From 8599d0f4a9272a81f7ee172f96801182e98fa95f Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Sat, 8 Apr 2017 22:14:25 +0200 Subject: [PATCH 1/6] Require server or db admin user for db/_compact and db/_view_cleanup endpoints following rnewson's suggestion --- src/chttpd/src/chttpd_auth_request.erl | 4 + src/chttpd/test/chttpd_security_tests.erl | 124 +++++++++++++++++++++ src/couch/test/couchdb_file_compression_tests.erl | 2 +- src/couch/test/couchdb_views_tests.erl | 2 +- .../test/couch_replicator_compact_tests.erl | 2 +- 5 files changed, 131 insertions(+), 3 deletions(-) create mode 100644 src/chttpd/test/chttpd_security_tests.erl diff --git a/src/chttpd/src/chttpd_auth_request.erl b/src/chttpd/src/chttpd_auth_request.erl index 90176c8243..ab160ee79e 100644 --- a/src/chttpd/src/chttpd_auth_request.erl +++ b/src/chttpd/src/chttpd_auth_request.erl @@ -61,6 +61,10 @@ authorize_request_int(#httpd{path_parts=[_DbName], method='PUT'}=Req) -> require_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName], method='DELETE'}=Req) -> require_admin(Req); +authorize_request_int(#httpd{path_parts=[_DbName, <<"_compact">>]}=Req) -> + require_admin(Req); +authorize_request_int(#httpd{path_parts=[_DbName, <<"_view_cleanup">>]}=Req) -> + require_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName|_]}=Req) -> db_authorization_check(Req). diff --git a/src/chttpd/test/chttpd_security_tests.erl b/src/chttpd/test/chttpd_security_tests.erl new file mode 100644 index 0000000000..a964f3006e --- /dev/null +++ b/src/chttpd/test/chttpd_security_tests.erl @@ -0,0 +1,124 @@ +% Licensed under the Apache License, Version 2.0 (the "License"); you may not +% use this file except in compliance with the License. You may obtain a copy of +% the License at +% +% http://www.apache.org/licenses/LICENSE-2.0 +% +% Unless required by applicable law or agreed to in writing, software +% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +% License for the specific language governing permissions and limitations under +% the License. + +-module(chttpd_security_tests). + +-include_lib("couch/include/couch_eunit.hrl"). +-include_lib("couch/include/couch_db.hrl"). + +-define(USER, "chttpd_db_test_admin"). +-define(PASS, "pass"). +-define(AUTH, {basic_auth, {?USER, ?PASS}}). +-define(CONTENT_JSON, {"Content-Type", "application/json"}). +-define(FIXTURE_TXT, ?ABS_PATH(?FILE)). + +setup() -> + ok = config:set("admins", ?USER, ?PASS, _Persist=false), + TmpDb = ?tempdb(), + Addr = config:get("chttpd", "bind_address", "127.0.0.1"), + Port = mochiweb_socket_server:get(chttpd, port), + Url = lists:concat(["http://", Addr, ":", Port, "/", ?b2l(TmpDb)]), + create_db(Url), + create_design_doc(Url), + Url. + +teardown(Url) -> + delete_db(Url), + ok = config:delete("admins", ?USER, _Persist=false). + +create_db(Url) -> + {ok, Status, _, _} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], "{}"), + ?assert(Status =:= 201 orelse Status =:= 202). + +create_design_doc(Url) -> + {ok, Status, _, _} = test_request:put(lists:concat([Url, '/_design/test']), [?CONTENT_JSON, ?AUTH], + "{\"id\":\"_design/test\"}"), + ?assert(Status =:= 201 orelse Status =:= 202). + + +delete_db(Url) -> + {ok, 200, _, _} = test_request:delete(Url, [?AUTH]). + +all_test_() -> + { + "chttpd security tests", + { + setup, + fun chttpd_test_util:start_couch/0, fun chttpd_test_util:stop_couch/1, + { + foreach, + fun setup/0, fun teardown/1, + [ + fun should_allow_admin_db_compaction/1, + fun should_disallow_anonymous_db_compaction/1, + fun should_allow_admin_view_compaction/1, + fun should_disallow_anonymous_view_compaction/1, + fun should_allow_admin_db_view_cleanup/1, + fun should_disallow_anonymous_db_view_cleanup/1 + ] + } + } + }. + +should_allow_admin_db_compaction(Url) -> + ?