eiri commented on a change in pull request #1770: Fix couchdb 1384 function
clause error
URL: https://github.com/apache/couchdb/pull/1770#discussion_r237142394
##########
File path: src/chttpd/test/chttpd_security_tests.erl
##########
@@ -207,3 +228,93 @@
should_disallow_anonymous_db_view_cleanup([Url,_UsersUrl]) ->
{InnerJson} = ResultJson,
ErrType = couch_util:get_value(<<"error">>, InnerJson),
?_assertEqual(<<"unauthorized">>, ErrType).
+
+should_return_ok_for_security_object_with_roles([Url,_UsersUrl]) ->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+ {<<"admins">>,{[{<<"roles">>,[<<?TEST_ADMIN>>]}]}},
+ {<<"members">>,{[{<<"roles">>,[<<?TEST_MEMBER>>]}]}}
+ ],
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, _} = test_request:put(SecurityUrl, [?CONTENT_JSON, ?AUTH],
Body),
+ ?_assertEqual(200, Status)
+end).
+
+should_return_ok_for_security_object_with_names([Url,_UsersUrl]) ->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+ {<<"admins">>,{[{<<"names">>,[<<?TEST_ADMIN>>]}]}},
+ {<<"members">>,{[{<<"names">>,[<<?TEST_MEMBER>>]}]}}
+ ],
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, _} = test_request:put(SecurityUrl, [?CONTENT_JSON, ?AUTH],
Body),
+ ?_assertEqual(200, Status)
+end).
+
+should_return_ok_for_security_object_with_roles_and_names([Url,_UsersUrl]) ->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+
{<<"admins">>,{[{<<"names">>,[<<?TEST_ADMIN>>]},{<<"roles">>,[<<?TEST_ADMIN>>]}]}},
+
{<<"members">>,{[{<<"names">>,[<<?TEST_MEMBER>>]},{<<"roles">>,[<<?TEST_MEMBER>>]}]}}
+ ],
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, _} = test_request:put(SecurityUrl, [?CONTENT_JSON, ?AUTH],
Body),
+ ?_assertEqual(200, Status)
+end).
+
+should_return_error_for_security_object_with_incorrect_roles_and_names([Url,_UsersUrl])
->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+ {<<"admins">>,{[{<<"names">>,[123]}]}},
+ {<<"members">>,{[{<<"roles">>,["foo"]}]}}
+ ],
+
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, RespBody} = test_request:put(SecurityUrl, [?CONTENT_JSON,
?AUTH], Body),
+ ?_assertEqual(500, Status),
+ ResultJson = ?JSON_DECODE(RespBody),
+ ?assertMatch({[
+ {<<"error">>,<<"error">>},
+ {<<"reason">>,<<"no_majority">>}]},
+ ResultJson)
+end).
+
+should_return_error_for_security_object_with_incorrect_roles([Url,_UsersUrl])
->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+ {<<"admins">>,{[{<<"roles">>,[?TEST_ADMIN]}]}},
+ {<<"members">>,{[{<<"roles">>,[<<?TEST_MEMBER>>]}]}}
+ ],
+
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, RespBody} = test_request:put(SecurityUrl, [?CONTENT_JSON,
?AUTH], Body),
+ ?_assertEqual(500, Status),
+ ResultJson = ?JSON_DECODE(RespBody),
+ ?assertMatch({[
+ {<<"error">>,<<"error">>},
+ {<<"reason">>,<<"no_majority">>}]},
+ ResultJson)
+end).
+
+should_return_error_for_security_object_with_incorrect_names([Url,_UsersUrl])
->
+ ?_test(begin
+ SecurityUrl = lists:concat([Url, "/_security"]),
+ SecurityProperties = [
+ {<<"admins">>,{[{<<"names">>,[<<?TEST_ADMIN>>]}]}},
+ {<<"members">>,{[{<<"names">>,[?TEST_MEMBER]}]}}
+ ],
+
+ Body = jiffy:encode({SecurityProperties}),
+ {ok, Status, _, RespBody} = test_request:put(SecurityUrl, [?CONTENT_JSON,
?AUTH], Body),
+ ?_assertEqual(500, Status),
+ ResultJson = ?JSON_DECODE(RespBody),
+ ?assertMatch({[
Review comment:
Same as above
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
