diff options
| author | Filipe David Borba Manana <fdmanana@apache.org> | 2010-11-21 14:05:27 +0000 |
|---|---|---|
| committer | Filipe David Borba Manana <fdmanana@apache.org> | 2010-11-21 14:05:27 +0000 |
| commit | 3112aa0692df79d0d92b92842e5de971bfc90fa9 (patch) | |
| tree | ad6822dc442c573f66213300f8f5dc0ca3adc12b /share | |
| parent | b66135d62c754bdedec9db49f93cd899099975dd (diff) | |
Merged revision 1037448 from trunk:
Proper verification of the roles property of a user document.
Closes COUCHDB-790. Thanks Gabriel Farrell.
git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.1.x@1037450 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share')
| -rw-r--r-- | share/server/loop.js | 1 | ||||
| -rw-r--r-- | share/server/util.js | 4 | ||||
| -rw-r--r-- | share/www/script/test/users_db.js | 23 |
3 files changed, 27 insertions, 1 deletions
diff --git a/share/server/loop.js b/share/server/loop.js index d5bbd977..d2a07f61 100644 --- a/share/server/loop.js +++ b/share/server/loop.js @@ -26,6 +26,7 @@ function init_sandbox() { sandbox.start = Render.start; sandbox.send = Render.send; sandbox.getRow = Render.getRow; + sandbox.isArray = isArray; } catch (e) { log(e.toSource()); } diff --git a/share/server/util.js b/share/server/util.js index 71a36a29..1b57f041 100644 --- a/share/server/util.js +++ b/share/server/util.js @@ -124,3 +124,7 @@ function log(message) { } respond(["log", String(message)]); }; + +function isArray(obj) { + return toString.call(obj) === "[object Array]"; +} diff --git a/share/www/script/test/users_db.js b/share/www/script/test/users_db.js index 667ff3c1..1e13e5d7 100644 --- a/share/www/script/test/users_db.js +++ b/share/www/script/test/users_db.js @@ -90,6 +90,27 @@ couchTests.users_db = function(debug) { T(s.name == null); T(s.roles.indexOf("_admin") !== -1); T(usersDb.deleteDoc(jchrisWithConflict).ok); + + // you can't change doc from type "user" + jchrisUserDoc = usersDb.open(jchrisUserDoc._id); + jchrisUserDoc.type = "not user"; + try { + usersDb.save(jchrisUserDoc); + T(false && "should only allow us to save doc when type == 'user'"); + } catch(e) { + T(e.reason == "doc.type must be user"); + } + jchrisUserDoc.type = "user"; + + // "roles" must be an array + jchrisUserDoc.roles = "not an array"; + try { + usersDb.save(jchrisUserDoc); + T(false && "should only allow us to save doc when roles is an array"); + } catch(e) { + T(e.reason == "doc.roles must be an array"); + } + jchrisUserDoc.roles = []; }; usersDb.deleteDb(); @@ -100,4 +121,4 @@ couchTests.users_db = function(debug) { ); usersDb.deleteDb(); // cleanup -}
\ No newline at end of file +} |