From ee8a76e1cad33831448dbf12a394c51aa65230f4 Mon Sep 17 00:00:00 2001 From: John Christopher Anderson Date: Mon, 1 Feb 2010 22:51:15 +0000 Subject: Database-level security. This patch builds on the DB-admins feature to store lists of database admin and reader names and roles, as well as a security object which can be used for configuration in validation functions. git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@905436 13f79535-47bb-0310-9956-ffa450edef68 --- share/www/script/test/reader_acl.js | 95 +++++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 share/www/script/test/reader_acl.js (limited to 'share/www/script/test/reader_acl.js') diff --git a/share/www/script/test/reader_acl.js b/share/www/script/test/reader_acl.js new file mode 100644 index 00000000..58f3d001 --- /dev/null +++ b/share/www/script/test/reader_acl.js @@ -0,0 +1,95 @@ +// Licensed under the Apache License, Version 2.0 (the "License"); you may not +// use this file except in compliance with the License. You may obtain a copy +// of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations under +// the License. + +couchTests.reader_acl = function(debug) { + // this tests read access control + + var usersDb = new CouchDB("test_suite_users", {"X-Couch-Full-Commit":"false"}); + var secretDb = new CouchDB("test_suite_db", {"X-Couch-Full-Commit":"false"}); + function testFun() { + try { + usersDb.deleteDb(); + usersDb.createDb(); + secretDb.deleteDb(); + secretDb.createDb(); + + // create a user with top-secret-clearance + var jchrisUserDoc = CouchDB.prepareUserDoc({ + name: "jchris@apache.org", + roles : ["top-secret"] + }, "funnybone"); + T(usersDb.save(jchrisUserDoc).ok); + + T(CouchDB.session().userCtx.name == null); + + // set secret db to be read controlled + T(secretDb.save({_id:"baz",foo:"bar"}).ok); + T(secretDb.open("baz").foo == "bar"); + + T(secretDb.setDbProperty("_readers", { + roles : ["super-secret-club"], + names : ["joe","barb"]}).ok); + // can't read it as jchris + T(CouchDB.login("jchris@apache.org", "funnybone").ok); + T(CouchDB.session().userCtx.name == "jchris@apache.org"); + + try { + secretDb.open("baz"); + T(false && "can't open a doc from a secret db") ; + } catch(e) { + T(true) + } + + CouchDB.logout(); + + // admin now adds the top-secret role to the db's readers + T(CouchDB.session().userCtx.roles.indexOf("_admin") != -1); + + T(secretDb.setDbProperty("_readers", { + roles : ["super-secret-club", "top-secret"], + names : ["joe","barb"]}).ok); + + // now top-secret users can read it + T(secretDb.open("baz").foo == "bar"); + T(CouchDB.login("jchris@apache.org", "funnybone").ok); + T(secretDb.open("baz").foo == "bar"); + + CouchDB.logout(); + + // can't set non string reader names or roles + try { + T(!secretDb.setDbProperty("_readers", { + roles : ["super-secret-club", {"top-secret":"awesome"}], + names : ["joe","barb"]}).ok); + T(false && "only string roles"); + } catch (e) {} + + try { + T(!secretDb.setDbProperty("_readers", { + roles : ["super-secret-club", "top-secret"], + names : ["joe",22]}).ok); + T(false && "only string names"); + } catch (e) {} + } finally { + CouchDB.logout(); + } + } + + run_on_modified_server( + [{section: "httpd", + key: "authentication_handlers", + value: "{couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}"}, + {section: "couch_httpd_auth", + key: "authentication_db", value: "test_suite_users"}], + testFun + ); +} -- cgit v1.2.3