_assertEqual(true, + begin + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", + [?CONTENT_JSON, ?AUTH], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + couch_util:get_value(<<"ok">>, InnerJson, undefined) + end). + +should_disallow_anonymous_db_compaction(Url) -> + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", + [?CONTENT_JSON], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + ErrType = couch_util:get_value(<<"error">>, InnerJson), + ?_assertEqual(<<"unauthorized">>,ErrType). + +should_allow_admin_view_compaction(Url) -> + ?_assertEqual(true, + begin + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact/test", + [?CONTENT_JSON, ?AUTH], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + couch_util:get_value(<<"ok">>, InnerJson, undefined) + end). + +should_disallow_anonymous_view_compaction(Url) -> + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact/test", + [?CONTENT_JSON], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + ErrType = couch_util:get_value(<<"error">>, InnerJson), + ?_assertEqual(<<"unauthorized">>,ErrType). + +should_allow_admin_db_view_cleanup(Url) -> + ?_assertEqual(true, + begin + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_view_cleanup", + [?CONTENT_JSON, ?AUTH], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + couch_util:get_value(<<"ok">>, InnerJson, undefined) + end). + +should_disallow_anonymous_db_view_cleanup(Url) -> + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_view_cleanup", + [?CONTENT_JSON], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + ErrType = couch_util:get_value(<<"error">>, InnerJson), + ?_assertEqual(<<"unauthorized">>, ErrType). diff --git a/src/couch/test/couchdb_file_compression_tests.erl b/src/couch/test/couchdb_file_compression_tests.erl index ccfa244359..a238459752 100644 --- a/src/couch/test/couchdb_file_compression_tests.erl +++ b/src/couch/test/couchdb_file_compression_tests.erl @@ -174,7 +174,7 @@ refresh_index(DbName) -> compact_db(DbName) -> DiskSizeBefore = db_disk_size(DbName), - {ok, Db} = couch_db:open_int(DbName, []), + {ok, Db} = couch_db:open_int(DbName, [?ADMIN_CTX]), {ok, _CompactPid} = couch_db:start_compact(Db), wait_compaction(DbName, "database", ?LINE), ok = couch_db:close(Db), diff --git a/src/couch/test/couchdb_views_tests.erl b/src/couch/test/couchdb_views_tests.erl index e320b54c62..a593dbc5ec 100644 --- a/src/couch/test/couchdb_views_tests.erl +++ b/src/couch/test/couchdb_views_tests.erl @@ -582,7 +582,7 @@ restore_backup_db_file(DbName) -> end, ?TIMEOUT, ?DELAY). compact_db(DbName) -> - {ok, Db} = couch_db:open_int(DbName, []), + {ok, Db} = couch_db:open_int(DbName, [?ADMIN_CTX]), {ok, _} = couch_db:start_compact(Db), ok = couch_db:close(Db), wait_db_compact_done(DbName, 20). diff --git a/src/couch_replicator/test/couch_replicator_compact_tests.erl b/src/couch_replicator/test/couch_replicator_compact_tests.erl index 1a794658a4..e3f2556f85 100644 --- a/src/couch_replicator/test/couch_replicator_compact_tests.erl +++ b/src/couch_replicator/test/couch_replicator_compact_tests.erl @@ -281,7 +281,7 @@ reopen_db(DbName) -> {ok, Db}. compact_db(Type, #db{name = Name}) -> - {ok, Db} = couch_db:open_int(Name, []), + {ok, Db} = couch_db:open_int(Name, [?ADMIN_CTX]), {ok, CompactPid} = couch_db:start_compact(Db), MonRef = erlang:monitor(process, CompactPid), receive From 5a44a6cfdc63e918537056acd29cdfcd103f3372 Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Tue, 4 Jul 2017 22:21:00 +0200 Subject: [PATCH 2/6] make sure to also run security check for design doc compaction --- src/chttpd/src/chttpd_auth_request.