Commits on Jan 17, 2012
  1. @fdmanana

    Fixes for COUCHDB-188 fix

    On conflict, keep using the current revision tree.
    Issue noticed by Paul Davis. Thanks.
    fdmanana committed Jan 17, 2012
  2. @fdmanana

    Fix ets lookup case_clause error after ddoc is updated

    This happens if the ddoc_updated event is received after
    a client opens the new view group or if a design document
    is updated several times in a row and there are still
    clients streaming views from 2 or more view groups that
    match old versions of the design document.
    
    This relates to COUCHDB-1309
    fdmanana committed Jan 17, 2012
  3. @rnewson

    COUCHDB-1380 Revert "Better logger performance"

    This reverts commit 9f2398f which
    switched couch_log to use disk_log. Unfortunately that module performs
    positioned writes which prevents the usual logrotation strategy from
    working correctly.
    rnewson committed Jan 17, 2012
Commits on Jan 12, 2012
  1. @dch
Commits on Jan 9, 2012
Commits on Jan 8, 2012
  1. Allow test/javascript/run to be run standalone

    Some users will incrementally reload a single code module into a running
    couchdb instance and wish to run the js tests again. This allows
    test/javascript/run to execute outside of make check by using an env
    variable COUCHDB_NO_START.
    Bob Dionne committed Jan 8, 2012
  2. @fdmanana

    Use enif_is_number on OTP R15B or higher

    The NIF API in OTP R15B introduced the enif_is_number function.
    fdmanana committed Jan 8, 2012
  3. improve the startup delay for js test harness

    Change waitForSuccess to catch errors in the sync request that's used
    to hand control back to the JS engine. Then, use waitForSuccess to
    see if CouchDB has started and remove the 1 second sleep before the
    tests start.
    committed Dec 15, 2011
Commits on Jan 7, 2012
  1. @fdmanana

    Don't send Content-Type in GET/HEAD requests

    This partially reverts 55d2c9e,
    adding only a Content-Type of application/json to post requests
    against _revs_diff.
    fdmanana committed Jan 7, 2012
  2. @janl

    Set COUCHDB_NO_START=1 to not start CouchDB during JavaScript tests

    This restores the previous default behaviour.
    janl committed Jan 7, 2012
  3. @janl
  4. @rnewson

    Cache-bust every attachment range GET

    This appears to expose a bug in Chrome for an edge case. There's a
    test that sends "Range: bytes=0-29" for an item that is one byte
    shorter than the requested range. Curl, Firefox and Safari correctly
    returns;
    
    Content-Range: bytes 0-28/29
    Content-Length: 29
    
    Whereas Safari erroneously gets this;
    
    Content-Range: bytes 0-29/29
    Content-Length: 30
    
    So, this test will fail on Chrome until a) Chrome is fixed or b)
    someone points out that I'm wrong about the Chrome bug.
    rnewson committed Jan 7, 2012
  5. @janl
  6. @fdmanana

    Use default content-type application/json

    Some requests made by the replicator were missing a
    Content-Type header. By default now all requests have
    a Content-Type of application/json.
    fdmanana committed Jan 7, 2012
  7. @fdmanana

    Add heartbeat parameter to all _changes requests

    Even non-continuous _changes requests, particularly filtered
    ones, can cause long periods of inactivity.
    fdmanana committed Jan 7, 2012
  8. @fdmanana
  9. @fdmanana

    Fix document deletion followed by creation

    If the updater collects 2 updates for the same document
    where the first deletes it and the second creates it, it
    would send a conflict error to the client of the create
    request. This wouldn't happen if the 2 requests were
    collected in 2 different batches by the updater.
    
    Closes COUCHDB-188
    fdmanana committed Jan 6, 2012
  10. @fdmanana

    Fix check of conflicts for replication tests

    The conflicts option belongs to couch_db:open_doc/3 and not
    to couch_doc:to_json_obj/2. Also added the deleted_conflicts
    option.
    fdmanana committed Jan 7, 2012
  11. COUCHDB-1152 remove icu version dependency (win)

    Patch by Dave Cottlehuber.
    committed Jan 6, 2012
Commits on Jan 6, 2012
  1. don't ln the couchjs install target on windows

    On windows we install binaries directly into $(prefix)/bin rather than
    a local bin directory hidden away in the erlang module. Therefore, when
    building this way, don't try to create a symbolic link into the final
    location since the final location has the output binary already.
    committed Jan 6, 2012
  2. Revert "Add ICU_CPPFLAGS to ICU_C|_CXXFLAGS"

    As of 32fb9f8 this should no longer be
    necessary.
    
