Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

support system dbs. close #9 .

Systems databases are databases only available and visible by admins.
All systems databases are prefixed by `rc_` .

Ex:

    $ curl -XPUT http://127.0.0.1:5984/rc_somesystemdb
    {"error":"unauthorized","reason":"You are not a server admin."}
    $ curl -XPUT http://admin:test@127.0.0.1:5984/rc_somesystemdb
    {"ok":true}
    $ curl http://admin:test@127.0.0.1:5984/_all_dbs
    ["_replicator","_users","rc_somesystemdb"]
    $ curl http://127.0.0.1:5984/_all_dbs
    ["_replicator","_users"]
    $ curl -XPUT http://admin:test@127.0.0.1:5984/rc_somesystemdb -d'{}'
    {"error":"file_exists","reason":"The database could not be created,
the file already exists."}
    $ curl -XPUT http://admin:test@127.0.0.1:5984/rc_somesystemdb/test
-d'{}'
    {"ok":true,"id":"test","rev":"1-967a00dff5e02add41819138abb3284d"}
    $ curl -XPUT http://127.0.0.1:5984/rc_somesystemdb/test1
-d'{}'{"error":"unauthorized","reason":"You are not authorized to access
this db."}
    $ curl
http://127.0.0.1:5984/rc_somesystemdb/_all_docs{"error":"unauthorized","reason":"You
are not authorized to access this db."}
    $ curl http://admin:test@127.0.0.1:5984/rc_somesystemdb/_all_docs
    {"total_rows":1,"offset":0,"rows":[
    {"id":"test","key":"test","value":{"rev":"1-967a00dff5e02add41819138abb3284d"}}
    ]}
  • Loading branch information...
commit 29560d9133195a500d1bd5ecb0d114aa7d4c3e7e 1 parent bd07515
@benoitc benoitc authored
View
8 apps/couch/src/couch_db.erl
@@ -335,6 +335,14 @@ check_is_admin(#db{user_ctx=#user_ctx{name=Name,roles=Roles}}=Db) ->
ok
end.
+check_is_member(#db{name = <<"rc_", _/binary>> } = Db) ->
+ case (catch check_is_admin(Db)) of
+ ok ->
+ ok;
+ _ ->
+ throw({unauthorized,
+ <<"You are not authorized to access this db.">>})
+ end;
check_is_member(#db{user_ctx=#user_ctx{name=Name,roles=Roles}=UserCtx}=Db) ->
case (catch check_is_admin(Db)) of
ok -> ok;
View
12 apps/couch_httpd/src/couch_httpd_misc_handlers.erl
@@ -74,7 +74,17 @@ handle_utils_dir_req(Req, _) ->
send_method_not_allowed(Req, "GET,HEAD").
handle_all_dbs_req(#httpd{method='GET'}=Req) ->
- {ok, DbNames} = couch_server:all_databases(),
+ IsAdmin = case catch(couch_httpd:verify_is_server_admin(Req)) of
+ ok -> true;
+ _ -> false
+ end,
+ {ok, DbNames} = couch_server:all_databases(fun
+ (<<"rc_", _/binary>>, Acc)
+ when IsAdmin =:= false ->
+ {ok, Acc};
+ (Dbname, Acc) ->
+ {ok, [Dbname|Acc]}
+ end, []),
send_json(Req, DbNames);
handle_all_dbs_req(Req) ->
send_method_not_allowed(Req, "GET,HEAD").
Please sign in to comment.
Something went wrong with that request. Please try again.