From a4d7386889ac73a69592a9c4b4e26f6c44b8e46f Mon Sep 17 00:00:00 2001 From: John Christopher Anderson Date: Sat, 9 Jan 2010 19:05:31 +0000 Subject: better validations on users db git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@897521 13f79535-47bb-0310-9956-ffa450edef68 --- share/www/script/test/cookie_auth.js | 17 +++++++++-------- share/www/script/test/users_db.js | 4 +++- src/couchdb/couch_httpd_auth.erl | 26 +++++++++++++++++--------- 3 files changed, 29 insertions(+), 18 deletions(-) diff --git a/share/www/script/test/cookie_auth.js b/share/www/script/test/cookie_auth.js index 9eadfee0..125a6dcb 100644 --- a/share/www/script/test/cookie_auth.js +++ b/share/www/script/test/cookie_auth.js @@ -99,14 +99,6 @@ couchTests.cookie_auth = function(debug) { T(e.error == "forbidden"); T(usersDb.last_req.status == 403); } - - try { - usersDb.save(underscoreUserDoc) - T(false && "Can't create underscore user names. Should have thrown an error."); - } catch (e) { - T(e.error == "forbidden"); - T(usersDb.last_req.status == 403); - } // login works T(CouchDB.login('Jason Davies', password).ok); @@ -115,6 +107,15 @@ couchTests.cookie_auth = function(debug) { // update one's own credentials document jasonUserDoc.foo=2; T(usersDb.save(jasonUserDoc).ok); + T(CouchDB.session().roles.indexOf("_admin") == -1); + // can't delete another users doc unless you are admin + try { + usersDb.deleteDoc(jchrisUserDoc); + T(false && "Can't delete other users docs. Should have thrown an error."); + } catch (e) { + T(e.error == "forbidden"); + T(usersDb.last_req.status == 403); + } // TODO should login() throw an exception here? T(!CouchDB.login('Jason Davies', "2.71828").ok); diff --git a/share/www/script/test/users_db.js b/share/www/script/test/users_db.js index 2cf63fcf..c287ce68 100644 --- a/share/www/script/test/users_db.js +++ b/share/www/script/test/users_db.js @@ -37,13 +37,15 @@ couchTests.users_db = function(debug) { T(usersDb.save(jchrisUserDoc).ok); T(CouchDB.session().name == null); + + // test that you can use basic auth aginst the users db var s = CouchDB.session({ headers : { "Authorization" : "Basic amNocmlzQGFwYWNoZS5vcmc6ZnVubnlib25l" } }); T(s.name == "jchris@apache.org"); - T(s.user_doc._id == "org.couchdb.user:jchris@apache.org") + T(s.user_doc._id == "org.couchdb.user:jchris@apache.org"); T(s.info.authenticated == "{couch_httpd_auth, default_authentication_handler}"); T(s.info.user_db == "test_suite_users"); TEquals(["{couch_httpd_oauth, oauth_authentication_handler}", diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl index 554886ca..a1222df4 100644 --- a/src/couchdb/couch_httpd_auth.erl +++ b/src/couchdb/couch_httpd_auth.erl @@ -130,7 +130,13 @@ get_user_props_from_db(UserName) -> try couch_httpd_db:couch_doc_open(Db, DocId, nil, []) of #doc{}=Doc -> {DocProps} = couch_query_servers:json_doc(Doc), - DocProps + case proplists:get_value(<<"type">>, DocProps) of + <<"user">> -> + DocProps; + _Else -> + ?LOG_ERROR("Invalid user doc. Id: ~p",[DocId]), + nil + end catch throw:Throw -> nil @@ -164,19 +170,21 @@ auth_design_doc(DocId) -> DocProps = [ {<<"_id">>, DocId}, {<<"language">>,<<"javascript">>}, - {<<"views">>, - {[{<<"users">>, - {[{<<"map">>, - <<"function (doc) {\n if (doc.type == \"user\") {\n emit(doc.username, doc);\n}\n}">> - }]} - }]} - }, { <<"validate_doc_update">>, <<"function(newDoc, oldDoc, userCtx) { - if (newDoc.type != 'user') { + if ((oldDoc || newDoc).type != 'user') { return; } // we only validate user docs for now + if (newDoc._deleted === true) { + // allow deletes by admins and matching users + // without checking the other fields + if ((userCtx.roles.indexOf('_admin') != -1) || (userCtx.name == oldDoc.username)) { + return; + } else { + throw({forbidden : 'Only admins may delete other user docs.'}); + } + } if (!newDoc.username) { throw({forbidden : 'doc.username is required'}); } -- cgit v1.2.3