couchdb-couch.git
6 years agofix tarball build fix-tarball-build 142/head
Jan Lehnardt [Mon, 22 Feb 2016 11:22:57 +0000 (12:22 +0100)] 
fix tarball build

6 years agoMerge remote-tracking branch 'github/pr/137'
Alexander Shorin [Tue, 16 Feb 2016 20:06:06 +0000 (23:06 +0300)] 
Merge remote-tracking branch 'github/pr/137'

6 years agoMerge branch '2938-use-ddoc-cache-in-filtered-changes'
Russell Branca [Wed, 10 Feb 2016 22:32:15 +0000 (22:32 +0000)] 
Merge branch '2938-use-ddoc-cache-in-filtered-changes'

6 years agoUse ddoc_cache and new fetch rpc format 2938-use-ddoc-cache-in-filtered-changes 134/head
Russell Branca [Thu, 21 Jan 2016 22:57:18 +0000 (22:57 +0000)] 
Use ddoc_cache and new fetch rpc format

6 years agoSend a real EventSource event for heartbeat 137/head
Damjan Georgievski [Fri, 2 May 2014 15:04:41 +0000 (17:04 +0200)] 
Send a real EventSource event for heartbeat

Bring back 845bf7529a3bc565d6446a7fa6cc5fd1a140653e

The EventSource connection can get stuck (in TCP half-open state*) and there's no way
for the client to detect that. This commit changes the way heartbeat is sent, instead of
sending a newline character, it sends an empty event of type heartbeat:

    event: heartbeat
    data:

This event doesn't have an id: field, so the client will retain its latest Last-Event-ID state.

This doesn't change the expectations of clients that used EventSource till now, because they
subscribe to the 'message' event type. To get the 'heartbeat' events a client will need to
explicitly subscribe to it:

    source.addEventListener('heartbeat', function () { /* cancel a timer that would otherwise reconnect the source */ });

* this can happen when you suspend your laptop, on flaky internet connection, ADSL reconnect,
bad wifi signals, bad routers etc. Pretty often in a typical internet usage nowadays.

6 years agoRemove lager and goldrush from default list of apps started by test_util:start_couch/2 126/head
Jay Doane [Fri, 6 Nov 2015 02:13:30 +0000 (18:13 -0800)] 
Remove lager and goldrush from default list of apps started by test_util:start_couch/2

Also, create a common list of default apps that is started and stopped consistently

COUCHDB-2872

6 years agoRewrite via query server 127/head
ermouth [Fri, 2 Oct 2015 10:58:05 +0000 (13:58 +0300)] 
Rewrite via query server

COUCHDB-2874

6 years agoExpose couch_js_functions to other apps
Robert Newson [Sun, 20 Dec 2015 18:14:35 +0000 (18:14 +0000)] 
Expose couch_js_functions to other apps

COUCHDB-2082

6 years agoFix syntax
Alexander Shorin [Sat, 19 Dec 2015 12:42:22 +0000 (15:42 +0300)] 
Fix syntax

6 years agoFind curl.h on FreeBSD
Robert Newson [Sat, 19 Dec 2015 12:29:07 +0000 (12:29 +0000)] 
Find curl.h on FreeBSD

6 years agoAlways send application/json response type 131/head
Robert Newson [Fri, 27 Nov 2015 16:53:58 +0000 (16:53 +0000)] 
Always send application/json response type

Modern browsers (I tested Firefox, Safari, Chrome) will render an
application/json response body as text in a fixed width font. This
ease of display motivated the text/plain vs application/json
negotiation.

It is now obsolete. Let's always send application/json content type.

COUCHDB-2905

6 years agoMerge remote-tracking branch 'github/pr/129'
Alexander Shorin [Tue, 24 Nov 2015 20:34:58 +0000 (23:34 +0300)] 
Merge remote-tracking branch 'github/pr/129'

6 years agoSimplify, and remove unnecessary code 129/head
Jay Doane [Sun, 22 Nov 2015 22:03:34 +0000 (14:03 -0800)] 
Simplify, and remove unnecessary code

COUCHDB-2898

6 years agoEnsure _global_changes exists
Jay Doane [Sun, 22 Nov 2015 19:01:04 +0000 (11:01 -0800)] 
Ensure _global_changes exists

Downstream builds automatically ensure _global_changes exists, so this commit works for both cases

