You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by kl...@apache.org on 2015/08/10 12:31:33 UTC
[1/2] couchdb-peruser git commit: Rename to `couchdb_peruser`
Repository: couchdb-peruser
Updated Branches:
refs/heads/couchdb-2.0 2fa347cc7 -> cf274f08d
Rename to `couchdb_peruser`
Project: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/commit/e524b1e7
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/tree/e524b1e7
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/diff/e524b1e7
Branch: refs/heads/couchdb-2.0
Commit: e524b1e798dec59ae78aa96eba05e3c6891e4579
Parents: 2fa347c
Author: Klaus Trainer <kl...@posteo.de>
Authored: Mon Aug 10 12:16:58 2015 +0200
Committer: Klaus Trainer <kl...@posteo.de>
Committed: Mon Aug 10 12:28:29 2015 +0200
----------------------------------------------------------------------
README.md | 6 +-
src/couchdb_peruser.app.src | 20 +++++
src/couchdb_peruser.erl | 156 +++++++++++++++++++++++++++++++++++++++
src/couchperuser.app.src | 20 -----
src/couchperuser.erl | 156 ---------------------------------------
5 files changed, 179 insertions(+), 179 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/e524b1e7/README.md
----------------------------------------------------------------------
diff --git a/README.md b/README.md
index caacb75..7b2a4eb 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
-couchperuser
-============
+couchdb_peruser
+===============
-couchperuser is a CouchDB daemon that ensures that a private per-user
+couchdb_peruser is a CouchDB daemon that ensures that a private per-user
database exists for each document in _users. These databases are
writable only by the corresponding user.
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/e524b1e7/src/couchdb_peruser.app.src
----------------------------------------------------------------------
diff --git a/src/couchdb_peruser.app.src b/src/couchdb_peruser.app.src
new file mode 100644
index 0000000..9255068
--- /dev/null
+++ b/src/couchdb_peruser.app.src
@@ -0,0 +1,20 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+% http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+{application, couchdb_peruser, [
+ {description, "couchdb_peruser - maintains per-user databases in CouchDB"},
+ {vsn, "1.1.0"},
+ {modules, []},
+ {registered, [couchdb_peruser]},
+ {applications, [kernel, stdlib]},
+ {env, []}
+]}.
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/e524b1e7/src/couchdb_peruser.erl
----------------------------------------------------------------------
diff --git a/src/couchdb_peruser.erl b/src/couchdb_peruser.erl
new file mode 100644
index 0000000..23d83d8
--- /dev/null
+++ b/src/couchdb_peruser.erl
@@ -0,0 +1,156 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+% http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(couchdb_peruser).
+-behaviour(gen_server).
+-behaviour(config_listener).
+
+-include_lib("couch/include/couch_db.hrl").
+
+% gen_server callbacks
+-export([start_link/0, init/1, handle_call/3, handle_cast/2, handle_info/2,
+ terminate/2, code_change/3]).
+
+% config_listener callbacks
+-export([handle_config_change/5, handle_config_terminate/3]).
+
+-export([init_changes/2, change_filter/3]).
+
+%% Note that this doesn't actually depend on having a registered name
+-define(NAME, ?MODULE).
+%% db_name and changes_pid are useful information to have, but unused
+-record(state, {db_name, changes_pid, changes_ref}).
+%% the entire filter state is currently unused, but may be useful later
+-record(filter, {server}).
+
+start_link() ->
+ gen_server:start_link({local, ?NAME}, ?MODULE, [], []).
+
+init([]) ->
+ couch_log:debug("couchdb_peruser daemon: starting link.", []),
+ Db_Name = ?l2b(config:get(
+ "couch_httpd_auth", "authentication_db", "_users")),
+ Server = self(),
+ ok = config:listen_for_changes(?MODULE, Server),
+ {Pid, Ref} = spawn_opt(?MODULE, init_changes, [Server, Db_Name],
+ [link, monitor]),
+ {ok, #state{db_name=Db_Name,
+ changes_pid=Pid,
+ changes_ref=Ref}}.
+
+handle_config_change("couch_httpd_auth", "authentication_db", _Value, _Persist, State) ->
+ gen_server:cast(State, stop),
+ remove_handler;
+handle_config_change(_Section, _Key, _Value, _Persist, State) ->
+ {ok, State}.
