This is an automated email from the ASF dual-hosted git repository. jan pushed a commit to branch rebase/access-2023 in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 197890b7bc27d13afc01cdf614106d73829d4366 Author: Jan Lehnardt <[email protected]> AuthorDate: Sat Aug 6 12:48:36 2022 +0200 feat(access): add global off switch --- rel/overlay/etc/default.ini | 4 ++++ src/chttpd/src/chttpd_db.erl | 9 +++++++-- src/couch/test/eunit/couchdb_access_tests.erl | 1 + 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini index 2903e7603..45bb14bfb 100644 --- a/rel/overlay/etc/default.ini +++ b/rel/overlay/etc/default.ini @@ -400,6 +400,10 @@ authentication_db = _users ; max_iterations, password_scheme, password_regexp, proxy_use_secret, ; public_fields, secret, users_db_public, cookie_domain, same_site +; Per document access settings +[per_doc_access] +;enabled = false + ; CSP (Content Security Policy) Support [csp] ;utils_enable = true diff --git a/src/chttpd/src/chttpd_db.erl b/src/chttpd/src/chttpd_db.erl index 78e8fad5c..2769d5979 100644 --- a/src/chttpd/src/chttpd_db.erl +++ b/src/chttpd/src/chttpd_db.erl @@ -1977,9 +1977,14 @@ parse_shards_opt("placement", Req, Default) -> parse_shards_opt("access", Req, Value) when is_list(Value) -> parse_shards_opt("access", Req, list_to_existing_atom(Value)); parse_shards_opt("access", _Req, Value) when is_boolean(Value) -> - Value; + case config:get_boolean("per_doc_access", "enabled", false) of + true -> Value; + false -> + Err = ?l2b(["The `access` is not available on this CouchDB installation."]), + throw({bad_request, Err}) + end; parse_shards_opt("access", _Req, _Value) -> - Err = ?l2b(["The woopass `access` value should be a boolean."]), + Err = ?l2b(["The `access` value should be a boolean."]), throw({bad_request, Err}); parse_shards_opt(Param, Req, Default) -> diff --git a/src/couch/test/eunit/couchdb_access_tests.erl b/src/couch/test/eunit/couchdb_access_tests.erl index 28f27ea72..1b656499c 100644 --- a/src/couch/test/eunit/couchdb_access_tests.erl +++ b/src/couch/test/eunit/couchdb_access_tests.erl @@ -46,6 +46,7 @@ before_all() -> ok = config:set("admins", "a", binary_to_list(Hashed), _Persist=false), ok = config:set("couchdb", "uuid", "21ac467c1bc05e9d9e9d2d850bb1108f", _Persist=false), ok = config:set("log", "level", "debug", _Persist=false), + ok = config:set("per_doc_access", "enabled", "true", _Persist=false), % cleanup and setup {ok, _, _, _} = test_request:delete(url() ++ "/db", ?ADMIN_REQ_HEADERS),