COUCHDB-2898

6 years agoCreate and delete test db using HTTP API
Jay Doane [Sun, 22 Nov 2015 18:56:44 +0000 (10:56 -0800)] 
Create and delete test db using HTTP API

This supports downstream name munging that might occur

COUCHDB-2898

6 years agoExplicitly authorize test requests 128/head
Jay Doane [Sat, 21 Nov 2015 05:40:14 +0000 (21:40 -0800)] 
Explicitly authorize test requests

Create admin user and use its credentials for requests

Use http requests to create and delete test dbs to avoid potential db
name munging issues downstream

COUCHDB-2897

6 years agoImprove checks for db admin/member 29/head
Alexander Shorin [Tue, 6 Jan 2015 02:12:39 +0000 (05:12 +0300)] 
Improve checks for db admin/member

- Use lists:member/2 to check if user name is in list
- Throw forbidden error if user is authenticated on db membership check
- Normalize terminology readers vs members
- Make checks more Erlang-ish

COUCHDB-2534

6 years agoRun tests with only the couch_db_plugin_test couch_epi plugin 125/head
Jay Doane [Thu, 5 Nov 2015 21:42:05 +0000 (13:42 -0800)] 
Run tests with only the couch_db_plugin_test couch_epi plugin

These tests should only be run with the single couch_epi plugin defined by the test suite itself.
Also, only setup/teardown once for entire suite to improve performance.

COUCHDB-2868

6 years agoFix race condition in workqueue test. 124/head
Nick Vatamaniuc [Mon, 19 Oct 2015 06:05:46 +0000 (02:05 -0400)] 
Fix race condition in workqueue test.

Failure seen at least once in about 150 test runs:

```
Queue with max size of 160 bytes and 3 max items
 couch_work_queue_tests:143: should_have_no_items_for_new_queue...ok
**error:{assertEqual_failed,[{module,couch_work_queue_tests},
                     {line,210},
                     {expression,"couch_work_queue : item_count ( Q )"},
                     {expected,3},
                     {value,2}]}
```

From

```
should_block_producer_on_full_queue_count({Q, Producer, _}) ->
    ...
    produce(Q, Producer, 20, false),
    ?assertEqual(3, couch_work_queue:item_count(Q)),
```

Race condition is: telling Producer to produce, not waiting
for queue size to be updated, and then immediately checking
item_count.

To make failure occur reliably insert timer:sleep(10) in
producer_loop after ```Parent ! {item, Ref, Item}``` line.

The fix is to wait for queue size to be updated by using
the wait mode for produce function.

COUCHDB-2848

6 years agoMerge remote-tracking branch 'github/pr/123'
Alexander Shorin [Fri, 16 Oct 2015 15:57:41 +0000 (18:57 +0300)] 
Merge remote-tracking branch 'github/pr/123'

6 years agoStabilize os daemons test 123/head
Nick Vatamaniuc [Wed, 14 Oct 2015 18:04:20 +0000 (14:04 -0400)] 
Stabilize os daemons test

Increase delay timeout to fix this failure:

```
**error:{assertNotEqual,[{module,couchdb_os_daemons_tests},
                 {line,207},
                 {expression,"D # daemon . kill"},
                 {value,undefined}]}
```

So far noticed this failure once out of more than 100 runs.

6 years agoRemove deprecated functions
Alexander Shorin [Thu, 15 Oct 2015 20:16:36 +0000 (23:16 +0300)] 
Remove deprecated functions

6 years agoFix couch_httpd_multipart exports
Alexander Shorin [Thu, 15 Oct 2015 20:15:33 +0000 (23:15 +0300)] 
Fix couch_httpd_multipart exports

6 years agoAdd IS_OLD_RECORD macro
Paul J. Davis [Fri, 12 Dec 2014 20:25:38 +0000 (14:25 -0600)] 
Add IS_OLD_RECORD macro

This can be used in guards to detect if a state variable needs to be
upgraded. An example of it's use might be:

    handle_call(Msg, From, St) when ?IS_OLD_RECORD(St, #st{}) ->
        handle_call(Msg, From, upgrade_state(St));

This is useful for upgrading any of our various gen behaviors that
aren't properly supervised.

