diff options
| -rw-r--r-- | share/www/script/test/users_db.js | 7 | ||||
| -rw-r--r-- | src/couchdb/couch_js_functions.hrl | 8 |
2 files changed, 10 insertions, 5 deletions
diff --git a/share/www/script/test/users_db.js b/share/www/script/test/users_db.js index b85adf08..667ff3c1 100644 --- a/share/www/script/test/users_db.js +++ b/share/www/script/test/users_db.js @@ -85,8 +85,13 @@ couchTests.users_db = function(debug) { T(/conflict/.test(e.reason)) } + // you can delete a user doc + s = CouchDB.session().userCtx; + T(s.name == null); + T(s.roles.indexOf("_admin") !== -1); + T(usersDb.deleteDoc(jchrisWithConflict).ok); }; - + usersDb.deleteDb(); run_on_modified_server( [{section: "couch_httpd_auth", diff --git a/src/couchdb/couch_js_functions.hrl b/src/couchdb/couch_js_functions.hrl index 3214b1f6..1f314f6e 100644 --- a/src/couchdb/couch_js_functions.hrl +++ b/src/couchdb/couch_js_functions.hrl @@ -12,10 +12,6 @@ -define(AUTH_DB_DOC_VALIDATE_FUNCTION, <<" function(newDoc, oldDoc, userCtx) { - if ((oldDoc && oldDoc.type !== 'user') || newDoc.type !== 'user') { - throw({forbidden : 'doc.type must be user'}); - } // we only allow user docs for now - if (newDoc._deleted === true) { // allow deletes by admins and matching users // without checking the other fields @@ -27,6 +23,10 @@ } } + if ((oldDoc && oldDoc.type !== 'user') || newDoc.type !== 'user') { + throw({forbidden : 'doc.type must be user'}); + } // we only allow user docs for now + if (!newDoc.name) { throw({forbidden: 'doc.name is required'}); } |