From 419a3545fadc3993da302fe7a35a773ac0ae0cac Mon Sep 17 00:00:00 2001
From: John Christopher Anderson <jchris@apache.org>
Date: Wed, 7 Apr 2010 19:51:04 +0000
Subject: temp_views should be only available to server and database admins

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@931655 13f79535-47bb-0310-9956-ffa450edef68
---
 share/www/script/test/reader_acl.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'share')

diff --git a/share/www/script/test/reader_acl.js b/share/www/script/test/reader_acl.js
index a3b6bd88..cc249ea4 100644
--- a/share/www/script/test/reader_acl.js
+++ b/share/www/script/test/reader_acl.js
@@ -76,10 +76,17 @@ couchTests.reader_acl = function(debug) {
         }
       }).ok);
 
+
       T(CouchDB.login("jchris@apache.org", "funnybone").ok);
 
+      // db admin can read
       T(secretDb.open("baz").foo == "bar");
 
+      // and run temp views
+      TEquals(secretDb.query(function(doc) {
+        emit(null, null)
+      }).total_rows, 1);
+
       CouchDB.logout();
       T(CouchDB.session().userCtx.roles.indexOf("_admin") != -1);
 
@@ -120,6 +127,17 @@ couchTests.reader_acl = function(debug) {
       // readers can query stored views
       T(secretDb.view("foo/bar").total_rows == 1);
       
+      // readers can't do temp views
+      try {
+        var results = secretDb.query(function(doc) {
+          emit(null, null);
+        });
+        T(false && "temp view should be admin only");
+      } catch (e) {
+        T(true && "temp view is admin only");
+      }
+      
+      
       CouchDB.logout();
 
       // can't set non string reader names or roles
-- 
cgit v1.2.3