This closes #23

COUCHDB-2511

Signed-off-by: Alexander Shorin <kxepal@apache.org>
6 years agoFix warnings
Alexander Shorin [Thu, 15 Oct 2015 16:33:11 +0000 (19:33 +0300)] 
Fix warnings

6 years agoAdd license header
Alexander Shorin [Thu, 15 Oct 2015 11:29:14 +0000 (14:29 +0300)] 
Add license header

6 years agoMerge remote-tracking branch 'github/pr/19' into multipart
Alexander Shorin [Thu, 15 Oct 2015 11:28:08 +0000 (14:28 +0300)] 
Merge remote-tracking branch 'github/pr/19' into multipart

6 years agoUse couch_log for startup notifications 122/head
Alexander Shorin [Wed, 14 Oct 2015 16:46:35 +0000 (19:46 +0300)] 
Use couch_log for startup notifications

6 years agoStabilize couch_task_status_tests:run_multiple_tasks/0 test. 119/head
Nick Vatamaniuc [Tue, 13 Oct 2015 19:54:37 +0000 (15:54 -0400)] 
Stabilize couch_task_status_tests:run_multiple_tasks/0 test.

Previously, at the end of the test, it kills each status process
with call(Pid1, done), then immediately calls couch_task_status:all().

This caused a race between couch_task_status receiving the 'all'
call and the 'DOWN' message (from monitoring test processes). If
'DOWN' message came before 'all', test passed. If it came
after, it failed.

6 years agoIncrease EUnit test stability 118/head
Nick Vatamaniuc [Mon, 12 Oct 2015 13:59:56 +0000 (09:59 -0400)] 
Increase EUnit test stability

 * couchdb_1283 : suspend compaction process to reduce chance of
   race condition between it finishing and Writer3 process opening
   a database handle. Writer3 should fail because compactor should
   be keeping its handle.  (@Kxepal, thanks for the idea!)

 * In couchdb_1309, when waiting for view cleanup, test once,
   if fails due to race condition, wait a second and try again.

 * Increase wait time to wait for compactor to stabilize runs on
 slower machines.

COUCHDB-2848

6 years agoMerge branch 'add-filter-revs-limit'
Russell Branca [Mon, 12 Oct 2015 22:02:14 +0000 (22:02 +0000)] 
Merge branch 'add-filter-revs-limit'

6 years agoWhitespace and housekeeping
Russell Branca [Mon, 12 Oct 2015 19:26:30 +0000 (19:26 +0000)] 
Whitespace and housekeeping

6 years agoAdd specs to document validate_doc_update/5
Russell Branca [Mon, 12 Oct 2015 19:26:05 +0000 (19:26 +0000)] 
Add specs to document validate_doc_update/5

6 years agoAdd revs limit for docs passed to filter functions
Russell Branca [Tue, 29 Sep 2015 20:32:02 +0000 (20:32 +0000)] 
Add revs limit for docs passed to filter functions

The existing revs_limit logic only accounts for depth of individual
branches, and ignores the case where you have a lot of branches, for
instance when a doc is heavily conflicted. This patch truncates the list
of revs when passing docs to the JS filter functions, because given
enough revs this can cause the couchjs processes to explode.

6 years agoFix dialyzer crash
ILYA Khlopotov [Fri, 2 Oct 2015 17:57:48 +0000 (10:57 -0700)] 
Fix dialyzer crash

This closes #114

Signed-off-by: Alexander Shorin <kxepal@apache.org>
6 years agoHandle view server crashing during test compile of view functions. 117/head
Nick Vatamaniuc [Thu, 8 Oct 2015 19:21:59 +0000 (15:21 -0400)] 
Handle view server crashing during test compile of view functions.

Due to how libmozjs185 library is compiled on Ubuntu 12.04, given
invalid JS code, it will not return with expected error result:

 ["error","compilation_error",...]

but will crash. Otherwise library seems functional --  it passes
all other mrview tests.

Handle this crash in try_compile() function as a compilation
failure. Error message contains the exit status of the view process
to help debugging.

6 years agoThrow if parse_revs is not a list 116/head
Robert Newson [Thu, 8 Oct 2015 12:12:09 +0000 (13:12 +0100)] 
Throw if parse_revs is not a list

COUCHDB-2845

6 years agoFix status match for document create/update
Alexander Shorin [Thu, 8 Oct 2015 11:24:38 +0000 (14:24 +0300)] 
Fix status match for document create/update

CouchDB 2.0 returns 201 or 202 depending on the situation.

