CouchDB
  1. CouchDB
  2. COUCHDB-1316

Error in the validate_doc_update function of the _users db

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: 1.1
    • Fix Version/s: None
    • Component/s: Database Core
    • Labels:
      None
    • Skill Level:
      New Contributors Level (Easy)

      Description

      Hi!

      In the validate_doc_update method of the _users database is a small error. On the one hand it seems that the `roles` attribute of the user doc is not required:

      if (newDoc.roles && !isArray(newDoc.roles)) {
      throw(

      {forbidden: 'doc.roles must be an array'}

      );
      }

      On the other hand the function iterates over the roles:

      // no system roles in users db
      for (var i = 0; i < newDoc.roles.length; i++) {
      if (newDoc.roles[i][0] === '_') {
      throw(

      { forbidden: 'No system roles (starting with underscore) in users db.' }

      );
      }
      }

      So, is the roles field required? If so, then throwing a real error would be nice since I only get a stack trace from CouchDB. If it is not required, checking it's presence before iterating over it would be necessary.

      I am kind of lost in all the new Git handling and such. Would it be appropriate to open a Github Pull Request? Or should I add a patch to this issue? Depending on the answer to the roles question I could provide a patch since it is trivial enough for me I guess

      Cheers,
      Daniel

        Issue Links

          Activity

          Adam Kocoloski made changes -
          Status Open [ 1 ] Resolved [ 5 ]
          Resolution Fixed [ 1 ]
          Adam Kocoloski made changes -
          Link This issue is related to COUCHDB-1551 [ COUCHDB-1551 ]
          Hide
          Adam Kocoloski added a comment -

          In COUCHDB-1511 we ended up requiring a doc.roles field in the validation function.

          Show
          Adam Kocoloski added a comment - In COUCHDB-1511 we ended up requiring a doc.roles field in the validation function.
          Hide
          Filipe Manana added a comment -

          Looks good to me Jan

          Show
          Filipe Manana added a comment - Looks good to me Jan
          Jan Lehnardt made changes -
          Field Original Value New Value
          Assignee Filipe Manana [ fdmanana ]
          Hide
          Jan Lehnardt added a comment -

          Good catch, http://git-wip-us.apache.org/repos/asf/couchdb/repo?p=couchdb.git;a=commit;h=b25cb7456e52dbce94d30da9b0c6f810cccf5a60 fixes the validation function and a sets a default for couch_util:get_value() in the auth cache to [] (instead of the undefined atom).

          I'd appreciate a review from Filipe here

          Show
          Jan Lehnardt added a comment - Good catch, http://git-wip-us.apache.org/repos/asf/couchdb/repo?p=couchdb.git;a=commit;h=b25cb7456e52dbce94d30da9b0c6f810cccf5a60 fixes the validation function and a sets a default for couch_util:get_value() in the auth cache to [] (instead of the undefined atom). I'd appreciate a review from Filipe here
          Daniel Truemper created issue -

            People

            • Assignee:
              Filipe Manana
              Reporter:
              Daniel Truemper
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development