[jira] [Commented] (COUCHDB-2948) Internal server error returned instead of 403 Forbidden when cassim is disabled

Wed, 10 Feb 2016 04:12:04 -0800 

    [ 
https://issues.apache.org/jira/browse/COUCHDB-2948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15140694#comment-15140694
 ] 

ASF subversion and git services commented on COUCHDB-2948:
----------------------------------------------------------

Commit 31be5324023771fa80bfe8a28a31f6592cb28af0 in couchdb-fabric's branch 
refs/heads/master from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-fabric.git;h=31be532 ]

Return forbidden error if encountered on any shard

This commit fixes an issue which caused HTTP 500 errors to be
returned when an authorized user attempted to access a database
that they did not have permission to access, when cassim is
disabled.

Instead of returning an internal server error once all shards
have failed to open we add a receive clause so that we throw
a forbidden error if one is encountered on any shard. This is the
same approach we already take for unauthorized errors.

Closes COUCHDB-2948

This closes #38


> Internal server error returned instead of 403 Forbidden when cassim is 
> disabled
> -------------------------------------------------------------------------------
>
>                 Key: COUCHDB-2948
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2948
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Database Core
>            Reporter: Mike Wallace
>
> When cassim is disabled and an authenticated user attempts to access a 
> database that they do not have permission to access, we should be returning 
> an HTTP 403, e.g.:
> {"error":"forbidden","reason":"You are not allowed to access this db."}
> Currently we get the following:
> {"error":"internal_server_error","reason":"No DB shards could be 
> opened.","ref":1865933553}
> What is happening is we're attempting to open all the shards with the user 
> context then throwing an internal server error when we run out of shards:
> https://github.com/apache/couchdb-fabric/blob/master/src/fabric_util.erl#L179-L180
> There is a special case for unauthorized errors: 
> https://github.com/apache/couchdb-fabric/blob/master/src/fabric_util.erl#L188-L189
> If we add something similar for forbidden errors then that would solve this 
> issue.
> Note this is not an issue when using cassim because it stores the security 
> metadata in the _metadata database.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to