[couchdb] 30/36: chore: append _users role instead of prepending it

Sat, 08 Jul 2023 01:13:19 -0700 

This is an automated email from the ASF dual-hosted git repository.

jan pushed a commit to branch rebase/access-2023
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 6899d37944aa94ce385eed237a47baf36638a51a
Author: Jan Lehnardt <[email protected]>
AuthorDate: Fri Nov 11 13:44:26 2022 +0100

    chore: append _users role instead of prepending it
---
 src/couch/src/couch_httpd_auth.erl  | 4 ++--
 test/elixir/test/proxyauth_test.exs | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/couch/src/couch_httpd_auth.erl 
b/src/couch/src/couch_httpd_auth.erl
index e8d56d3c9..1927781a1 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -103,7 +103,7 @@ extract_roles(UserProps) ->
     Roles = couch_util:get_value(<<"roles">>, UserProps, []),
     case lists:member(<<"_admin">>, Roles) of
         true -> Roles;
-        _ -> [<<"_users">> | Roles]
+        _ -> Roles ++ [<<"_users">>]
     end.
 
 default_authentication_handler(Req) ->
@@ -196,7 +196,7 @@ proxy_auth_user(Req) ->
             Roles =
                 case header_value(Req, XHeaderRoles) of
                     undefined -> [];
-                    Else -> [<<"_users">> | re:split(Else, "\\s*,\\s*", [trim, 
{return, binary}])]
+                    Else -> re:split(Else, "\\s*,\\s*", [trim, {return, 
binary}]) ++ [<<"_users">>]
                 end,
             case
                 chttpd_util:get_chttpd_auth_config_boolean(
diff --git a/test/elixir/test/proxyauth_test.exs 
b/test/elixir/test/proxyauth_test.exs
index 9c9638d52..0c77abff5 100644
--- a/test/elixir/test/proxyauth_test.exs
+++ b/test/elixir/test/proxyauth_test.exs
@@ -70,7 +70,7 @@ defmodule ProxyAuthTest do
       )
 
     assert resp2.body["userCtx"]["name"] == "[email protected]"
-    assert resp2.body["userCtx"]["roles"] == ["_users", "test_role"]
+    assert resp2.body["userCtx"]["roles"] == ["test_role", "_users"]
     assert resp2.body["info"]["authenticated"] == "proxy"
     assert resp2.body["ok"] == true
 
@@ -124,7 +124,7 @@ defmodule ProxyAuthTest do
       )
 
     assert resp2.body["userCtx"]["name"] == "[email protected]"
-    assert resp2.body["userCtx"]["roles"] == ["_users", "test_role_1", 
"test_role_2"]
+    assert resp2.body["userCtx"]["roles"] == ["test_role_1", "test_role_2", 
"_users"]
     assert resp2.body["info"]["authenticated"] == "proxy"
     assert resp2.body["ok"] == true

Reply via email to