From a8fc23aeac3145c5c0d0840beb3d27365bd202bf Mon Sep 17 00:00:00 2001
From: Filipe David Borba Manana <fdmanana@apache.org>
Date: Tue, 7 Dec 2010 20:27:13 +0000
Subject: Merged revision 1043186 from trunk:

Replicator improvement: send "unauthorized" error message instead of "db_not_found" when a remote endpoint can not be accessed due to authorization.



git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.1.x@1043188 13f79535-47bb-0310-9956-ffa450edef68
---
 src/couchdb/couch_httpd_misc_handlers.erl |  4 ++-
 src/couchdb/couch_rep.erl                 | 46 +++++++++++++++++++++----------
 src/couchdb/couch_rep_httpc.erl           |  2 ++
 3 files changed, 36 insertions(+), 16 deletions(-)

(limited to 'src/couchdb')

diff --git a/src/couchdb/couch_httpd_misc_handlers.erl b/src/couchdb/couch_httpd_misc_handlers.erl
index 70db79f6..6cc48f51 100644
--- a/src/couchdb/couch_httpd_misc_handlers.erl
+++ b/src/couchdb/couch_httpd_misc_handlers.erl
@@ -101,7 +101,9 @@ handle_replicate_req(#httpd{method='POST'}=Req) ->
         end
     catch
     throw:{db_not_found, Msg} ->
-        send_json(Req, 404, {[{error, db_not_found}, {reason, Msg}]})
+        send_json(Req, 404, {[{error, db_not_found}, {reason, Msg}]});
+    throw:{unauthorized, Msg} ->
+        send_json(Req, 404, {[{error, unauthorized}, {reason, Msg}]})
     end;
 handle_replicate_req(Req) ->
     send_method_not_allowed(Req, "POST").
diff --git a/src/couchdb/couch_rep.erl b/src/couchdb/couch_rep.erl
index 1b998666..04051b8e 100644
--- a/src/couchdb/couch_rep.erl
+++ b/src/couchdb/couch_rep.erl
@@ -121,8 +121,12 @@ get_result(Server, {BaseId, _Extension}, {Props} = PostBody, UserCtx) ->
     end.
 
 init(InitArgs) ->
-    try do_init(InitArgs)
-    catch throw:{db_not_found, DbUrl} -> {stop, {db_not_found, DbUrl}} end.
+    try
+        do_init(InitArgs)
+    catch
+    throw:Error ->
+        {stop, Error}
+    end.
 
 do_init([RepId, {PostProps} = RepDoc, UserCtx] = InitArgs) ->
     process_flag(trap_exit, true),
@@ -308,13 +312,19 @@ start_replication_server(Replicator) ->
             ?LOG_DEBUG("replication ~p already running at ~p", [RepId, Pid]),
             Pid;
         {error, {db_not_found, DbUrl}} ->
-            throw({db_not_found, <<"could not open ", DbUrl/binary>>})
+            throw({db_not_found, <<"could not open ", DbUrl/binary>>});
+        {error, {unauthorized, DbUrl}} ->
+            throw({unauthorized,
+                <<"unauthorized to access database ", DbUrl/binary>>})
         end;
     {error, {already_started, Pid}} ->
         ?LOG_DEBUG("replication ~p already running at ~p", [RepId, Pid]),
         Pid;
     {error, {{db_not_found, DbUrl}, _}} ->
-        throw({db_not_found, <<"could not open ", DbUrl/binary>>})
+        throw({db_not_found, <<"could not open ", DbUrl/binary>>});
+    {error, {{unauthorized, DbUrl}, _}} ->
+        throw({unauthorized,
+            <<"unauthorized to access database ", DbUrl/binary>>})
     end.
 
 compare_replication_logs(SrcDoc, TgtDoc) ->
@@ -597,18 +607,24 @@ open_db(<<"http://",_/binary>>=Url, _, ProxyParams, CreateTarget) ->
 open_db(<<"https://",_/binary>>=Url, _, ProxyParams, CreateTarget) ->
     open_db({[{<<"url">>,Url}]}, [], ProxyParams, CreateTarget);
 open_db(<<DbName/binary>>, UserCtx, _ProxyParams, CreateTarget) ->
-    case CreateTarget of
-    true ->
-        ok = couch_httpd:verify_is_server_admin(UserCtx),
-        couch_server:create(DbName, [{user_ctx, UserCtx}]);
-    false -> ok
-    end,
+    try
+        case CreateTarget of
+        true ->
+            ok = couch_httpd:verify_is_server_admin(UserCtx),
+            couch_server:create(DbName, [{user_ctx, UserCtx}]);
+        false ->
+            ok
+        end,
 
-    case couch_db:open(DbName, [{user_ctx, UserCtx}]) of
-    {ok, Db} ->
-        couch_db:monitor(Db),
-        Db;
-    {not_found, no_db_file} -> throw({db_not_found, DbName})
+        case couch_db:open(DbName, [{user_ctx, UserCtx}]) of
+        {ok, Db} ->
+            couch_db:monitor(Db),
+            Db;
+        {not_found, no_db_file} ->
+            throw({db_not_found, DbName})
+        end
+    catch throw:{unauthorized, _} ->
+        throw({unauthorized, DbName})
     end.
 
 schedule_checkpoint(#state{checkpoint_scheduled = nil} = State) ->
diff --git a/src/couchdb/couch_rep_httpc.erl b/src/couchdb/couch_rep_httpc.erl
index 75bc5cc7..7a5bd18b 100644
--- a/src/couchdb/couch_rep_httpc.erl
+++ b/src/couchdb/couch_rep_httpc.erl
@@ -103,6 +103,8 @@ db_exists(Req, CanonicalUrl, CreateDB) ->
     {ok, "303", RespHeaders, _} ->
         RedirectUrl = redirect_url(RespHeaders, Req#http_db.url),
         db_exists(Req#http_db{method = get, url = RedirectUrl}, CanonicalUrl);
+    {ok, "401", _, _} ->
+        throw({unauthorized, ?l2b(Url)});
     Error ->
         ?LOG_DEBUG("DB at ~s could not be found because ~p", [Url, Error]),
         throw({db_not_found, ?l2b(Url)})
-- 
cgit v1.2.3