+
+handle_config_terminate(_, stop, _) -> ok;
+handle_config_terminate(Self, _, _) ->
+ spawn(fun() ->
+ timer:sleep(5000),
+ config:listen_for_changes(?MODULE, Self)
+ end).
+
+admin_ctx() ->
+ {user_ctx, #user_ctx{roles=[<<"_admin">>]}}.
+
+init_changes(Parent, Db_Name) ->
+ {ok, Db} = couch_db:open_int(Db_Name, [admin_ctx(), sys_db]),
+ FunAcc = {fun ?MODULE:change_filter/3, #filter{server=Parent}},
+ (couch_changes:handle_db_changes(
+ #changes_args{feed="continuous", timeout=infinity},
+ {json_req, null},
+ Db))(FunAcc).
+
+change_filter({change, {Doc}, _Prepend}, _ResType, Acc=#filter{}) ->
+ Deleted = couch_util:get_value(<<"deleted">>, Doc, false),
+ case lists:keyfind(<<"id">>, 1, Doc) of
+ {_Key, <<"org.couchdb.user:", User/binary>>} ->
+ case Deleted of
+ true ->
+ %% TODO: Let's not complicate this with GC for now!
+ Acc;
+ false ->
+ UserDb = ensure_user_db(User),
+ ensure_security(User, UserDb),
+ Acc
+ end;
+ _ ->
+ Acc
+ end;
+change_filter(_Event, _ResType, Acc) ->
+ Acc.
+
+terminate(_Reason, _State) ->
+ %% Everything should be linked or monitored, let nature
+ %% take its course.
+ ok.
+
+ensure_user_db(User) ->
+ UserDb = user_db_name(User),
+ try
+ fabric_db_info:go(UserDb)
+ catch error:database_does_not_exist ->
+ fabric_db_create:go(UserDb, [admin_ctx()])
+ end,
+ UserDb.
+
+add_user(User, Prop, {Modified, SecProps}) ->
+ {PropValue} = couch_util:get_value(Prop, SecProps, {[]}),
+ Names = couch_util:get_value(<<"names">>, PropValue, []),
+ case lists:member(User, Names) of
+ true ->
+ {Modified, SecProps};
+ false ->
+ {true,
+ lists:keystore(
+ Prop, 1, SecProps,
+ {Prop,
+ {lists:keystore(
+ <<"names">>, 1, PropValue,
+ {<<"names">>, [User | Names]})}})}
+ end.
+
+ensure_security(User, UserDb) ->
+ {ok, Shards} = fabric_db_meta:get_all_security(UserDb, [admin_ctx()]),
+ % We assume that all shards have the same security object, and
+ % therefore just pick the first one.
+ {_ShardInfo, {SecProps}} = hd(Shards),
+ case lists:foldl(
+ fun (Prop, SAcc) -> add_user(User, Prop, SAcc) end,
+ {false, SecProps},
+ [<<"admins">>, <<"members">>]) of
+ {false, _} ->
+ ok;
+ {true, SecProps1} ->
+ fabric_db_meta:set_security(UserDb, {SecProps1}, [admin_ctx()])
+ end.
+
+user_db_name(User) ->
+ HexUser = list_to_binary([integer_to_list(X, 16) || <<X>> <= User]),
+ <<"userdb-", HexUser/binary>>.
+
+handle_call(_Msg, _From, State) ->
+ {reply, error, State}.
+
+handle_cast(stop, State) ->
+ {stop, normal, State};
+handle_cast(_Msg, State) ->
+ {noreply, State}.
+
+handle_info({'DOWN', Ref, _, _, _Reason}, State=#state{changes_ref=Ref}) ->
+ {stop, normal, State};
+handle_info(_Msg, State) ->
+ {noreply, State}.
+
+code_change(_OldVsn, State, _Extra) ->
+ {ok, State}.
