Remove client-side password crypto from JS tests This removes client-side password crypto from the JavaScript tests.
In some JavaScript tests, it has been assumed that SHA-1 is used for the password hash in user docs. Those tests should, however, not rely on implementation details of the user authentication hash function, as it isn't the goal of those tests to check these. Furthermore, this causes problems when a password scheme is changed, or a new one is introduced. Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/45e17e5f Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/45e17e5f Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/45e17e5f Branch: refs/heads/2041-update-ibrowse Commit: 45e17e5fbb3c5364e7f8d0e6bb4d79e2e291ecfa Parents: 08cf09f Author: Klaus Trainer <[email protected]> Authored: Wed Feb 19 21:30:53 2014 +0100 Committer: Klaus Trainer <[email protected]> Committed: Sun Feb 23 18:59:21 2014 +0100 ---------------------------------------------------------------------- share/www/script/couch_test_runner.js | 4 +--- share/www/script/test/auth_cache.js | 12 ++---------- share/www/script/test/cookie_auth.js | 11 +++++------ 3 files changed, 8 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/45e17e5f/share/www/script/couch_test_runner.js ---------------------------------------------------------------------- diff --git a/share/www/script/couch_test_runner.js b/share/www/script/couch_test_runner.js index c04e6b1..7f435bf 100644 --- a/share/www/script/couch_test_runner.js +++ b/share/www/script/couch_test_runner.js @@ -460,9 +460,7 @@ CouchDB.user_prefix = "org.couchdb.user:"; CouchDB.prepareUserDoc = function(user_doc, new_password) { user_doc._id = user_doc._id || CouchDB.user_prefix + user_doc.name; if (new_password) { - // handle the password crypto - user_doc.salt = CouchDB.newUuids(1)[0]; - user_doc.password_sha = hex_sha1(new_password + user_doc.salt); + user_doc.password = new_password; } user_doc.type = "user"; if (!user_doc.roles) { http://git-wip-us.apache.org/repos/asf/couchdb/blob/45e17e5f/share/www/script/test/auth_cache.js ---------------------------------------------------------------------- diff --git a/share/www/script/test/auth_cache.js b/share/www/script/test/auth_cache.js index 57e6a8d..2229c20 100644 --- a/share/www/script/test/auth_cache.js +++ b/share/www/script/test/auth_cache.js @@ -184,11 +184,7 @@ couchTests.auth_cache = function(debug) { hits_before = hits_after; misses_before = misses_after; - var new_salt = CouchDB.newUuids(1)[0]; - var new_passwd = hex_sha1("foobar" + new_salt); - fdmanana.salt = new_salt; - fdmanana.password_sha = new_passwd; - + fdmanana.password = "foobar"; T(authDb.save(fdmanana).ok); // cache was refreshed @@ -206,11 +202,7 @@ couchTests.auth_cache = function(debug) { misses_before = misses_after; // and yet another update - new_salt = CouchDB.newUuids(1)[0]; - new_passwd = hex_sha1("javascript" + new_salt); - fdmanana.salt = new_salt; - fdmanana.password_sha = new_passwd; - + fdmanana.password = "javascript"; T(authDb.save(fdmanana).ok); // cache was refreshed http://git-wip-us.apache.org/repos/asf/couchdb/blob/45e17e5f/share/www/script/test/cookie_auth.js ---------------------------------------------------------------------- diff --git a/share/www/script/test/cookie_auth.js b/share/www/script/test/cookie_auth.js index 40b633b..9b4bd64 100644 --- a/share/www/script/test/cookie_auth.js +++ b/share/www/script/test/cookie_auth.js @@ -115,7 +115,7 @@ couchTests.cookie_auth = function(debug) { // we can't create docs with malformed ids var badIdDoc = CouchDB.prepareUserDoc({ - name: "foo" + name: "w00x" }, "bar"); badIdDoc._id = "org.apache.couchdb:w00x"; @@ -153,8 +153,8 @@ couchTests.cookie_auth = function(debug) { usersDb.deleteDoc(jchrisUserDoc); T(false && "Can't delete other users docs. Should have thrown an error."); } catch (e) { - TEquals("forbidden", e.error); - TEquals(403, usersDb.last_req.status); + TEquals("not_found", e.error); + TEquals(404, usersDb.last_req.status); } // TODO should login() throw an exception here? @@ -197,8 +197,8 @@ couchTests.cookie_auth = function(debug) { usersDb.save(jasonUserDoc); T(false && "Can't update someone else's user doc. Should have thrown an error."); } catch (e) { - T(e.error == "forbidden"); - T(usersDb.last_req.status == 403); + T(e.error == "not_found"); + T(usersDb.last_req.status == 404); } // test that you can't edit roles unless you are admin @@ -272,7 +272,6 @@ couchTests.cookie_auth = function(debug) { var usersDb = new CouchDB("test_suite_users", {"X-Couch-Full-Commit":"false"}); usersDb.deleteDb(); - usersDb.createDb(); run_on_modified_server( [
