You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/11/20 09:43:11 UTC
[jira] [Commented] (COUCHDB-2897) Improve robustness of
couchdb_mrview_cors_tests
[ https://issues.apache.org/jira/browse/COUCHDB-2897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15015431#comment-15015431 ]
ASF GitHub Bot commented on COUCHDB-2897:
-----------------------------------------
GitHub user jaydoane opened a pull request:
https://github.com/apache/couchdb-couch/pull/128
Explicitly authorize test requests
Create admin user and use its credentials for requests
Use http requests to create and delete test dbs to avoid potential db
name munging issues downstream
COUCHDB-2897
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/cloudant/couchdb-couch 2897-couchdb_mrview_cors_tests-explicit-auth
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/couchdb-couch/pull/128.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #128
----
commit 988b6fc642dd058159c4af56b09afef6c6754afc
Author: Jay Doane <ja...@gmail.com>
Date: 2015-11-20T08:39:24Z
Explicitly authorize test requests
Create admin user and use its credentials for requests
Use http requests to create and delete test dbs to avoid potential db
name munging issues downstream
COUCHDB-2897
----
> Improve robustness of couchdb_mrview_cors_tests
> -----------------------------------------------
>
> Key: COUCHDB-2897
> URL: https://issues.apache.org/jira/browse/COUCHDB-2897
> Project: CouchDB
> Issue Type: Improvement
> Components: Test Suite
> Reporter: Jay Doane
>
> The current implementation assumes a certain level of implicit authorization based on admin party semantics, which is fragile in downstream projects with different security models. Additionally, the direct use of fabric to create test databases can bypass name spacing which could occur in multi-tenant configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)