You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "Randall Leeds (JIRA)" <ji...@apache.org> on 2012/10/10 22:11:04 UTC

[jira] [Resolved] (COUCHDB-1155) Etag send by list function does not depend on userCtx

     [ https://issues.apache.org/jira/browse/COUCHDB-1155?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Randall Leeds resolved COUCHDB-1155.
------------------------------------

       Resolution: Duplicate
    Fix Version/s: 1.3
    
> Etag send by list function does not depend on userCtx
> -----------------------------------------------------
>
>                 Key: COUCHDB-1155
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1155
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>    Affects Versions: 1.0.2
>            Reporter: Johannes J. Schmidt
>            Assignee: Randall Leeds
>             Fix For: 1.3
>
>
> List functions should send a different Etag when requested by different users.
> The following curl session shows identical Etags for different users. CouchDB must not be in admin party mode.
> PROTOCOL=http
> DOMAIN="127.0.0.1:5984"
> DB=testdb
> # admin credentials for db creation
> ADMIN=admin:secure
> # this user must have an empty roles array
> USER=user:secure
> curl -XDELETE $PROTOCOL://$ADMIN@$DOMAIN/$DB
> curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB
> curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/foo -d '{"count":1}'
> curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/_design/foo -d '{ "views": { "bar": { "map": "function(doc) { emit(doc._id, null); }" } }, "lists": { "bar": "function(head, req) { return req.userCtx.name || \"anonymous\" }" }}'
> curl -s $PROTOCOL://$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep Etag
> curl -s $PROTOCOL://$USER@$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep Etag
> #=> Etag: "A1NKHA0935KMCSHFSK94EHZNL"
> #=> Etag: "A1NKHA0935KMCSHFSK94EHZNL"
> This issue is important for standalone CouchDB applications which use list functions depending on the user context, eg. showing a login button or username.
> regards
> Johannes
> PS: I tried to write a javascript test case but this issue can only be reproduced if the server is not in admin party mode, which the test suite requires. I am not so familar with those tests to temporarily change the admin party.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira