diff options
author | John Christopher Anderson <jchris@apache.org> | 2009-06-27 13:36:29 +0000 |
---|---|---|
committer | John Christopher Anderson <jchris@apache.org> | 2009-06-27 13:36:29 +0000 |
commit | 11e6db89380142ada9638d02614beea2952d9b86 (patch) | |
tree | 6deb7390e4f00f26d9f283fe871df91282699ecd /share/www | |
parent | f3683b4e5ff7416d3354c237933ff6cb65b8b74e (diff) |
A /_whoami handler to provide client apps with access to the active userCtx for their session.
Thanks to the CouchDB University students and janl for helping to implement this.
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@788971 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share/www')
-rw-r--r-- | share/www/script/test/security_validation.js | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/share/www/script/test/security_validation.js b/share/www/script/test/security_validation.js index a41d8d70..1c185c01 100644 --- a/share/www/script/test/security_validation.js +++ b/share/www/script/test/security_validation.js @@ -60,6 +60,11 @@ couchTests.security_validation = function(debug) { T(wrongPasswordDb.last_req.status == 401); } + // test force_login=true. + var resp = wrongPasswordDb.request("GET", "/_whoami?force_login=true"); + var err = JSON.parse(resp.responseText); + T(err.error == "unauthorized"); + T(resp.status == 401); // Create the design doc that will run custom validation code var designDoc = { @@ -99,6 +104,14 @@ couchTests.security_validation = function(debug) { T(userDb.save(designDoc).ok); + // test the _whoami endpoint + var resp = userDb.request("GET", "/_whoami"); + var user = JSON.parse(resp.responseText) + T(user.name == "Damien Katz"); + // test that the roles are listed properly + TEquals(user.roles, []); + + // update the document var doc = userDb.open("testdoc"); doc.foo=2; |