This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch replicator_vdu_special_fields in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 3eca450290776afdc81c7595e994e7fb4ceaa38c Author: Robert Newson <[email protected]> AuthorDate: Mon Feb 28 19:04:28 2022 +0000 Prevent users from modifying the special _replicator fields unless they're deleting them --- .../src/couch_replicator_js_functions.hrl | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/couch_replicator/src/couch_replicator_js_functions.hrl b/src/couch_replicator/src/couch_replicator_js_functions.hrl index d410433..92839d8 100644 --- a/src/couch_replicator/src/couch_replicator_js_functions.hrl +++ b/src/couch_replicator/src/couch_replicator_js_functions.hrl @@ -58,6 +58,26 @@ return; } + // Only the replicator may change these fields, though any authorised + // user may delete them. + if (oldDoc) { + var protectedFields = [ + '_replication_state', + '_replication_state_time', + '_replication_state_reason', + '_replication_id', + '_replication_stats' + ] + for (var i = 0; i < protectedFields.length; i++) { + var protectedField = protectedFields[i]; + if (typeof(oldDoc[protectedField]) === 'string' && + typeof(newDoc[protectedField]) === 'string' && + oldDoc[protectedField] != newDoc[protectedField]) { + reportError('Only the replicator may modify the ' + protectedField + ' field.'); + } + } + } + if (newDoc._replication_state === 'failed') { // Skip validation in case when we update the document with the // failed state. In this case it might be malformed. However,