6 years agoRemove assertNotMatch macro
Alexander Shorin [Tue, 6 Oct 2015 20:59:11 +0000 (23:59 +0300)] 
Remove assertNotMatch macro

6 years agoExport couch_server:delete_file for reuse 115/head
ILYA Khlopotov [Tue, 6 Oct 2015 15:12:59 +0000 (08:12 -0700)] 
Export couch_server:delete_file for reuse

6 years agoMerge remote-tracking branch 'cloudant/simplify_couch_epi'
Robert Newson [Thu, 1 Oct 2015 15:06:49 +0000 (16:06 +0100)] 
Merge remote-tracking branch 'cloudant/simplify_couch_epi'

6 years agoFix "initialization from incompatible pointer type" warning for icu drv 113/head
Alexander Shorin [Thu, 1 Oct 2015 14:12:01 +0000 (17:12 +0300)] 
Fix "initialization from incompatible pointer type" warning for icu drv

It was caused by using ErlDrvSSizeT type instead of ErlDrvSizeT. It
was not an issue prior to R15 when ErlDrvSSizeT and ErlDrvSizeT where
basically int's.

Since we raised minimal Erlang release requirement up to R16B03-1,
there is no reason to maintain compatibility with pre-R15 for driver
so local COUCH_* types are replaced with ErlDrv* ones.

6 years agoRemove round for create/delete database for 1000 times 112/head
Alexander Shorin [Wed, 30 Sep 2015 17:55:45 +0000 (20:55 +0300)] 
Remove round for create/delete database for 1000 times

6 years agoProperly escape Location: HTTP header
Samuel Tardieu [Sat, 25 Apr 2015 22:10:04 +0000 (00:10 +0200)] 
Properly escape Location: HTTP header

Non-ASCII characters in the "Location:" header must be URL-encoded. This
can happen if a document is inserted with a user-defined "_id"
containing non-ASCII characters or if a filename contains non-ASCII
characters.

Fixes COUCHDB-2673

6 years agoMerge remote-tracking branch 'cloudant/25815-couch-stream-io-priority'
Robert Newson [Thu, 1 Oct 2015 10:16:42 +0000 (11:16 +0100)] 
Merge remote-tracking branch 'cloudant/25815-couch-stream-io-priority'

6 years agoInherit io_priority from the process creating the stream 105/head
Levi McAuley [Mon, 28 Sep 2015 22:20:18 +0000 (15:20 -0700)] 
Inherit io_priority from the process creating the stream

COUCHDB-2828
BugzID: 25815

6 years agoIntegrate with Travis CI 90/head
Alexander Shorin [Sun, 23 Aug 2015 09:59:20 +0000 (12:59 +0300)] 
Integrate with Travis CI

6 years agoFix chttpd port usage 111/head
Alexander Shorin [Wed, 30 Sep 2015 17:41:53 +0000 (20:41 +0300)] 
Fix chttpd port usage

6 years agoAdd license header
Alexander Shorin [Wed, 30 Sep 2015 17:40:56 +0000 (20:40 +0300)] 
Add license header

6 years agoFix task status unit test dependency 110/head
Nick Vatamaniuc [Wed, 30 Sep 2015 17:16:39 +0000 (13:16 -0400)] 
Fix task status unit test dependency

It depends on couch_log to be running. Otherwise it
throw this error:

```
unexpected termination of test process*
::{{badmatch,undefined},
   [{couch_log,debug,2,[{file,"src/couch_log.erl"},{line,32}]},
    {couch_task_status,handle_cast,2,
                       [{file,"src/couch_task_status.erl"},{line,137}]},
```

And only 6 out of 11 tests are run.

COUCHDB-2832

6 years agoFix OS Daemons test dependency. 109/head
Nick Vatamaniuc [Wed, 30 Sep 2015 14:37:20 +0000 (10:37 -0400)] 
Fix OS Daemons test dependency.

In isolation was failing in configuration_reader_test_
Because fixtures/os_daemon_configer.escript was
requesting uuids.algorithm from config application,
which was not set up.