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/e524b1e7/src/couchperuser.app.src
----------------------------------------------------------------------
diff --git a/src/couchperuser.app.src b/src/couchperuser.app.src
deleted file mode 100644
index 703f716..0000000
--- a/src/couchperuser.app.src
+++ /dev/null
@@ -1,20 +0,0 @@
-% Licensed under the Apache License, Version 2.0 (the "License"); you may not
-% use this file except in compliance with the License. You may obtain a copy of
-% the License at
-%
-% http://www.apache.org/licenses/LICENSE-2.0
-%
-% Unless required by applicable law or agreed to in writing, software
-% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-% License for the specific language governing permissions and limitations under
-% the License.
-
-{application, couchperuser, [
- {description, "couchperuser - maintains per-user databases in CouchDB"},
- {vsn, "1.1.0"},
- {modules, []},
- {registered, [couchperuser]},
- {applications, [kernel, stdlib]},
- {env, []}
-]}.
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/e524b1e7/src/couchperuser.erl
----------------------------------------------------------------------
diff --git a/src/couchperuser.erl b/src/couchperuser.erl
deleted file mode 100644
index 16e9a78..0000000
--- a/src/couchperuser.erl
+++ /dev/null
@@ -1,156 +0,0 @@
-% Licensed under the Apache License, Version 2.0 (the "License"); you may not
-% use this file except in compliance with the License. You may obtain a copy of
-% the License at
-%
-% http://www.apache.org/licenses/LICENSE-2.0
-%
-% Unless required by applicable law or agreed to in writing, software
-% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-% License for the specific language governing permissions and limitations under
-% the License.
-
--module(couchperuser).
--behaviour(gen_server).
--behaviour(config_listener).
-
--include_lib("couch/include/couch_db.hrl").
-
-% gen_server callbacks
--export([start_link/0, init/1, handle_call/3, handle_cast/2, handle_info/2,
- terminate/2, code_change/3]).
-
-% config_listener callbacks
--export([handle_config_change/5, handle_config_terminate/3]).
-
--export([init_changes/2, change_filter/3]).
-
-%% Note that this doesn't actually depend on having a registered name
--define(NAME, ?MODULE).
-%% db_name and changes_pid are useful information to have, but unused
--record(state, {db_name, changes_pid, changes_ref}).
-%% the entire filter state is currently unused, but may be useful later
--record(filter, {server}).
-
-start_link() ->
- gen_server:start_link({local, ?NAME}, ?MODULE, [], []).
-
-init([]) ->
- couch_log:debug("couchperuser daemon: starting link.", []),
- Db_Name = ?l2b(config:get(
- "couch_httpd_auth", "authentication_db", "_users")),
- Server = self(),
- ok = config:listen_for_changes(?MODULE, Server),
- {Pid, Ref} = spawn_opt(?MODULE, init_changes, [Server, Db_Name],
- [link, monitor]),
- {ok, #state{db_name=Db_Name,
- changes_pid=Pid,
- changes_ref=Ref}}.
-
-handle_config_change("couch_httpd_auth", "authentication_db", _Value, _Persist, State) ->
- gen_server:cast(State, stop),
- remove_handler;
-handle_config_change(_Section, _Key, _Value, _Persist, State) ->
- {ok, State}.
-
-handle_config_terminate(_, stop, _) -> ok;
-handle_config_terminate(Self, _, _) ->
- spawn(fun() ->
- timer:sleep(5000),
- config:listen_for_changes(?MODULE, Self)
- end).
-
-admin_ctx() ->
- {user_ctx, #user_ctx{roles=[<<"_admin">>]}}.
-
-init_changes(Parent, Db_Name) ->
- {ok, Db} = couch_db:open_int(Db_Name, [admin_ctx(), sys_db]),
- FunAcc = {fun ?MODULE:change_filter/3, #filter{server=Parent}},
- (couch_changes:handle_db_changes(
- #changes_args{feed="continuous", timeout=infinity},
- {json_req, null},
- Db))(FunAcc).
-
-change_filter({change, {Doc}, _Prepend}, _ResType, Acc=#filter{}) ->
- Deleted = couch_util:get_value(<<"deleted">>, Doc, false),
- case lists:keyfind(<<"id">>, 1, Doc) of
- {_Key, <<"org.couchdb.user:", User/binary>>} ->
- case Deleted of
- true ->
- %% TODO: Let's not complicate this with GC for now!