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/chttpd/src/chttpd_auth_request.erl b/src/chttpd/src/chttpd_auth_request.erl index ab160ee79e..9d9a4ca85d 100644 --- a/src/chttpd/src/chttpd_auth_request.erl +++ b/src/chttpd/src/chttpd_auth_request.erl @@ -61,7 +61,7 @@ authorize_request_int(#httpd{path_parts=[_DbName], method='PUT'}=Req) -> require_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName], method='DELETE'}=Req) -> require_admin(Req); -authorize_request_int(#httpd{path_parts=[_DbName, <<"_compact">>]}=Req) -> +authorize_request_int(#httpd{path_parts=[_DbName, <<"_compact">>|_]}=Req) -> require_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName, <<"_view_cleanup">>]}=Req) -> require_admin(Req); From 3b5d8f283ae2c72d30c845db9b6ff8c1c92acc56 Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Tue, 11 Jul 2017 10:12:01 +0200 Subject: [PATCH 3/6] Add tests for db admin/db member compaction. --- src/chttpd/test/chttpd_security_tests.erl | 82 +++++++++++++++++++++++++++---- 1 file changed, 73 insertions(+), 9 deletions(-) diff --git a/src/chttpd/test/chttpd_security_tests.erl b/src/chttpd/test/chttpd_security_tests.erl index a964f3006e..6e4b8b5a3f 100644 --- a/src/chttpd/test/chttpd_security_tests.erl +++ b/src/chttpd/test/chttpd_security_tests.erl @@ -18,21 +18,43 @@ -define(USER, "chttpd_db_test_admin"). -define(PASS, "pass"). -define(AUTH, {basic_auth, {?USER, ?PASS}}). + +-define(TEST_MEMBER, "test_member"). +-define(TEST_MEMBER_PASS, "test_member_pass"). +-define(TEST_MEMBER_AUTH, {basic_auth, {?TEST_MEMBER, ?TEST_MEMBER_PASS}}). + +-define(TEST_ADMIN, "test_admin"). +-define(TEST_ADMIN_PASS, "test_admin_pass"). +-define(TEST_ADMIN_AUTH, {basic_auth, {?TEST_ADMIN, ?TEST_ADMIN_PASS}}). + + + -define(CONTENT_JSON, {"Content-Type", "application/json"}). -define(FIXTURE_TXT, ?ABS_PATH(?FILE)). setup() -> ok = config:set("admins", ?USER, ?PASS, _Persist=false), + UserDb = ?tempdb(), TmpDb = ?tempdb(), + ok = config:set("couch_httpd_auth", "authentication_db", ?b2l(UserDb)), Addr = config:get("chttpd", "bind_address", "127.0.0.1"), Port = mochiweb_socket_server:get(chttpd, port), - Url = lists:concat(["http://", Addr, ":", Port, "/", ?b2l(TmpDb)]), + BaseUrl = lists:concat(["http://", Addr, ":", Port, "/"]), + Url = lists:concat([BaseUrl, ?b2l(TmpDb)]), + UsersUrl = lists:concat([BaseUrl, ?b2l(UserDb)]), + create_db(UsersUrl), create_db(Url), create_design_doc(Url), - Url. + create_user(UsersUrl,?TEST_MEMBER,[<>]), + create_user(UsersUrl,?TEST_ADMIN,[<>]), + set_security(Url), + [Url, UsersUrl]. -teardown(Url) -> +teardown([Url,UsersUrl]) -> + Addr = config:get("chttpd", "bind_address", "127.0.0.1"), + Port = mochiweb_socket_server:get(chttpd, port), delete_db(Url), + delete_db(UsersUrl), ok = config:delete("admins", ?USER, _Persist=false). create_db(Url) -> @@ -44,10 +66,32 @@ create_design_doc(Url) -> "{\"id\":\"_design/test\"}"), ?assert(Status =:= 201 orelse Status =:= 202). +set_security(Url) -> + + SecurityUrl = lists:concat([Url, "/_security"]), + SecurityProperties = [ + {<<"admins">>,{[{<<"roles">>,[<<"test_admin">>]}]}}, + {<<"members">>,{[{<<"roles">>,[<<"test_member">>]}]}} + ], + + Body = jiffy:encode({SecurityProperties}), + {ok, Status, _, _} = test_request:post(Url, [?CONTENT_JSON, ?AUTH], Body), + ?assert(Status =:= 201 orelse Status =:= 202). delete_db(Url) -> {ok, 