COUCHDB-2831

6 years agoFix tests for 8bbfba7 commit 106/head
Alexander Shorin [Tue, 29 Sep 2015 13:44:23 +0000 (16:44 +0300)] 
Fix tests for 8bbfba7 commit

6 years agoTurn couch_doc_json_tests into unit tests
Alexander Shorin [Tue, 29 Sep 2015 13:42:18 +0000 (16:42 +0300)] 
Turn couch_doc_json_tests into unit tests

There are two issues:
1. There is no any reason to start server instance to ensure that we
accepts valid decoded JSON objects and throw right errors on bad ones;
2. Tests get actually executed before setup/0 call

6 years agoEnsure clean teardown in os_daemons_test
Klaus Trainer [Wed, 30 Sep 2015 13:37:39 +0000 (15:37 +0200)] 
Ensure clean teardown in os_daemons_test

We want to call `test_util:stop/1` at the end of the `os_daemons_test`
`teardown/2` function, so that we have a clean teardown without a
timeout exception being thrown.

6 years agoFix couchdb_os_daemons tests dependency. 108/head
Nick Vatamaniuc [Wed, 30 Sep 2015 00:06:09 +0000 (20:06 -0400)] 
Fix couchdb_os_daemons tests dependency.

couchdb_os_daemons_tests.erl was failing in
setup if run on its own:

```
... apps=couch tests=os_daemons_test_
```

with an exception:

```
**exit:{{{badmatch,undefined},
  [{couch_log,notice,2,[{file,"src/couch_log.erl"},{line,44}]},
   {config,handle_call,3,[{file,"src/config.erl"},{line,211}]},
```

because it depends on couch_log. So add couch_log as a dependency
in setup.

COUCHDB-2830

6 years agoPass supervisor's children to couch_epi 104/head
ILYA Khlopotov [Tue, 29 Sep 2015 20:03:34 +0000 (13:03 -0700)] 
Pass supervisor's children to couch_epi

6 years agoUpdate to new couch_epi API
ILYA Khlopotov [Mon, 28 Sep 2015 16:39:26 +0000 (09:39 -0700)] 
Update to new couch_epi API

6 years agoFix crypto deprecations 103/head
Robert Newson [Wed, 23 Sep 2015 16:52:53 +0000 (17:52 +0100)] 
Fix crypto deprecations

COUCHDB-2825

6 years agoUse illegal_docid error for really bad document ids 101/head
Alexander Shorin [Thu, 17 Sep 2015 20:02:28 +0000 (23:02 +0300)] 
Use illegal_docid error for really bad document ids

6 years agoUse lists:ukeymerge to simplify header deduplication 100/head
Robert Newson [Thu, 17 Sep 2015 11:48:07 +0000 (12:48 +0100)] 
Use lists:ukeymerge to simplify header deduplication

Modifies COUCHDB-1876 patch

6 years agoFix duplicated Content-Type for show/update functions
Artur Mazurek [Mon, 25 May 2015 14:19:53 +0000 (15:19 +0100)] 
Fix duplicated Content-Type for show/update functions

When a show/update function returned data it added a
"Content-Type: application/json" header by itself. Then
couch_httpd added some default headers (including a yet
another "application/json" one).
This diff will add default chttpd headers only when
same headers are not yet present in the response.

This closes #55

COUCHDB-1876

Signed-off-by: Alexander Shorin <kxepal@apache.org>
6 years agoMerge remote-tracking branch 'cloudant/remove-csrf'
Robert Newson [Thu, 10 Sep 2015 12:59:08 +0000 (13:59 +0100)] 
Merge remote-tracking branch 'cloudant/remove-csrf'

6 years agoRemove new CSRF mechanism
Robert Newson [Thu, 10 Sep 2015 11:27:17 +0000 (12:27 +0100)] 
Remove new CSRF mechanism

6 years agoRemove new CSRF mechanism 98/head
Robert Newson [Thu, 10 Sep 2015 11:27:17 +0000 (12:27 +0100)] 
Remove new CSRF mechanism

6 years agoAdd libcurl support for Windows
Joan Touzet [Wed, 9 Sep 2015 18:41:03 +0000 (14:41 -0400)] 
Add libcurl support for Windows

6 years agoConvert compilation error to 400 Bad Request 97/head
Robert Newson [Mon, 7 Sep 2015 12:05:47 +0000 (13:05 +0100)] 
Convert compilation error to 400 Bad Request

COUCHDB-2772

6 years agoRestrict CSRF check to specific mime types 96/head
Robert Newson [Thu, 3 Sep 2015 20:42:47 +0000 (21:42 +0100)] 
Restrict CSRF check to specific mime types

COUCHDB-2797

6 years agoMerge remote-tracking branch 'cloudant/2775-post-valid-json-header'
Robert Newson [Thu, 3 Sep 2015 15:29:03 +0000 (16:29 +0100)] 
Merge remote-tracking branch 'cloudant/2775-post-valid-json-header'

