diff options
| author | Jan Lehnardt <jan@apache.org> | 2022-08-06 12:48:36 +0200 |
|---|---|---|
| committer | Jan Lehnardt <jan@apache.org> | 2022-12-16 16:56:18 +0100 |
| commit | 651df0a64be10bf5a3f7f4527dbd6820cbbd37b7 (patch) | |
| tree | cd026c0d6ae5736c775393046feaea8c54ad8327 | |
| parent | 886ab2f41c18b25a3dbc45d4dfbbab99a03798dd (diff) | |
| download | couchdb-651df0a64be10bf5a3f7f4527dbd6820cbbd37b7.tar.gz | |
feat(access): add global off switch
| -rw-r--r-- | rel/overlay/etc/default.ini | 4 | ||||
| -rw-r--r-- | src/chttpd/src/chttpd_db.erl | 9 | ||||
| -rw-r--r-- | src/couch/test/eunit/couchdb_access_tests.erl | 1 |
3 files changed, 12 insertions, 2 deletions
diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini index ae691bb8d..0612506e3 100644 --- a/rel/overlay/etc/default.ini +++ b/rel/overlay/etc/default.ini @@ -388,6 +388,10 @@ authentication_db = _users ; max_iterations, password_scheme, password_regexp, proxy_use_secret, ; public_fields, secret, users_db_public, cookie_domain, same_site +; Per document access settings +[per_doc_access] +;enabled = false + ; CSP (Content Security Policy) Support [csp] ;utils_enable = true diff --git a/src/chttpd/src/chttpd_db.erl b/src/chttpd/src/chttpd_db.erl index 29daf5674..d26824bdd 100644 --- a/src/chttpd/src/chttpd_db.erl +++ b/src/chttpd/src/chttpd_db.erl @@ -2006,9 +2006,14 @@ parse_shards_opt("placement", Req, Default) -> parse_shards_opt("access", Req, Value) when is_list(Value) -> parse_shards_opt("access", Req, list_to_existing_atom(Value)); parse_shards_opt("access", _Req, Value) when is_boolean(Value) -> - Value; + case config:get_boolean("per_doc_access", "enabled", false) of + true -> Value; + false -> + Err = ?l2b(["The `access` is not available on this CouchDB installation."]), + throw({bad_request, Err}) + end; parse_shards_opt("access", _Req, _Value) -> - Err = ?l2b(["The woopass `access` value should be a boolean."]), + Err = ?l2b(["The `access` value should be a boolean."]), throw({bad_request, Err}); parse_shards_opt(Param, Req, Default) -> diff --git a/src/couch/test/eunit/couchdb_access_tests.erl b/src/couch/test/eunit/couchdb_access_tests.erl index 28f27ea72..1b656499c 100644 --- a/src/couch/test/eunit/couchdb_access_tests.erl +++ b/src/couch/test/eunit/couchdb_access_tests.erl @@ -46,6 +46,7 @@ before_all() -> ok = config:set("admins", "a", binary_to_list(Hashed), _Persist=false), ok = config:set("couchdb", "uuid", "21ac467c1bc05e9d9e9d2d850bb1108f", _Persist=false), ok = config:set("log", "level", "debug", _Persist=false), + ok = config:set("per_doc_access", "enabled", "true", _Persist=false), % cleanup and setup {ok, _, _, _} = test_request:delete(url() ++ "/db", ?ADMIN_REQ_HEADERS), |