diff options
author | Robert Kowalski <rok@kowalski.gd> | 2014-11-23 16:34:58 +0100 |
---|---|---|
committer | Jan Lehnardt <jan@apache.org> | 2017-11-01 08:02:54 +0100 |
commit | 53dcb010623b2b6672f1cf379906b800ab1e53a8 (patch) | |
tree | f3c56454f6aabd351818e25b53478b77a31336bd | |
parent | febbb2021c807225be321a86ff8d9ebc18fa0367 (diff) | |
download | couchdb-53dcb010623b2b6672f1cf379906b800ab1e53a8.tar.gz |
Return username on POST to /_session
When logging in with admin credentials and no user doc is
present, the name was `null`. Example:
`{"ok":true,"name":null,"roles":["_admin"]}`
closes COUCHDB-1356
-rw-r--r-- | share/doc/src/whatsnew/1.7.rst | 1 | ||||
-rw-r--r-- | src/couchdb/couch_httpd_auth.erl | 2 | ||||
-rw-r--r-- | test/couchdb/Makefile.am | 1 | ||||
-rw-r--r-- | test/couchdb/couchdb_auth_tests.erl | 62 | ||||
-rw-r--r-- | test/couchdb/eunit.ini | 4 | ||||
-rw-r--r-- | test/couchdb/test_request.erl | 5 |
6 files changed, 74 insertions, 1 deletions
diff --git a/share/doc/src/whatsnew/1.7.rst b/share/doc/src/whatsnew/1.7.rst index e16f15037..fd6287a9a 100644 --- a/share/doc/src/whatsnew/1.7.rst +++ b/share/doc/src/whatsnew/1.7.rst @@ -28,6 +28,7 @@ Version 1.7.0 API Changes ----------- +- :issue:`1356`: Return username on :http:post:`/_session`. - :issue:`1876`: Fix duplicated Content-Type for show/update functions. Build diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl index 305283255..df5e0f58f 100644 --- a/src/couchdb/couch_httpd_auth.erl +++ b/src/couchdb/couch_httpd_auth.erl @@ -288,7 +288,7 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req) -> send_json(Req#httpd{req_body=ReqBody}, Code, Headers, {[ {ok, true}, - {name, couch_util:get_value(<<"name">>, UserProps2, null)}, + {name, UserName}, {roles, couch_util:get_value(<<"roles">>, UserProps2, [])} ]}); _Else -> diff --git a/test/couchdb/Makefile.am b/test/couchdb/Makefile.am index eaac42f7a..43e374714 100644 --- a/test/couchdb/Makefile.am +++ b/test/couchdb/Makefile.am @@ -42,6 +42,7 @@ eunit_files = \ couch_uuids_tests.erl \ couch_work_queue_tests.erl \ couchdb_attachments_tests.erl \ + couchdb_auth_tests.erl \ couchdb_compaction_daemon.erl \ couchdb_cors_tests.erl \ couchdb_file_compression_tests.erl \ diff --git a/test/couchdb/couchdb_auth_tests.erl b/test/couchdb/couchdb_auth_tests.erl new file mode 100644 index 000000000..1bd7d3fec --- /dev/null +++ b/test/couchdb/couchdb_auth_tests.erl @@ -0,0 +1,62 @@ +% Licensed under the Apache License, Version 2.0 (the "License"); you may not +% use this file except in compliance with the License. You may obtain a copy of +% the License at +% +% http://www.apache.org/licenses/LICENSE-2.0 +% +% Unless required by applicable law or agreed to in writing, software +% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +% License for the specific language governing permissions and limitations under +% the License. + +-module(couchdb_auth_tests). + +-include("couch_eunit.hrl"). +-include_lib("couchdb/couch_db.hrl"). + + +start() -> + couch_server_sup:start_link(?CONFIG_CHAIN), + ok. + +stop(_) -> + couch_server_sup:stop(), + ok. + +setup() -> + Addr = couch_config:get("httpd", "bind_address", "127.0.0.1"), + Port = integer_to_list(mochiweb_socket_server:get(couch_httpd, port)), + lists:concat(["http://", Addr, ":", Port, "/_session"]). + +teardown(_) -> + ok. + + +auth_test_() -> + { + "Auth tests", + { + setup, + fun start/0, fun stop/1, + { + foreach, + fun setup/0, fun teardown/1, + [ + fun should_not_return_username_on_post_to_session/1 + ] + } + } + }. + + +should_not_return_username_on_post_to_session(Url) -> + ?_assertEqual(<<"rocko">>, + begin + ok = couch_config:set("admins", "rocko", "artischocko", false), + {ok, _, _, Body} = test_request:post(Url, + [{"Content-Type", "application/json"}], + "{\"name\":\"rocko\", \"password\":\"artischocko\"}"), + {Json} = ?JSON_DECODE(Body), + couch_util:get_value(<<"name">>, Json) + end). diff --git a/test/couchdb/eunit.ini b/test/couchdb/eunit.ini index 50024a375..a1a041c36 100644 --- a/test/couchdb/eunit.ini +++ b/test/couchdb/eunit.ini @@ -26,3 +26,7 @@ port = 0 ; logging is disabled to remove unwanted noise in stdout from tests processing level = none include_sasl = false + +[couch_httpd_auth] +; time to relax! +secret = 74696d6520746f2072656c617821 diff --git a/test/couchdb/test_request.erl b/test/couchdb/test_request.erl index 68e495698..4d09b0cf5 100644 --- a/test/couchdb/test_request.erl +++ b/test/couchdb/test_request.erl @@ -13,6 +13,7 @@ -module(test_request). -export([get/1, get/2, get/3]). +-export([post/3]). -export([put/2, put/3]). -export([options/1, options/2, options/3]). -export([request/3, request/4]). @@ -26,6 +27,10 @@ get(Url, Headers, Opts) -> request(get, Url, Headers, [], Opts). +post(Url, Headers, Body) -> + request(post, Url, Headers, Body). + + put(Url, Body) -> request(put, Url, [], Body). |