summaryrefslogtreecommitdiff
path: root/share/www/script
diff options
context:
space:
mode:
Diffstat (limited to 'share/www/script')
-rw-r--r--share/www/script/couch_tests.js1
-rw-r--r--share/www/script/futon.browse.js26
-rw-r--r--share/www/script/jquery.couch.js19
-rw-r--r--share/www/script/test/reader_acl.js95
-rw-r--r--share/www/script/test/security_validation.js38
5 files changed, 175 insertions, 4 deletions
diff --git a/share/www/script/couch_tests.js b/share/www/script/couch_tests.js
index 6f1acf83..04253c58 100644
--- a/share/www/script/couch_tests.js
+++ b/share/www/script/couch_tests.js
@@ -63,6 +63,7 @@ loadScript("script/oauth.js");
loadScript("script/sha1.js");
loadTest("oauth.js");
loadTest("purge.js");
+loadTest("reader_acl.js");
loadTest("recreate_doc.js");
loadTest("reduce.js");
loadTest("reduce_builtin.js");
diff --git a/share/www/script/futon.browse.js b/share/www/script/futon.browse.js
index 31e979bb..ade16b20 100644
--- a/share/www/script/futon.browse.js
+++ b/share/www/script/futon.browse.js
@@ -178,6 +178,32 @@
}
});
}
+
+ this.databaseSecurity = function() {
+ $.showDialog("dialog/_database_security.html", {
+ load : function(d) {
+ ["admin", "reader"].forEach(function(key) {
+ db.getDbProperty("_"+key+"s", {
+ success : function(r) {
+ $("input[name="+key+"_names]",d).val(JSON.stringify(r.names||[]));
+ $("input[name="+key+"_roles]",d).val(JSON.stringify(r.roles||[]));
+ }
+ });
+ });
+ },
+ // maybe this should be 2 forms
+ submit: function(data, callback) {
+ ["admin", "reader"].forEach(function(key) {
+ var new_value = {
+ names : JSON.parse(data[key+"_names"]),
+ roles : JSON.parse(data[key+"_roles"])
+ };
+ db.setDbProperty("_"+key+"s", new_value);
+ });
+ callback();
+ }
+ });
+ }
this.populateViewEditor = function() {
if (viewName.match(/^_design\//)) {
diff --git a/share/www/script/jquery.couch.js b/share/www/script/jquery.couch.js
index 0dcadc99..7eeaefc7 100644
--- a/share/www/script/jquery.couch.js
+++ b/share/www/script/jquery.couch.js
@@ -371,6 +371,25 @@
},
options, "An error occurred accessing the view"
);
+ },
+ getDbProperty: function(propName, options, ajaxOptions) {
+ ajax({url: this.uri + propName + encodeOptions(options)},
+ options,
+ "The property could not be retrieved",
+ ajaxOptions
+ );
+ },
+
+ setDbProperty: function(propName, propValue, options, ajaxOptions) {
+ ajax({
+ type: "PUT",
+ url: this.uri + propName + encodeOptions(options),
+ data : JSON.stringify(propValue)
+ },
+ options,
+ "The property could not be updated",
+ ajaxOptions
+ );
}
};
},
diff --git a/share/www/script/test/reader_acl.js b/share/www/script/test/reader_acl.js
new file mode 100644
index 00000000..58f3d001
--- /dev/null
+++ b/share/www/script/test/reader_acl.js
@@ -0,0 +1,95 @@
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not
+// use this file except in compliance with the License. You may obtain a copy
+// of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+couchTests.reader_acl = function(debug) {
+ // this tests read access control
+
+ var usersDb = new CouchDB("test_suite_users", {"X-Couch-Full-Commit":"false"});
+ var secretDb = new CouchDB("test_suite_db", {"X-Couch-Full-Commit":"false"});
+ function testFun() {
+ try {
+ usersDb.deleteDb();
+ usersDb.createDb();
+ secretDb.deleteDb();
+ secretDb.createDb();
+
+ // create a user with top-secret-clearance
+ var jchrisUserDoc = CouchDB.prepareUserDoc({
+ name: "jchris@apache.org",
+ roles : ["top-secret"]
+ }, "funnybone");
+ T(usersDb.save(jchrisUserDoc).ok);
+
+ T(CouchDB.session().userCtx.name == null);
+
+ // set secret db to be read controlled
+ T(secretDb.save({_id:"baz",foo:"bar"}).ok);
+ T(secretDb.open("baz").foo == "bar");
+
+ T(secretDb.setDbProperty("_readers", {
+ roles : ["super-secret-club"],
+ names : ["joe","barb"]}).ok);
