jiffy:decode(Body), [<<"info">>, <<"authentication_db">>]).
+
+
+root_url() ->
+ Addr = config:get("chttpd", "bind_address", "127.0.0.1"),
+ Port = mochiweb_socket_server:get(chttpd, port),
+ lists:concat(["http://", Addr, ":", Port]).
diff --git a/src/chttpd/test/eunit/chttpd_test.hrl b/src/chttpd/test/eunit/chttpd_test.hrl
new file mode 100644
index 0000000..6db97ec
--- /dev/null
+++ b/src/chttpd/test/eunit/chttpd_test.hrl
@@ -0,0 +1,35 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+% http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+
+% Borrowed from fabric2_test.hrl
+
+% Some test modules do not use with, so squash the unused fun compiler warning
+-compile([{nowarn_unused_function, [{with, 1}]}]).
+
+
+-define(TDEF(Name), {atom_to_list(Name), fun Name/1}).
+-define(TDEF(Name, Timeout), {atom_to_list(Name), Timeout, fun Name/1}).
+
+-define(TDEF_FE(Name), fun(Arg) -> {atom_to_list(Name), ?_test(Name(Arg))} end).
+-define(TDEF_FE(Name, Timeout), fun(Arg) -> {atom_to_list(Name), {timeout, Timeout, ?_test(Name(Arg))}} end).
+
+
+with(Tests) ->
+ fun(ArgsTuple) ->
+ lists:map(fun
+ ({Name, Fun}) ->
+ {Name, ?_test(Fun(ArgsTuple))};
+ ({Name, Timeout, Fun}) ->
+ {Name, {timeout, Timeout, ?_test(Fun(ArgsTuple))}}
+ end, Tests)
+ end.
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index 2383be7..de3943f 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -384,11 +384,12 @@ handle_session_req(#httpd{method='GET', user_ctx=UserCtx}=Req, _AuthModule) ->
{roles, UserCtx#user_ctx.roles}
]}},
{info, {[
- {authentication_db, ?l2b(config:get("couch_httpd_auth", "authentication_db"))},
{authentication_handlers, [
N || {N, _Fun} <- Req#httpd.authentication_handlers]}
] ++ maybe_value(authenticated, UserCtx#user_ctx.handler, fun(Handler) ->
Handler
+ end) ++ maybe_value(authentication_db, config:get("chttpd_auth", "authentication_db"), fun(Val) ->
+ ?l2b(Val)
end)}}
]})
end;