You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2022/02/28 19:07:40 UTC
[couchdb] branch replicator_vdu_special_fields updated (3eca450 -> a7e09de)
This is an automated email from the ASF dual-hosted git repository.
rnewson pushed a change to branch replicator_vdu_special_fields
in repository https://gitbox.apache.org/repos/asf/couchdb.git.
discard 3eca450 Prevent users from modifying the special _replicator fields unless they're deleting them
new a7e09de Prevent users from modifying the reserved _replication_* fields
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (3eca450)
\
N -- N -- N refs/heads/replicator_vdu_special_fields (a7e09de)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
[couchdb] 01/01: Prevent users from modifying the reserved _replication_* fields
Posted by rn...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rnewson pushed a commit to branch replicator_vdu_special_fields
in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit a7e09de233d9ceb27a97fb848aecdd2c5c160da3
Author: Robert Newson <rn...@apache.org>
AuthorDate: Mon Feb 28 19:04:28 2022 +0000
Prevent users from modifying the reserved _replication_* fields
Only the replicator is permitted to do this. This PR enhances the
existing VDU to prohibit users from modifying the fields, in case the
user mistakenly believes that such edits are understood as
instructions to the replicator.
---
.../src/couch_replicator_js_functions.hrl | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/src/couch_replicator/src/couch_replicator_js_functions.hrl b/src/couch_replicator/src/couch_replicator_js_functions.hrl
index d410433..92839d8 100644
--- a/src/couch_replicator/src/couch_replicator_js_functions.hrl
+++ b/src/couch_replicator/src/couch_replicator_js_functions.hrl
@@ -58,6 +58,26 @@
return;
}
+ // Only the replicator may change these fields, though any authorised
+ // user may delete them.
+ if (oldDoc) {
+ var protectedFields = [
+ '_replication_state',
+ '_replication_state_time',
+ '_replication_state_reason',
+ '_replication_id',
+ '_replication_stats'
+ ]
+ for (var i = 0; i < protectedFields.length; i++) {
+ var protectedField = protectedFields[i];
+ if (typeof(oldDoc[protectedField]) === 'string' &&
+ typeof(newDoc[protectedField]) === 'string' &&
+ oldDoc[protectedField] != newDoc[protectedField]) {
+ reportError('Only the replicator may modify the ' + protectedField + ' field.');
+ }
+ }
+ }
+
if (newDoc._replication_state === 'failed') {
// Skip validation in case when we update the document with the
// failed state. In this case it might be malformed. However,