diff options
author | John Christopher Anderson <jchris@apache.org> | 2010-02-01 22:51:15 +0000 |
---|---|---|
committer | John Christopher Anderson <jchris@apache.org> | 2010-02-01 22:51:15 +0000 |
commit | ee8a76e1cad33831448dbf12a394c51aa65230f4 (patch) | |
tree | 37e50fb2b43d4bb01b55fa8d1c05cda965b4dc4d /src/couchdb/couch_httpd_db.erl | |
parent | 8c381ee8de4c43e84f937584a2b3cd5923602057 (diff) |
Database-level security.
This patch builds on the DB-admins feature to store lists of database admin and reader names and roles, as well as a security object which can be used for configuration in validation functions.
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@905436 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'src/couchdb/couch_httpd_db.erl')
-rw-r--r-- | src/couchdb/couch_httpd_db.erl | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/src/couchdb/couch_httpd_db.erl b/src/couchdb/couch_httpd_db.erl index fd143fa1..5421c214 100644 --- a/src/couchdb/couch_httpd_db.erl +++ b/src/couchdb/couch_httpd_db.erl @@ -548,8 +548,7 @@ db_req(#httpd{path_parts=[_,<<"_revs_diff">>]}=Req, _Db) -> send_method_not_allowed(Req, "POST"); -db_req(#httpd{method='PUT',path_parts=[_,<<"_admins">>]}=Req, - Db) -> +db_req(#httpd{method='PUT',path_parts=[_,<<"_admins">>]}=Req, Db) -> Admins = couch_httpd:json_body(Req), ok = couch_db:set_admins(Db, Admins), send_json(Req, {[{<<"ok">>, true}]}); @@ -560,6 +559,28 @@ db_req(#httpd{method='GET',path_parts=[_,<<"_admins">>]}=Req, Db) -> db_req(#httpd{path_parts=[_,<<"_admins">>]}=Req, _Db) -> send_method_not_allowed(Req, "PUT,GET"); +db_req(#httpd{method='PUT',path_parts=[_,<<"_readers">>]}=Req, Db) -> + Readers = couch_httpd:json_body(Req), + ok = couch_db:set_readers(Db, Readers), + send_json(Req, {[{<<"ok">>, true}]}); + +db_req(#httpd{method='GET',path_parts=[_,<<"_readers">>]}=Req, Db) -> + send_json(Req, couch_db:get_readers(Db)); + +db_req(#httpd{path_parts=[_,<<"_readers">>]}=Req, _Db) -> + send_method_not_allowed(Req, "PUT,GET"); + +db_req(#httpd{method='PUT',path_parts=[_,<<"_security">>]}=Req, Db) -> + SecObj = couch_httpd:json_body(Req), + ok = couch_db:set_security(Db, SecObj), + send_json(Req, {[{<<"ok">>, true}]}); + +db_req(#httpd{method='GET',path_parts=[_,<<"_security">>]}=Req, Db) -> + send_json(Req, couch_db:get_security(Db)); + +db_req(#httpd{path_parts=[_,<<"_security">>]}=Req, _Db) -> + send_method_not_allowed(Req, "PUT,GET"); + db_req(#httpd{method='PUT',path_parts=[_,<<"_revs_limit">>]}=Req, Db) -> Limit = couch_httpd:json_body(Req), |