    This reverts commit 2d90a12.
    committed Jan 6, 2012
  3. @janl

    Happy New Year

    janl committed Jan 6, 2012
Commits on Jan 5, 2012
  1. @fdmanana
Commits on Jan 4, 2012
  1. @fdmanana
  2. @fdmanana

    Allow OAuth credentials to be stored in user documents

    If the ini configuration parameter `use_users_db` (section
    `couch_httpd_oauth`) is set to true, OAuth credentials can
    be stored in user documents (system database _users) instead.
    The credentials are stored in a top level propery of user
    documents named `oauth`. Example:
    
         {
             "_id": "org.couchdb.user:joe",
             "type": "user",
             "name": "joe",
             "password_sha": "fe95df1ca59a9b567bdca5cbaf8412abd6e06121",
             "salt": "4e170ffeb6f34daecfd814dfb4001a73"
             "roles": ["foo", "bar"],
             "oauth": {
                 "consumer_keys": {
                     "consumerKey1": "key1Secret",
                     "consumerKey2": "key2Secret"
                 },
                 "tokens": {
                     "token1": "token1Secret",
                     "token2": "token2Secret"
                 }
             }
         }
    
    Closes COUCHDB-1238.
    fdmanana committed Jan 4, 2012
  3. @fdmanana

    Improve test 05-replication-many-leaves.t

    The test now includes attachments to verify that the
    incremental attachment replication code path succeeds
    when there are many leaf revisions of a document with
    attachments.
    fdmanana committed Jan 4, 2012
Commits on Jan 3, 2012
  1. Use ICU_CPPFLAGS instead of _CFLAGS

    This removes the need for c4f6ff9
    which was made in response to -ansi coming from icu-config on my
    system. Instead, it's more sensible to use the preprocessor flags from
    icu-config which provides the -I header locations and -D definitions
    but doesn't add a bunch of excessive warning flags or ansi conformance.
    
    This reverts commit c4f6ff9.
    committed Jan 3, 2012
  2. @benoitc @janl

    Fix admin users creation and user password change in futon.

    main patch from jan, reviewed & updated by me.
    benoitc committed with janl Dec 3, 2011
  3. @janl
  4. @janl
  5. @janl

    Implement "System Database Security"

    System databases at this point are the _users database and the
    _replicator database. For each database we implement two call-
    backs: before_doc_update and after_doc_read to modify documents
    just before they are written to the database and right after
    reading them from the database.
    
    _users database:
    
      The before_doc_update callback has the following workflow:
    
        If the request's userCtx identifies an admin or db-admin
          -> save_doc (see below)
        If the request's userCtx.name is null:
          -> save_doc
          // this is an anonymous user registering a new document
          // in case a user doc with the same id already exists, the anonymous
          // user will get a regular doc update conflict.
        If the request's userCtx.name doesn't match the doc's name
          -> 404 // Not Found
        Else
          -> save_doc
    
        When a "password" field is present, save_doc() will hash the password
        and write the result to the "password_sha" field, add a "salt" field
        and delete the "password" field:
    
        If newDoc.password == null:
          ->
          noop
        Else -> // calculate password hash server side
           newDoc.password_sha = hash_pw(newDoc.password + salt)
           newDoc.salt = salt
           newDoc.password = null
    
      The after_doc_read callback has the following workflow:
    
        If the request's userCtx identifies an admin or db-admin
          -> return doc
        If the doc is a design doc and the userCtx doesn't identify
          an admin or db-admin:
          -> 403 // Forbidden
        If the request's userCtx.name doesn't match the doc's name
          -> 404 // Not Found
        Else
          -> return doc
    
    _replicator database:
    
      after_doc_read callback:
    
        If the request's userCtx identifies an admin
          -> return doc
    
        If the request's userCtx.name doesn't match the doc's owner
          -> strip/hide sensitive data (passwords, oauth tokens)
        Else
          -> return doc
    
      before_write callback:
    
        If Couch is in admin party mode
          -> save doc (see below)
    
        If the request's userCtx identifies an admin or the _replicator role
          -> save_doc (see below)
    
        If the request's userCtx.name doesn't match the doc's owner or doc.owner == null
          -> 401
        Else
          -> save_doc (see below)
    
        save_doc:
          If doc.owner == undefined
            -> If CouchDB is in Admin Party
                 -> doc.owner = null
               Else
                 -> doc.owner = req.userCtx.name
    
          Save doc to db.
    
    Feature by Filipe, Benoit and Jan.
    janl committed Dec 22, 2011