6 years agocheck POST requests for valid json header 95/head
Mayya Sharipova [Wed, 2 Sep 2015 17:33:29 +0000 (13:33 -0400)] 
check POST requests for valid json header

validate that all POST requests with json body must have also have valid
json header: {"Content-Type": "application/json"}
This ensures a basic protection against CSRF

JIRA: COUCHDB-2775

6 years agoRegister service 94/head
ILYA Khlopotov [Wed, 2 Sep 2015 16:47:56 +0000 (09:47 -0700)] 
Register service

COUCHDB-2796

6 years agoRemove `ignore_providers` option
ILYA Khlopotov [Tue, 1 Sep 2015 13:23:57 +0000 (06:23 -0700)] 
Remove `ignore_providers` option

COUCHDB-2796

6 years agoCapture histogram data for _bulk_requests 93/head
Robert Newson [Thu, 27 Aug 2015 20:22:17 +0000 (21:22 +0100)] 
Capture histogram data for _bulk_requests

COUCHDB-2792

6 years agoFix crashing filtered _changes request 91/head
Eric Avdey [Mon, 24 Aug 2015 13:55:30 +0000 (10:55 -0300)] 
Fix crashing filtered _changes request

A filtered call to _changes end-point prompts a node to
pull a peer from the received mochi request record.
This is crashing on the secondary nodes in a clustered
environment since the peer call made on a socket
that is not original for them.

The fix makes use of the fact that by the time of the request
the peer already got resolved on the coordinator node and
passed along as a part of #http record.

This closes the case COUCHDB-2785

6 years agoNo, etap, we don't need in your services anymore
Alexander Shorin [Sun, 23 Aug 2015 11:22:46 +0000 (14:22 +0300)] 
No, etap, we don't need in your services anymore

6 years agoBind both to IPv4 and IPv6 with special "any" value 89/head
Alexander Shorin [Fri, 21 Aug 2015 08:14:28 +0000 (11:14 +0300)] 
Bind both to IPv4 and IPv6 with special "any" value

This also removes need in special wrapper to handle atom as default
for config:get call.

COUCHDB-2783

6 years agoRemove duplicate `couch_epi` from couch.app.src
Klaus Trainer [Tue, 18 Aug 2015 17:02:53 +0000 (19:02 +0200)] 
Remove duplicate `couch_epi` from couch.app.src

6 years agoLog when password is wrong but user is valid 87/head
Robert Newson [Mon, 17 Aug 2015 19:29:45 +0000 (20:29 +0100)] 
Log when password is wrong but user is valid

COUCHDB-2777

6 years agoAlign csrf cookie refresh with authsession cookie refresh
Robert Newson [Sat, 15 Aug 2015 11:47:44 +0000 (12:47 +0100)] 
Align csrf cookie refresh with authsession cookie refresh

6 years agoMerge remote-tracking branch 'cloudant/47059_session_accept_username'
Robert Newson [Wed, 12 Aug 2015 20:30:33 +0000 (21:30 +0100)] 
Merge remote-tracking branch 'cloudant/47059_session_accept_username'

6 years agoImplement rename_on_delete 85/head
ILYA Khlopotov [Wed, 12 Aug 2015 16:25:30 +0000 (09:25 -0700)] 
Implement rename_on_delete

Sometimes it is usefull to keep deleted db files around. For backup
reasons for example. This commit implements the feature. The feature is
enabled by specifying `rename_on_delete = true` in `[couchdb]` of the
config.

6 years agoMake _session endpoint accept username in addition to name 74/head
Mayya Sharipova [Thu, 23 Jul 2015 19:04:43 +0000 (15:04 -0400)] 
Make _session endpoint accept username in addition to name

Before _session endpoint was only accepting "name" and "password" parameters
This, makes _session endpoint, in addition,  to accept "username" and
"password" parameters

JIRA: COUCHDB-2754
BugzId: 47059

6 years agoAdd couch_db_plugin:on_delete/2 81/head
ILYA Khlopotov [Tue, 11 Aug 2015 20:38:01 +0000 (13:38 -0700)] 
Add couch_db_plugin:on_delete/2

6 years agoTests for 'authentication_handlers' and 'authenticated' on '_session'
ILYA Khlopotov [Wed, 5 Aug 2015 20:45:35 +0000 (13:45 -0700)] 
Tests for 'authentication_handlers' and 'authenticated' on '_session'

