Etag send by list function does not depend on userCtx
-----------------------------------------------------
Key: COUCHDB-1155
URL: https://issues.apache.org/jira/browse/COUCHDB-1155
Project: CouchDB
Issue Type: Bug
Components: HTTP Interface
Affects Versions: 1.0.2
Reporter: Johannes J. Schmidt
List functions should send a different Etag when requested by different users.
The following curl session shows identical Etags for different users. CouchDB
must not be in admin party mode.
PROTOCOL=http
DOMAIN="127.0.0.1:5984"
DB=testdb
# admin credentials for db creation
ADMIN=admin:secure
# this user must have an empty roles array
USER=user:secure
curl -XDELETE $PROTOCOL://$ADMIN@$DOMAIN/$DB
curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB
curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/foo -d '{"count":1}'
curl -XPUT $PROTOCOL://$ADMIN@$DOMAIN/$DB/_design/foo -d '{ "views": { "bar": {
"map": "function(doc) { emit(doc._id, null); }" } }, "lists": { "bar":
"function(head, req) { return req.userCtx.name || \"anonymous\" }" }}'
curl -s $PROTOCOL://$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep Etag
curl -s $PROTOCOL://$USER@$DOMAIN/$DB/_design/foo/_list/bar/bar --head | grep
Etag
#=> Etag: "A1NKHA0935KMCSHFSK94EHZNL"
#=> Etag: "A1NKHA0935KMCSHFSK94EHZNL"
This issue is important for standalone CouchDB applications which use list
functions depending on the user context, eg. showing a login button or username.
regards
Johannes
PS: I tried to write a javascript test case but this issue can only be
reproduced if the server is not in admin party mode, which the test suite
requires. I am not so familar with those tests to temporarily change the admin
party.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
