[
https://issues.apache.org/jira/browse/COUCHDB-2803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15141188#comment-15141188
]
Mike Wallace commented on COUCHDB-2803:
---------------------------------------
\o/ \o/ \o/ This got fixed in
https://github.com/apache/couchdb-chttpd/commit/3ff69bffd45cda6b256bf73cbf7799798c0b4917
\o/ \o/ \o/
> Doc ids in the _users db which are not in the format
> org.couchdb.user:USERNAME break the chttpd_auth_cache changes listener
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: COUCHDB-2803
> URL: https://issues.apache.org/jira/browse/COUCHDB-2803
> Project: CouchDB
> Issue Type: Bug
> Components: Database Core
> Affects Versions: 2.0.0
> Reporter: Mike Wallace
>
> Any documents in the _users db which have an id not matching
> org.couchdb.user:USERNAME will cause the chttpd_auth_cache changes listener
> to die.
> This is reproducable by running the following command against a dev cluster
> spawned with {{dev/run --with-admin-party-please}}:
> {code}
> $ curl -X PUT http://localhost:15984/_users/_design/doge -d
> '{"views":{"shibe":{"map":"function(doc) { emit(doc.id, 1); }", "reduce":
> "_sum"}}}'
> {"ok":true,"id":"_design/doge","rev":"1-bdbef59255fb95eecb7ffb0a4f5c9bfc"}
> {code}
> Then observing the logs in dev/logs/node*.log:
> {code}
> 2015-09-09 15:56:55.988 [notice] [email protected] <0.352.0> chttpd_auth_cache
> changes listener died
> {function_clause,[{chttpd_auth_cache,username,[<<"_design/doge">>],[{file,"src/chttpd_auth_cache.erl"},{line,176}]},{chttpd_auth_cache,changes_callback,2,[{file,"src/chttpd_auth_cache.erl"},{line,149}]},{fabric_view_changes,handle_message,3,[{file,"src/fabric_view_changes.erl"},{line,285}]},{rexi_utils,process_mailbox,6,[{file,"src/rexi_utils.erl"},{line,55}]},{rexi_utils,recv,6,[{file,"src/rexi_utils.erl"},{line,49}]},{fabric_view_changes,receive_results,4,[{file,"src/fabric_view_changes.erl"},{line,215}]},{fabric_view_changes,send_changes,6,[{file,"src/fabric_view_changes.erl"},{line,176}]},{fabric_view_changes,keep_sending_changes,8,[{file,"src/fabric_view_changes.erl"},{line,82}]}]}
> {code}
> The error is due to the following line in
> chttpd_auth_cache:changes_callback/2 [1]:
> {code}
> UserName = username(couch_util:get_value(id, Change)),
> {code}
> Which passes every doc id through:
> {code}
> username(<<"org.couchdb.user:", UserName/binary>>) ->
> UserName.
> {code}
> Therefore any doc id not matching the pattern results in a function_clause
> error.
> Not quite sure what the preferred fix is here. Should we allow regular
> documents in the _users DB with IDs that do not have the org.couchdb.user:
> prefix? Or just restrict that to design docs?
> If we are going to enforce the org.couchdb.user: prefix for all non-design
> docs then we should also stop users from writing docs that do not have that
> prefix.
> My proposal is therefore:
> 1. Modify the changes listener in chttpd_auth_cache so that it silently
> ignores design documents.
> 2. Validate at update time that docs in the users DB are either design docs
> or have the org.user.couchdb: prefx.
> Thoughts?
> [1]
> https://github.com/apache/couchdb-chttpd/blob/master/src/chttpd_auth_cache.erl#L149
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