200, _, _} = test_request:delete(Url, [?AUTH]). +create_user(UsersUrl,Name, Roles) -> + + Body = "{\"name\":\"" ++ Name ++ + "\",\"type\":\"user\",\"roles\":" ++ erlang:binary_to_list(jiffy:encode(Roles)) ++ ",\"password\":\"secret\"}", + Url = lists:concat([ + UsersUrl, "/org.couchdb.user:", Name]), + {ok, 201, _, _} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], Body), + % let's proceed after giving couch_peruser some time to create the user db + timer:sleep(2000). + + all_test_() -> { "chttpd security tests", @@ -60,6 +104,8 @@ all_test_() -> [ fun should_allow_admin_db_compaction/1, fun should_disallow_anonymous_db_compaction/1, + fun should_disallow_db_member_db_compaction/1, + fun should_allow_db_admin_db_compaction/1, fun should_allow_admin_view_compaction/1, fun should_disallow_anonymous_view_compaction/1, fun should_allow_admin_db_view_cleanup/1, @@ -69,7 +115,7 @@ all_test_() -> } }. -should_allow_admin_db_compaction(Url) -> +should_allow_admin_db_compaction([Url,UsersUrl]) -> ?_assertEqual(true, begin {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", @@ -79,7 +125,7 @@ should_allow_admin_db_compaction(Url) -> couch_util:get_value(<<"ok">>, InnerJson, undefined) end). -should_disallow_anonymous_db_compaction(Url) -> +should_disallow_anonymous_db_compaction([Url,UsersUrl]) -> {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", [?CONTENT_JSON], ""), ResultJson = ?JSON_DECODE(ResultBody), @@ -87,7 +133,25 @@ should_disallow_anonymous_db_compaction(Url) -> ErrType = couch_util:get_value(<<"error">>, InnerJson), ?_assertEqual(<<"unauthorized">>,ErrType). -should_allow_admin_view_compaction(Url) -> +should_disallow_db_member_db_compaction([Url,UsersUrl]) -> + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", + [?CONTENT_JSON, ?TEST_MEMBER_AUTH], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + ErrType = couch_util:get_value(<<"error">>, InnerJson), + ?_assertEqual(<<"unauthorized">>,ErrType). + +should_allow_db_admin_db_compaction([Url,UsersUrl]) -> + ?_assertEqual(true, + begin + {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact", + [?CONTENT_JSON, ?TEST_ADMIN_AUTH], ""), + ResultJson = ?JSON_DECODE(ResultBody), + {InnerJson} = ResultJson, + couch_util:get_value(<<"ok">>, InnerJson, undefined) + end). + +should_allow_admin_view_compaction([Url,UsersUrl]) -> ?_assertEqual(true, begin {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact/test", @@ -97,7 +161,7 @@ should_allow_admin_view_compaction(Url) -> couch_util:get_value(<<"ok">>, InnerJson, undefined) end). -should_disallow_anonymous_view_compaction(Url) -> +should_disallow_anonymous_view_compaction([Url,UsersUrl]) -> {ok, _, _, ResultBody} = test_request:post(Url ++ "/_compact/test", [?CONTENT_JSON], ""), ResultJson = ?JSON_DECODE(ResultBody), @@ -105,7 +169,7 @@ should_disallow_anonymous_view_compaction(Url) -> ErrType = couch_util:get_value(<<"error">>, InnerJson), ?_assertEqual(<<"unauthorized">>,ErrType). -should_allow_admin_db_view_cleanup(Url) -> +should_allow_admin_db_view_cleanup([Url,UsersUrl]) -> ?_assertEqual(true, begin {ok, _, _, ResultBody} = test_request:post(Url ++ "/_view_cleanup", @@ -115,7 +179,7 @@ should_allow_admin_db_view_cleanup(Url) -> couch_util:get_value(<<"ok">>, InnerJson, undefined) end). -should_disallow_anonymous_db_view_cleanup(Url) -> +should_disallow_anonymous_db_view_cleanup([Url,UsersUrl]) -> {ok, _, _, ResultBody} = test_request:post(Url ++ "/_view_cleanup", [?CONTENT_JSON], ""), ResultJson = ?JSON_DECODE(ResultBody), From f97c5aba65288688742da05c39ecaf0bbe5121d2 Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Tue, 