- Acc;
- false ->
- UserDb = ensure_user_db(User),
- ensure_security(User, UserDb),
- Acc
- end;
- _ ->
- Acc
- end;
-change_filter(_Event, _ResType, Acc) ->
- Acc.
-
-terminate(_Reason, _State) ->
- %% Everything should be linked or monitored, let nature
- %% take its course.
- ok.
-
-ensure_user_db(User) ->
- UserDb = user_db_name(User),
- try
- fabric_db_info:go(UserDb)
- catch error:database_does_not_exist ->
- fabric_db_create:go(UserDb, [admin_ctx()])
- end,
- UserDb.
-
-add_user(User, Prop, {Modified, SecProps}) ->
- {PropValue} = couch_util:get_value(Prop, SecProps, {[]}),
- Names = couch_util:get_value(<<"names">>, PropValue, []),
- case lists:member(User, Names) of
- true ->
- {Modified, SecProps};
- false ->
- {true,
- lists:keystore(
- Prop, 1, SecProps,
- {Prop,
- {lists:keystore(
- <<"names">>, 1, PropValue,
- {<<"names">>, [User | Names]})}})}
- end.
-
-ensure_security(User, UserDb) ->
- {ok, Shards} = fabric_db_meta:get_all_security(UserDb, [admin_ctx()]),
- % We assume that all shards have the same security object, and
- % therefore just pick the first one.
- {_ShardInfo, {SecProps}} = hd(Shards),
- case lists:foldl(
- fun (Prop, SAcc) -> add_user(User, Prop, SAcc) end,
- {false, SecProps},
- [<<"admins">>, <<"members">>]) of
- {false, _} ->
- ok;
- {true, SecProps1} ->
- fabric_db_meta:set_security(UserDb, {SecProps1}, [admin_ctx()])
- end.
-
-user_db_name(User) ->
- HexUser = list_to_binary([integer_to_list(X, 16) || <<X>> <= User]),
- <<"userdb-", HexUser/binary>>.
-
-handle_call(_Msg, _From, State) ->
- {reply, error, State}.
-
-handle_cast(stop, State) ->
- {stop, normal, State};
-handle_cast(_Msg, State) ->
- {noreply, State}.
-
-handle_info({'DOWN', Ref, _, _, _Reason}, State=#state{changes_ref=Ref}) ->
- {stop, normal, State};
-handle_info(_Msg, State) ->
- {noreply, State}.
-
-code_change(_OldVsn, State, _Extra) ->
- {ok, State}.
[2/2] couchdb-peruser git commit: Use macro for userdb prefix
Posted by kl...@apache.org.
Use macro for userdb prefix
Project: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/commit/cf274f08
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/tree/cf274f08
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-peruser/diff/cf274f08
Branch: refs/heads/couchdb-2.0
Commit: cf274f08d10f3bab001d5a6bc550908d5fc3b242
Parents: e524b1e
Author: Klaus Trainer <kl...@posteo.de>
Authored: Mon Aug 10 12:21:38 2015 +0200
Committer: Klaus Trainer <kl...@posteo.de>
Committed: Mon Aug 10 12:28:34 2015 +0200
----------------------------------------------------------------------
src/couchdb_peruser.erl | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb-peruser/blob/cf274f08/src/couchdb_peruser.erl
----------------------------------------------------------------------
diff --git a/src/couchdb_peruser.erl b/src/couchdb_peruser.erl
index 23d83d8..9eff36c 100644
--- a/src/couchdb_peruser.erl
+++ b/src/couchdb_peruser.erl
@@ -16,6 +16,8 @@
-include_lib("couch/include/couch_db.hrl").
+-define(USERDB_PREFIX, "userdb-").
+
% gen_server callbacks
-export([start_link/0, init/1, handle_call/3, handle_cast/2, handle_info/2,
terminate/2, code_change/3]).
@@ -137,7 +139,7 @@ ensure_security(User, UserDb) ->
user_db_name(User) ->
HexUser = list_to_binary([integer_to_list(X, 16) || <<X>> <= User]),
- <<"userdb-", HexUser/binary>>.
+ <<?USERDB_PREFIX, HexUser/binary>>.
handle_call(_Msg, _From, State) ->
{reply, error, State}.