[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-16 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12932476#action_12932476
 ] 

Dale Harvey commented on COUCHDB-912:
-

It only allows attachments to design docs, but yeh its not a solution I 
particularly like

a flag on the design doc I would much prefer, Its what I mentioned 
http://comments.gmane.org/gmane.comp.db.couchdb.user/10681, forgot who pointed 
me towards implementing it as a config option but I figured I would do it 
quickly just so I could understand the implications.Hinnerk Haardts point out 
that with a flag on the design doc you can have seperate login / business logic 
design docs which would work fine.

is reading the database on every request to a design document ok / anyway to 
cache it nicely?

I dont want this particular patch to go in, I just wanted to post it to mark it 
as a priority because without it private couchapps are very very crippled.

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-15 Thread Jan Lehnardt (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12932178#action_12932178
 ] 

Jan Lehnardt commented on COUCHDB-912:
--

Do I read this correctly as the config option 
couch_httpd_auth/anonymous_design_doc will expose any design document in a 
protected database to anonymous users?

This seems a tad coarse to me. It wouldn't make things simpler, but I'd expect 
either design docs having a property allowing anonymous reads or at least a 
database's secObj could hold a list of aon-public design documents.

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-15 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12932075#action_12932075
 ] 

Dale Harvey commented on COUCHDB-912:
-

Thanks for the advice Filipe, very helpful

made those changes (the javascript is 2 space indented, just was a bug in one 
of the declarations which is fixed)

I can merge the test into another suite if anyone would prefer that, just 
cleaner in a seperate one for now as it does a run_on_modified_server (that 
could be taken out as I would propose for this to be the default, I wasnt sure 
about the best practice for that though)

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-09 Thread Filipe Manana (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12930114#action_12930114
 ] 

Filipe Manana commented on COUCHDB-912:
---

Dale, looks a lot better now.

Only 3 things left:

1) For JavaScript code, the CouchDB convention is to use 2 spaces for each 
indentation level. Also, the test should probably go into the design_docs.js 
file. I don't think such a small test should go into a separate file (others 
may disagree);

2) Besides validating the patch, don't you want to make sure the access is only 
allowed for GET requests? Because like it is now, it seems to me that anonymous 
users are allowed to add (PUT) attachments to the design doc;

3) The is_design_attachment function could still be left out, and instead have 
do_db_req/2 like:

case {Anon, RestParts, Req#httpd.method} of
{"true", [ <<"_design">>, _DdocName, <> | _ ], 'GET'} when C =/= 
$_ ->
 fun couch_db:open_int/2;
_ ->
 fun couch_db:open/2
end

This makes it simple and shorter imho.

Good work!

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch, attachment_permissions.js
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-08 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12929918#action_12929918
 ] 

Dale Harvey commented on COUCHDB-912:
-

I have redone the patch thanks to Filipes feedback, its much cleaner now, 
thanks.

I have is_ddoc_attachment() which reproduces some routing logic that is spread 
throughout the entire couch_httpd_db.erl, I would prefer that the logic only 
done once, and it would be possible to workaround by reopening the database in 
various places. However that patch is far more intrusive.

The right 'fix' is to decouple the routing from the actual logic, and paul 
mentioned experimenting with a webmachine / other routing layer so I think its 
ok to make changes like these and defer workarounds until a nicer routing layer 
is in place.

(but if you want the open db patch, then just say)

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch, attachment_permissions.js
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-06 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928971#action_12928971
 ] 

Dale Harvey commented on COUCHDB-912:
-

Thats awesome feedback, cheers, yeh was in the middle of writing the tests, 
just put the patch up before so I could get comments like this :)

Will repatch and send in the tests later today, thanks.



> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch, anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-06 Thread Filipe Manana (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928962#action_12928962
 ] 

Filipe Manana commented on COUCHDB-912:
---

Hi,

I have a few remarks:

1) A test is needed. Probably the right place for it will be in 
share/www/script/test/design_docs.js;

2) No need to change couch_db:open/2. Just use couch_db:open_int/2;

3) I agree with Adam. No need to "cache" the value. A couch_config:get/3 
doesn't go through a gen_server, it does direct lookups to a protected 
(readable by any process) ets table, therefore it's very fast. I also don't 
think that couch_httpd.erl should be touched at all;

4) That to_bool/1 function is very unerlangish. Just do something like:   
Whatever =:= "true";

5) Also that is_design_attachment function seems redundant. I would suggest 
restricting all the change in couch_http_db.erl to the do_db_req/2 function. 
Something like the following:

diff --git a/src/couchdb/couch_httpd_db.erl b/src/couchdb/couch_httpd_db.erl
index 87fc15d..9e68c08 100644
--- a/src/couchdb/couch_httpd_db.erl
+++ b/src/couchdb/couch_httpd_db.erl
@@ -188,7 +188,7 @@ delete_db_req(#httpd{user_ctx=UserCtx}=Req, DbName) ->
 throw(Error)
 end.
 
-do_db_req(#httpd{user_ctx=UserCtx,path_parts=[DbName|_]}=Req, Fun) ->
+do_db_req(#httpd{user_ctx=UserCtx,path_parts=[DbName|RestParts]}=Req, Fun) ->
 LDbName = ?b2l(DbName),
 % I hope this lookup is cheap.
 case couch_config:get("couch_httpd_auth", "authentication_db") of
@@ -198,7 +198,13 @@ 
do_db_req(#httpd{user_ctx=UserCtx,path_parts=[DbName|_]}=Req, Fun) ->
 couch_db:close(ADb);
 _Else -> ok
 end,
-case couch_db:open(DbName, [{user_ctx, UserCtx}]) of
+OpenDbFun = case RestParts of
+[<<"_design">> | _] ->
+fun couch_db:open_int/2;
+_ ->
+fun couch_db:open/2
+end,
+case OpenDbFun(DbName, [{user_ctx, UserCtx}]) of
 {ok, Db} ->
 try
 Fun(Req, Db)


All the rest seems ok to me. Good work.
cheers

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch, anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-05 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928903#action_12928903
 ] 

Dale Harvey commented on COUCHDB-912:
-

Added a new patch that caches it. Personally I think httpd.erl and forward is a 
tad messy and would be best leave it uncached for now and if needed do a 
seperate refactor to make that caching more convenient / tidier. (Used an 
opaque dict so the next thing that needs cached doesnt add another parameter)

Will write the tests for it now



> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch, anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-05 Thread Adam Kocoloski (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928845#action_12928845
 ] 

Adam Kocoloski commented on COUCHDB-912:


The difference between the two should be completely negligible, I think.  A 
couch_config lookup takes only a microsecond or two.  I tend to prefer not 
caching the config values when writing long-lived servers.

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-05 Thread Chris Anderson (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928833#action_12928833
 ] 

Chris Anderson commented on COUCHDB-912:


reviewing the patch. looks good except that config should not be read in an 
http responder. instead it should be read in the gen-server init and added to 
the httpd record or something so it's available in the responder.

This is a little bit more performant, here's an example of where config is 
loaded.

https://github.com/apache/couchdb/blob/trunk/src/couchdb/couch_httpd.erl#L76

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (COUCHDB-912) Anonymous Access to Design Docs on private DB's

2010-11-05 Thread Dale Harvey (JIRA) 

[ 
https://issues.apache.org/jira/browse/COUCHDB-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928630#action_12928630
 ] 

Dale Harvey commented on COUCHDB-912:
-

This patch adds a configuration option that allows users to make attachments to 
design documents available to anonymous users on private database.

> Anonymous Access to Design Docs on private DB's
> ---
>
> Key: COUCHDB-912
> URL: https://issues.apache.org/jira/browse/COUCHDB-912
> Project: CouchDB
>  Issue Type: New Feature
>  Components: HTTP Interface
>Reporter: Dale Harvey
> Attachments: anon.patch
>
>
> Right now people need to go through futon in order to login to couchapps 
> running on private databases, this is a pretty big limitation on the type of 
> couchapps that can be built
> Propose adding the ability for users to flag the design docs as readable for 
> anonymous users, could be implemented though an attribute on the design doc?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.