Repository: couchdb-couch Updated Branches: refs/heads/master db78f6827 -> 41c480468
Add admin_local - halfway between the two schemes COUCHDB-3016 Project: http://git-wip-us.apache.org/repos/asf/couchdb-couch/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb-couch/commit/41c48046 Tree: http://git-wip-us.apache.org/repos/asf/couchdb-couch/tree/41c48046 Diff: http://git-wip-us.apache.org/repos/asf/couchdb-couch/diff/41c48046 Branch: refs/heads/master Commit: 41c48046836e93fdf7bdb5db510024c94df5cf69 Parents: db78f68 Author: Robert Newson <[email protected]> Authored: Sun May 15 20:32:45 2016 +0100 Committer: Robert Newson <[email protected]> Committed: Sun May 15 20:32:47 2016 +0100 ---------------------------------------------------------------------- src/couch_db_updater.erl | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb-couch/blob/41c48046/src/couch_db_updater.erl ---------------------------------------------------------------------- diff --git a/src/couch_db_updater.erl b/src/couch_db_updater.erl index 28022a8..7872635 100644 --- a/src/couch_db_updater.erl +++ b/src/couch_db_updater.erl @@ -570,7 +570,7 @@ init_db(DbName, Filepath, Fd, Header0, Options) -> [{compression, Compression}]), case couch_db_header:security_ptr(Header) of nil -> - Security = default_security_object(), + Security = default_security_object(DbName), SecurityPtr = nil; SecurityPtr -> {ok, Security} = couch_file:pread_term(Fd, SecurityPtr) @@ -1438,11 +1438,19 @@ make_doc_summary(#db{compression = Comp}, {Body0, Atts0}) -> SummaryBin = ?term_to_bin({Body, Atts}), couch_file:assemble_file_chunk(SummaryBin, couch_crypto:hash(md5, SummaryBin)). -default_security_object() -> - case config:get("couchdb", "default_security", "open") of +default_security_object(<<"shards/", _/binary>>) -> + case config:get("couchdb", "default_security", "everyone") of "admin_only" -> [{<<"members">>,{[{<<"roles">>,[<<"_admin">>]}]}}, {<<"admins">>,{[{<<"roles">>,[<<"_admin">>]}]}}]; + Everyone when Everyone == "everyone"; Everyone == "admin_local" -> + [] + end; +default_security_object(_DbName) -> + case config:get("couchdb", "default_security", "everyone") of + Admin when Admin == "admin_only"; Admin == "admin_local" -> + [{<<"members">>,{[{<<"roles">>,[<<"_admin">>]}]}}, + {<<"admins">>,{[{<<"roles">>,[<<"_admin">>]}]}}]; "everyone" -> [] end.