11 Jul 2017 16:10:59 +0200 Subject: [PATCH 4/6] Fix test --- src/chttpd/test/chttpd_security_tests.erl | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/src/chttpd/test/chttpd_security_tests.erl b/src/chttpd/test/chttpd_security_tests.erl index 6e4b8b5a3f..009f22fc88 100644 --- a/src/chttpd/test/chttpd_security_tests.erl +++ b/src/chttpd/test/chttpd_security_tests.erl @@ -34,7 +34,7 @@ setup() -> ok = config:set("admins", ?USER, ?PASS, _Persist=false), - UserDb = ?tempdb(), + UserDb = <<"_users">>, TmpDb = ?tempdb(), ok = config:set("couch_httpd_auth", "authentication_db", ?b2l(UserDb)), Addr = config:get("chttpd", "bind_address", "127.0.0.1"), @@ -45,8 +45,8 @@ setup() -> create_db(UsersUrl), create_db(Url), create_design_doc(Url), - create_user(UsersUrl,?TEST_MEMBER,[<>]), - create_user(UsersUrl,?TEST_ADMIN,[<>]), + create_user(UsersUrl,?TEST_MEMBER,?TEST_MEMBER_PASS,[<>]), + create_user(UsersUrl,?TEST_ADMIN,?TEST_ADMIN_PASS,[<>]), set_security(Url), [Url, UsersUrl]. @@ -58,7 +58,7 @@ teardown([Url,UsersUrl]) -> ok = config:delete("admins", ?USER, _Persist=false). create_db(Url) -> - {ok, Status, _, _} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], "{}"), + {ok, Status, _, Body} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], "{}"), ?assert(Status =:= 201 orelse Status =:= 202). create_design_doc(Url) -> @@ -67,29 +67,27 @@ create_design_doc(Url) -> ?assert(Status =:= 201 orelse Status =:= 202). set_security(Url) -> - SecurityUrl = lists:concat([Url, "/_security"]), SecurityProperties = [ - {<<"admins">>,{[{<<"roles">>,[<<"test_admin">>]}]}}, - {<<"members">>,{[{<<"roles">>,[<<"test_member">>]}]}} + {<<"admins">>,{[{<<"roles">>,[<>]}]}}, + {<<"members">>,{[{<<"roles">>,[<>]}]}} ], Body = jiffy:encode({SecurityProperties}), - {ok, Status, _, _} = test_request:post(Url, [?CONTENT_JSON, ?AUTH], Body), - ?assert(Status =:= 201 orelse Status =:= 202). + {ok, Status, _, _} = test_request:put(SecurityUrl, [?CONTENT_JSON, ?AUTH], Body), + ?assert(Status =:= 200). delete_db(Url) -> {ok, 200, _, _} = test_request:delete(Url, [?AUTH]). -create_user(UsersUrl,Name, Roles) -> +create_user(UsersUrl, Name, Password, Roles) -> Body = "{\"name\":\"" ++ Name ++ - "\",\"type\":\"user\",\"roles\":" ++ erlang:binary_to_list(jiffy:encode(Roles)) ++ ",\"password\":\"secret\"}", + "\",\"type\":\"user\",\"roles\":" ++ erlang:binary_to_list(jiffy:encode(Roles)) ++ ",\"password\":\"" ++ Password ++"\"}", + Url = lists:concat([ UsersUrl, "/org.couchdb.user:", Name]), - {ok, 201, _, _} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], Body), - % let's proceed after giving couch_peruser some time to create the user db - timer:sleep(2000). + {ok, 201, _, _} = test_request:put(Url, [?CONTENT_JSON, ?AUTH], Body). all_test_() -> From d58d3fd5cf053c03b6eb395ba38d6ae00184ac23 Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Tue, 11 Jul 2017 16:12:19 +0200 Subject: [PATCH 5/6] Require admin or db admin for compact requests --- src/chttpd/src/chttpd_auth_request.erl | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/src/chttpd/src/chttpd_auth_request.erl b/src/chttpd/src/chttpd_auth_request.erl index 9d9a4ca85d..319e70b4b9 100644 --- a/src/chttpd/src/chttpd_auth_request.erl +++ b/src/chttpd/src/chttpd_auth_request.erl @@ -62,9 +62,9 @@ authorize_request_int(#httpd{path_parts=[_DbName], method='PUT'}=Req) -> authorize_request_int(#httpd{path_parts=[_DbName], method='DELETE'}=Req) -> require_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName, <<"_compact">>|_]}=Req) -> - require_admin(Req); + require_db_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName, <<"_view_cleanup">>]}=Req) -> - require_admin(Req); + require_db_admin(Req); authorize_request_int(#httpd{path_parts=[_DbName|_]}=Req) -> db_authorization_check(Req). @@ -94,3 +94,33 @@ db_authorization_check(#httpd{path_parts=[DbName|_],user_ctx=Ctx}=Req) -> require_admin(Req) -> ok = couch_httpd:verify_is_server_admin(Req), Req. + +require_db_admin(#httpd{path_parts=[DbName|_],user_ctx=Ctx}=Req) -> + Sec = fabric:get_security(DbName, [{user_ctx, Ctx}]), + + case is_db_admin(Ctx,Sec) of + true -> Req; + false -> throw({unauthorized, <<"You are not a server or db admin.">>}) + end. + +is_db_admin(#user_ctx{name=UserName,roles=UserRoles}, {Security}) -> + {Admins} = couch_util:get_value(<<"admins">>, Security, {[]}), + Names = couch_util:get_value(<<"names">>, Admins, []), + Roles = couch_util:get_value(<<"roles">>, Admins, []), + case check_security(roles, UserRoles, [<<"_admin">> | Roles]) of + true -> true; + false -> check_security(names, UserName, Names) + end. + +check_security(roles, [], _) -> + false; +check_security(roles, UserRoles, Roles) -> + UserRolesSet = ordsets:from_list(UserRoles), + RolesSet = ordsets:from_list(Roles), + not ordsets:is_disjoint(UserRolesSet, RolesSet); +check_security(names, _, []) -> + false; +check_security(names, null, _) -> + false; +check_security(names, UserName, Names) -> + lists:member(UserName, Names). \ No newline at end of file From 9c5081c561069752734150b92858dcc3e94434f6 Mon Sep 17 00:00:00 2001 From: Frederick Kaempfer Date: Tue, 11 Jul 2017 19:59:39 +0200 Subject: [PATCH 6/6] admin context in couch tests no longer necessary for compaction with the new approach --- src/couch/test/couchdb_file_compression_tests.erl | 2 +- src/couch/test/couchdb_views_tests.erl | 2 +- src/couch_replicator/test/couch_replicator_compact_tests.erl | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/couch/test/couchdb_file_compression_tests.erl b/src/couch/test/couchdb_file_compression_tests.erl index a238459752..ccfa244359 100644 --- a/src/couch/test/couchdb_file_compression_tests.erl +++ b/src/couch/test/couchdb_file_compression_tests.erl @@ -174,7 +174,7 @@ refresh_index(DbName) -> compact_db(DbName) -> DiskSizeBefore = db_disk_size(DbName), - {ok, Db} = couch_db:open_int(DbName, [?ADMIN_CTX]), + {ok, Db} = couch_db:open_int(DbName, []), {ok, _CompactPid} = couch_db:start_compact(Db), wait_compaction(DbName, "database", ?LINE), ok = couch_db:close(Db), diff --git a/src/couch/test/couchdb_views_tests.erl b/src/couch/test/couchdb_views_tests.erl index a593dbc5ec..e320b54c62 100644 --- a/src/couch/test/couchdb_views_tests.erl +++ b/src/couch/test/couchdb_views_tests.erl @@ -582,7 +582,7 @@ restore_backup_db_file(DbName) -> end, ?TIMEOUT, ?DELAY). compact_db(DbName) -> - {ok, Db} = couch_db:open_int(DbName, [?ADMIN_CTX]), + {ok, Db} = couch_db:open_int(DbName, []), {ok, _} = couch_db:start_compact(Db), ok = couch_db:close(Db), wait_db_compact_done(DbName, 20). diff --git a/src/couch_replicator/test/couch_replicator_compact_tests.erl b/src/couch_replicator/test/couch_replicator_compact_tests.erl index e3f2556f85..1a794658a4 100644 --- a/src/couch_replicator/test/couch_replicator_compact_tests.erl +++ b/src/couch_replicator/test/couch_replicator_compact_tests.erl @@ -281,7 +281,7 @@ reopen_db(DbName) -> {ok, Db}. compact_db(Type, #db{name = Name}) -> - {ok, Db} = couch_db:open_int(Name, [?ADMIN_CTX]), + {ok, Db} = couch_db:open_int(Name, []), {ok, CompactPid} = couch_db:start_compact(Db), MonRef = erlang:monitor(process, CompactPid), receive