diff options
author | Victor Shyba <victor.shyba@gmail.com> | 2015-10-26 18:50:20 -0300 |
---|---|---|
committer | Victor Shyba <victor.shyba@gmail.com> | 2015-10-28 18:13:40 -0300 |
commit | f8d38125098829fe50199725545365d6d2a889a6 (patch) | |
tree | 9edab8dc323606e675a31eb141d1d42ca1e72c99 /server/pkg | |
parent | 55548cf947966bcbb9a496e523a3f802b0f0b55f (diff) |
[feat] read security doc from configuration
LEAP Platform needs to granularly allow access on user database for
other services, like mx. This is now possible by editing
soledad-server.conf file. A new section 'database-security' was added
and it is parsed during 'create-user-db' to be set on security design
document, present on every per-user database.
Diffstat (limited to 'server/pkg')
-rwxr-xr-x | server/pkg/create-user-db | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/server/pkg/create-user-db b/server/pkg/create-user-db index 7eafc945..28d1cbd0 100755 --- a/server/pkg/create-user-db +++ b/server/pkg/create-user-db @@ -31,7 +31,8 @@ This is meant to be used by Soledad Server. parser = argparse.ArgumentParser(description=description) parser.add_argument('dbname', metavar='user-d34db33f', type=str, help='database name on the format user-{uuid4}') -NETRC_PATH = load_configuration('/etc/soledad/soledad-server.conf')['admin_netrc'] +CONF = load_configuration('/etc/soledad/soledad-server.conf') +NETRC_PATH = CONF['soledad-server']['admin_netrc'] def url_for_db(dbname): @@ -54,7 +55,9 @@ if __name__ == '__main__': print ("Invalid name! %s" % args.dbname) sys.exit(1) url = url_for_db(args.dbname) + db_security = CONF['database-security'] db = CouchDatabase.open_database(url=url, create=True, - replica_uid=None, ensure_ddocs=True) + replica_uid=None, ensure_ddocs=True, + database_security=db_security) print ('success! Created %s, replica_uid: %s' % (db._dbname, db.replica_uid)) |