+ // can't read it as jchris
+ T(CouchDB.login("jchris@apache.org", "funnybone").ok);
+ T(CouchDB.session().userCtx.name == "jchris@apache.org");
+
+ try {
+ secretDb.open("baz");
+ T(false && "can't open a doc from a secret db") ;
+ } catch(e) {
+ T(true)
+ }
+
+ CouchDB.logout();
+
+ // admin now adds the top-secret role to the db's readers
+ T(CouchDB.session().userCtx.roles.indexOf("_admin") != -1);
+
+ T(secretDb.setDbProperty("_readers", {
+ roles : ["super-secret-club", "top-secret"],
+ names : ["joe","barb"]}).ok);
+
+ // now top-secret users can read it
+ T(secretDb.open("baz").foo == "bar");
+ T(CouchDB.login("jchris@apache.org", "funnybone").ok);
+ T(secretDb.open("baz").foo == "bar");
+
+ CouchDB.logout();
+
+ // can't set non string reader names or roles
+ try {
+ T(!secretDb.setDbProperty("_readers", {
+ roles : ["super-secret-club", {"top-secret":"awesome"}],
+ names : ["joe","barb"]}).ok);
+ T(false && "only string roles");
+ } catch (e) {}
+
+ try {
+ T(!secretDb.setDbProperty("_readers", {
+ roles : ["super-secret-club", "top-secret"],
+ names : ["joe",22]}).ok);
+ T(false && "only string names");
+ } catch (e) {}
+ } finally {
+ CouchDB.logout();
+ }
+ }
+
+ run_on_modified_server(
+ [{section: "httpd",
+ key: "authentication_handlers",
+ value: "{couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}"},
+ {section: "couch_httpd_auth",
+ key: "authentication_db", value: "test_suite_users"}],
+ testFun
+ );
+}
diff --git a/share/www/script/test/security_validation.js b/share/www/script/test/security_validation.js
index 43968426..9ecb9ba0 100644
--- a/share/www/script/test/security_validation.js
+++ b/share/www/script/test/security_validation.js
@@ -69,7 +69,13 @@ couchTests.security_validation = function(debug) {
var designDoc = {
_id:"_design/test",
language: "javascript",
- validate_doc_update: "(" + (function (newDoc, oldDoc, userCtx) {
+ validate_doc_update: "(" + (function (newDoc, oldDoc, userCtx, secObj) {
+ if (secObj.admin_override) {
+ if (userCtx.roles.indexOf('_admin') != -1) {
+ // user is admin, they can do anything
+ return true;
+ }
+ }
// docs should have an author field.
if (!newDoc._deleted && !newDoc.author) {
throw {forbidden:
@@ -99,11 +105,11 @@ couchTests.security_validation = function(debug) {
}
// set user as the admin
- T(db.setDbProperty("_admins", ["Damien Katz"]).ok);
+ T(db.setDbProperty("_admins", {names : ["Damien Katz"]}).ok);
T(userDb.save(designDoc).ok);
- // test the _whoami endpoint
+ // test the _session API
var resp = userDb.request("GET", "/_session");
var user = JSON.parse(resp.responseText).userCtx;
T(user.name == "Damien Katz");
@@ -158,6 +164,31 @@ couchTests.security_validation = function(debug) {
T(e.error == "unauthorized");
T(userDb.last_req.status == 401);
}
+
+ // admin must save with author field unless admin override
+ var resp = db.request("GET", "/_session");
+ var user = JSON.parse(resp.responseText).userCtx;
+ T(user.name == null);
+ // test that we are admin
+ TEquals(user.roles, ["_admin"]);
+
+ // can't save the doc even though we are admin
+ var doc = db.open("testdoc");
+ doc.foo=3;
+ try {
+ db.save(doc);
+ T(false && "Can't get here. Should have thrown an error 3");
+ } catch (e) {
+ T(e.error == "unauthorized");
+ T(db.last_req.status == 401);
+ }
+
+ // now turn on admin override
+ T(db.setDbProperty("_security", {admin_override : true}).ok);
+ T(db.save(doc).ok);
+
+ // go back to normal
+ T(db.setDbProperty("_security", {admin_override : false}).ok);
// Now delete document
T(user2Db.deleteDoc(doc).ok);
@@ -188,7 +219,6 @@ couchTests.security_validation = function(debug) {
T(db.open("booboo") == null);
T(db.open("foofoo") == null);
-
// Now test replication
var AuthHeaders = {"WWW-Authenticate": "X-Couch-Test-Auth Christopher Lenz:dog food"};
var host = CouchDB.host;