You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2022/06/21 16:09:18 UTC

[GitHub] [couchdb] nickva commented on a diff in pull request #4070: Prevent error:function_clause in check_security/3 if roles claim is malformed

nickva commented on code in PR #4070:
URL: https://github.com/apache/couchdb/pull/4070#discussion_r902810246


##########
src/couch/src/couch_db.erl:
##########
@@ -742,18 +742,18 @@ is_authorized(#user_ctx{name = UserName, roles = UserRoles}, Security) ->
         false -> check_security(names, UserName, Names)
     end.
 
-check_security(roles, [], _) ->
-    false;
-check_security(roles, UserRoles, Roles) ->
+check_security(roles, [_ | _] = UserRoles, [_ | _] = Roles) ->

Review Comment:
   Good point, I had some doubt first then realized `not ordsets:is_disjoint(ordsets:from_list(AnyList), ordsets:from_list([])).` returns `false` so this is actually an improvement as we don't rely on the subtlety of remembering that "every set is disjoint from the empty set, and that the empty set is the only set that is disjoint from itself." from https://en.wikipedia.org/wiki/Disjoint_sets



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@couchdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org