This repository has been archived by the owner on Apr 18, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
_auth.js
277 lines (230 loc) · 7.29 KB
/
_auth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
// sync to $host/_users/_design/_auth
var ddoc = {_id:"_design/_auth", language:"javascript"}
module.exports = ddoc
ddoc.lists = {
index: function (head,req) {
var row
, out = {}
, id, data
while (row = getRow()) {
id = row.id.replace(/^org\.couchdb\.user:/, '')
data = row.value
delete data._id
delete data._rev
delete data.salt
delete data.password_sha
delete data.type
delete data.roles
delete data._deleted_conflicts
out[id] = data
}
send(toJSON(out))
},
email:function (head, req) {
var row
, data
, id
, email = req.query.email || undefined
, out = []
while (row = getRow()) {
id = row.id.replace(/^org\.couchdb\.user:/, '')
data = row.value
var dm = data.email || undefined
if (data.email !== email) continue
out.push(row.value.name)
}
send(toJSON(out))
}
}
ddoc.validate_doc_update = function (newDoc, oldDoc, userCtx, secObj) {
if (newDoc._deleted === true) {
// allow deletes by admins
if ((userCtx.roles.indexOf('_admin') !== -1)) {
return;
} else {
throw({forbidden: 'Only admins may delete user docs.'});
}
}
if ((oldDoc && oldDoc.type !== 'user') || newDoc.type !== 'user') {
throw({forbidden : 'doc.type must be user'});
} // we only allow user docs for now
if (!newDoc.name) {
throw({forbidden: 'doc.name is required'});
}
if (newDoc.roles && !isArray(newDoc.roles)) {
throw({forbidden: 'doc.roles must be an array'});
}
if (newDoc._id !== ('org.couchdb.user:' + newDoc.name)) {
throw({
forbidden: 'Doc ID must be of the form org.couchdb.user:name'
});
}
if (newDoc.name !== newDoc.name.toLowerCase()) {
throw({
forbidden: 'Name must be lower-case'
})
}
if (newDoc.name !== encodeURIComponent(newDoc.name)) {
throw({
forbidden: 'Name cannot contain non-url-safe characters'
})
}
if (newDoc.name.charAt(0) === '.') {
throw({
forbidden: 'Name cannot start with .'
})
}
if (!(newDoc.email && newDoc.email.match(/^.+@.+\..+$/))) {
throw({forbidden: 'Email must be an email address'})
}
if (oldDoc) { // validate all updates
if (oldDoc.name !== newDoc.name) {
throw({forbidden: 'Usernames can not be changed.'});
}
}
if (newDoc.password_sha && !newDoc.salt) {
throw({
forbidden: 'Users with password_sha must have a salt.'
});
}
var is_server_or_database_admin = function(userCtx, secObj) {
// see if the user is a server admin
if(userCtx.roles.indexOf('_admin') !== -1) {
return true; // a server admin
}
// see if the user a database admin specified by name
if(secObj && secObj.admins && secObj.admins.names) {
if(secObj.admins.names.indexOf(userCtx.name) !== -1) {
return true; // database admin
}
}
// see if the user a database admin specified by role
if(secObj && secObj.admins && secObj.admins.roles) {
var db_roles = secObj.admins.roles;
for(var idx = 0; idx < userCtx.roles.length; idx++) {
var user_role = userCtx.roles[idx];
if(db_roles.indexOf(user_role) !== -1) {
return true; // role matches!
}
}
}
return false; // default to no admin
}
if (!is_server_or_database_admin(userCtx, secObj)) {
if (oldDoc) { // validate non-admin updates
if (userCtx.name !== newDoc.name) {
throw({
forbidden: 'You may only update your own user document.'
});
}
if (oldDoc.email !== newDoc.email) {
throw({
forbidden: 'You may not change your email address\n' +
'Please visit https://npmjs.org/email-edit to do so.'
})
}
// validate role updates
var oldRoles = oldDoc.roles.sort();
var newRoles = newDoc.roles.sort();
if (oldRoles.length !== newRoles.length) {
throw({forbidden: 'Only _admin may edit roles'});
}
for (var i = 0; i < oldRoles.length; i++) {
if (oldRoles[i] !== newRoles[i]) {
throw({forbidden: 'Only _admin may edit roles'});
}
}
} else if (newDoc.roles.length > 0) {
throw({forbidden: 'Only _admin may set roles'});
}
}
// no system roles in users db
for (var i = 0; i < newDoc.roles.length; i++) {
if (newDoc.roles[i][0] === '_') {
throw({
forbidden: 'No system roles (starting with underscore) in users db.'
});
}
}
// no system names as names
if (newDoc.name[0] === '_') {
throw({forbidden: 'Username may not start with underscore.'});
}
var badUserNameChars = [':'];
for (var i = 0; i < badUserNameChars.length; i++) {
if (newDoc.name.indexOf(badUserNameChars[i]) >= 0) {
throw({forbidden: 'Character `' + badUserNameChars[i] +
'` is not allowed in usernames.'});
}
}
}
ddoc.views = {
listAll: { map : function (doc) { return emit(doc._id, doc) } },
invalidUser: { map: function (doc) {
var errors = []
if (doc.type !== 'user') {
errors.push('doc.type must be user')
}
if (!doc.name) {
errors.push('doc.name is required')
}
if (doc.roles && !isArray(doc.roles)) {
errors.push('doc.roles must be an array')
}
if (doc._id !== ('org.couchdb.user:' + doc.name)) {
errors.push('Doc ID must be of the form org.couchdb.user:name')
}
if (doc.name !== doc.name.toLowerCase()) {
errors.push('Name must be lower-case')
}
if (doc.name !== encodeURIComponent(doc.name)) {
errors.push('Name cannot contain non-url-safe characters')
}
if (doc.name.charAt(0) === '.') {
errors.push('Name cannot start with .')
}
if (!(doc.email && doc.email.match(/^.+@.+\..+$/))) {
errors.push('Email must be an email address')
}
if (doc.password_sha && !doc.salt) {
errors.push('Users with password_sha must have a salt.')
}
if (!errors.length) return
emit([doc.name, doc.email], errors)
}},
invalid: { map: function (doc) {
if (doc.type !== 'user') {
return emit(['doc.type must be user', doc.email, doc.name], 1)
}
if (!doc.name) {
return emit(['doc.name is required', doc.email, doc.name], 1)
}
if (doc.roles && !isArray(doc.roles)) {
return emit(['doc.roles must be an array', doc.email, doc.name], 1)
}
if (doc._id !== ('org.couchdb.user:' + doc.name)) {
return emit(['Doc ID must be of the form org.couchdb.user:name', doc.email, doc.name], 1)
}
if (doc.name !== doc.name.toLowerCase()) {
return emit(['Name must be lower-case', doc.email, doc.name], 1)
}
if (doc.name !== encodeURIComponent(doc.name)) {
return emit(['Name cannot contain non-url-safe characters', doc.email, doc.name], 1)
}
if (doc.name.charAt(0) === '.') {
return emit(['Name cannot start with .', doc.email, doc.name], 1)
}
if (!(doc.email && doc.email.match(/^.+@.+\..+$/))) {
return emit(['Email must be an email address', doc.email, doc.name], 1)
}
if (doc.password_sha && !doc.salt) {
return emit(['Users with password_sha must have a salt.', doc.email, doc.name], 1)
}
}, reduce: '_sum'}
}
if (require.main === module) {
console.log(JSON.stringify(ddoc, function (k, v) {
if (typeof v !== 'function') return v;
return v.toString()
}))
}