Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

error: function_clause on invalid DB security objects #1384

Closed
wohali opened this Issue Jun 13, 2018 · 6 comments

Comments

Projects
None yet
3 participants
@wohali
Copy link
Member

wohali commented Jun 13, 2018

Worked example with dev/run -n 1 (password is randomly generated):

$ curl -X PUT http://root:Amef8yjS@localhost:15984/abc/_security -d '{"admins":["admin"],"members":["role_a"]}'
{"error":"error","reason":"no_majority"}
$ curl -X PUT http://root:eubM+LeC@localhost:15984/abc/_security -d '{"members":["role_a"]}'
{"error":"error","reason":"no_majority"}

Logfile:

[error] 2018-06-13T16:50:50.479397Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/a0000000-bfffffff/abc.1528908305">>} :: {error,function_clause}
[error] 2018-06-13T16:50:50.479454Z node1@127.0.0.1 <0.3642.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]                                                                              [error] 2018-06-13T16:50:50.479648Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/40000000-5fffffff/abc.1528908305">>} :: {error,function_clause}                                         [error] 2018-06-13T16:50:50.480220Z node1@127.0.0.1 <0.3647.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]                                                                              [error] 2018-06-13T16:50:50.480371Z node1@127.0.0.1 <0.3646.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]                                                                              [error] 2018-06-13T16:50:50.480506Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/e0000000-ffffffff/abc.1528908305">>} :: {error,function_clause}
[error] 2018-06-13T16:50:50.480645Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/c0000000-dfffffff/abc.1528908305">>} :: {error,function_clause}
[error] 2018-06-13T16:50:50.480700Z node1@127.0.0.1 <0.3644.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]
[error] 2018-06-13T16:50:50.480812Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/80000000-9fffffff/abc.1528908305">>} :: {error,function_clause}
[notice] 2018-06-13T16:50:50.481502Z node1@127.0.0.1 <0.3576.0> 3108587a16 localhost:15984 127.0.0.1 undefined PUT /abc/_security?n=1 500 ok 53
@PBeier

This comment has been minimized.

Copy link

PBeier commented Jun 15, 2018

I would like to work on this problem!

@wohali

This comment has been minimized.

Copy link
Member Author

wohali commented Jun 17, 2018

Hi @PBeier ! Thanks for volunteering to help.

The function_clause error line above has the full stack trace:

[error] 2018-06-13T16:50:50.479454Z node1@127.0.0.1 <0.3642.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]                                                                              [error] 2018-06-13T16:50:50.479648Z node1@127.0.0.1 <0.3576.0> 3108587a16 Failed to set security object on {'node1@127.0.0.1',<<"shards/40000000-5fffffff/abc.1528908305">>} :: {error,function_clause}                                         [error] 2018-06-13T16:50:50.480220Z node1@127.0.0.1 <0.3647.0> 3108587a16 rpc couch_db:set_security/2 function_clause [{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]                                                                              [error] 2018-06-13T16:50:50.480371Z node1@127.0.0.1 <0.3646.0> 3108587a16 rpc couch_db:set_security/2 function_clause [
{couch_db,validate_names_and_roles,[[<<"role_a">>]],[{file,"src/couch_db.erl"},{line,594}]},
{couch_db,validate_security_object,1,[{file,"src/couch_db.erl"},{line,590}]},
{couch_db,set_security,2,[{file,"src/couch_db.erl"},{line,574}]},
{fabric_rpc,with_db,3,[{file,"src/fabric_rpc.erl"},{line,289}]},
{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,139}]}]   

You'll need to add an additional guard in couch_db:validate_security_object/1 or couch_db:set_security/2 to deal with the fact that it's found an item inside of members or admins that isn't either "names" or "roles".

While you're at it, you should check that it correctly handles security objects that have top-level items that aren't admins or members.

See the documentation for what a security object should look like.

Then, I would add additional test cases to ensure that what you've done passes. This file is one possible place to start, but you could also put a test case in at the chttpd layer, which is higher level.

@PBeier

This comment has been minimized.

Copy link

PBeier commented Jun 20, 2018

Sorry, I can't find Visual Studio 2013 x64 Community Edition; only the x86 version ...

@jiangphcn

This comment has been minimized.

Copy link
Contributor

jiangphcn commented Nov 22, 2018

@PBeier are you still working on this ticket? If not, @wenli200133 can help out as well.

@jiangphcn

This comment has been minimized.

Copy link
Contributor

jiangphcn commented Nov 26, 2018

looks that there is no response from @PBeier. Assuming @wenli200133 can start with this task.

@wohali

This comment has been minimized.

Copy link
Member Author

wohali commented Nov 26, 2018

Thanks @jiangphcn , go ahead @wenli200133

jiangphcn added a commit to cloudant/couchdb that referenced this issue Dec 8, 2018

Fix function_clause error
   -  fix function_clause error on invalid DB security objects
   when the request body of PUT db/_security endpoint is not
   a correct json format

Closes apache#1384

@jiangphcn jiangphcn closed this in fcb272e Dec 8, 2018

janl added a commit that referenced this issue Feb 7, 2019

Fix function_clause error
   -  fix function_clause error on invalid DB security objects
   when the request body of PUT db/_security endpoint is not
   a correct json format

Closes #1384

janl added a commit that referenced this issue Feb 17, 2019

Fix function_clause error
   -  fix function_clause error on invalid DB security objects
   when the request body of PUT db/_security endpoint is not
   a correct json format

Closes #1384
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.