6 years agoDon't do pointless conversion of dbname into list
ILYA Khlopotov [Wed, 5 Aug 2015 17:46:33 +0000 (10:46 -0700)] 
Don't do pointless conversion of dbname into list

6 years agoMake sure we start `setup` app in test
ILYA Khlopotov [Wed, 5 Aug 2015 15:23:27 +0000 (08:23 -0700)] 
Make sure we start `setup` app in test

6 years agoReturn `{error, {illegal_database_name, Name}}`
ILYA Khlopotov [Fri, 31 Jul 2015 18:16:23 +0000 (11:16 -0700)] 
Return `{error, {illegal_database_name, Name}}`

6 years agoExport couch_db:is_admin/1
ILYA Khlopotov [Fri, 19 Jun 2015 18:07:07 +0000 (11:07 -0700)] 
Export couch_db:is_admin/1

6 years agoAdd couch_db_plugin:check_is_admin/1
ILYA Khlopotov [Fri, 19 Jun 2015 17:58:35 +0000 (10:58 -0700)] 
Add couch_db_plugin:check_is_admin/1

6 years agoAdd couch_db_plugin:validate_docid/1
ILYA Khlopotov [Fri, 19 Jun 2015 17:50:58 +0000 (10:50 -0700)] 
Add couch_db_plugin:validate_docid/1

6 years agoAdd couch_db_plugin:after_doc_read/2
ILYA Khlopotov [Fri, 19 Jun 2015 17:47:05 +0000 (10:47 -0700)] 
Add couch_db_plugin:after_doc_read/2

6 years agoAdd couch_db_plugin:before_doc_update/2
ILYA Khlopotov [Fri, 19 Jun 2015 17:41:32 +0000 (10:41 -0700)] 
Add couch_db_plugin:before_doc_update/2

6 years agoAdd couch_db_plugin:validate_dbname/2
ILYA Khlopotov [Fri, 19 Jun 2015 17:32:39 +0000 (10:32 -0700)] 
Add couch_db_plugin:validate_dbname/2

6 years agoUpdate `#chttpd{}` record
ILYA Khlopotov [Wed, 29 Jul 2015 19:13:13 +0000 (12:13 -0700)] 
Update `#chttpd{}` record

6 years agoDon't guess authentication handler name
ILYA Khlopotov [Wed, 29 Jul 2015 19:11:50 +0000 (12:11 -0700)] 
Don't guess authentication handler name

6 years agoCSRF is not necessary for read operations 84/head
Robert Newson [Mon, 10 Aug 2015 18:09:29 +0000 (19:09 +0100)] 
CSRF is not necessary for read operations

COUCHDB-2762

6 years agoAdd option to make CSRF cookie mandatory 83/head
Robert Newson [Sat, 8 Aug 2015 13:03:23 +0000 (14:03 +0100)] 
Add option to make CSRF cookie mandatory

When enabled, the CSRF cookie/header is required on all requests
except those to the welcome message at /.

COUCHDB-2762

6 years agochange couch_httpd_csrf section to csrf
Robert Newson [Sat, 8 Aug 2015 12:27:17 +0000 (13:27 +0100)] 
change couch_httpd_csrf section to csrf

6 years agoAdd CSRF protection 80/head
Robert Newson [Fri, 31 Jul 2015 15:25:36 +0000 (16:25 +0100)] 
Add CSRF protection

If the request parameter `csrf` is set to `true` when successfully
acquiring a session cookie from `_session` an additional cookie
(`Csrf-token`) is returned. All requests that send this new cookie
must also send a header (`X-Csrf-Token`) with the same value. If the
cookie is sent and the header is missing or different, a 403 response
is generated.

Note that the CSRF token is signed by the server so tampering is
detected and also results in a 403 response.

closes COUCHDB-2762

6 years agoAvoid arithmetic in `to_hex` function 79/head
ILYA Khlopotov [Mon, 27 Jul 2015 17:13:45 +0000 (10:13 -0700)] 
Avoid arithmetic in `to_hex` function

6 years agoMerge remote-tracking branch 'cloudant/dont-validate-host-by-default'
Robert Newson [Tue, 21 Jul 2015 13:30:48 +0000 (14:30 +0100)] 
Merge remote-tracking branch 'cloudant/dont-validate-host-by-default'