Last active
December 18, 2015 18:39
-
-
Save indutny/5826819 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit bda00b93bed86610319f73cc6e857bd6ae05bff7 | |
Author: Fedor Indutny <fedor.indutny@gmail.com> | |
Date: Thu Jun 20 23:32:26 2013 +0200 | |
couch_users_db: introduce public_users option | |
When `couchdb.public_users` is set to `true`, getting `/_users/id` will | |
return user document with sensitive information stripped. | |
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in | |
index 736d9cd..a7b5c04 100644 | |
--- a/etc/couchdb/default.ini.tpl.in | |
+++ b/etc/couchdb/default.ini.tpl.in | |
@@ -14,6 +14,7 @@ os_process_timeout = 5000 ; 5 seconds. for view and external servers. | |
max_dbs_open = 100 | |
delayed_commits = true ; set this to false to ensure an fsync before 201 Created is returned | |
uri_file = %localstaterundir%/couch.uri | |
+public_users = false | |
; Method used to compress everything that is appended to database and view index files, except | |
; for attachments (see the attachments section). Available methods are: | |
; | |
diff --git a/src/couchdb/couch_users_db.erl b/src/couchdb/couch_users_db.erl | |
index de76142..e56ea85 100644 | |
--- a/src/couchdb/couch_users_db.erl | |
+++ b/src/couchdb/couch_users_db.erl | |
@@ -101,7 +101,25 @@ after_doc_read(Doc, #db{user_ctx = UserCtx} = Db) -> | |
_ when Name =:= DocName -> | |
Doc; | |
_ -> | |
- throw(not_found) | |
+ case couch_config:get("couchdb", "public_users", "false") of | |
+ "false" -> | |
+ throw(not_found); | |
+ "true" -> | |
+ #doc{body = {Body}} = Doc, | |
+ Doc#doc{ | |
+ body = {lists:filter(fun({Key, _}) -> | |
+ (Key =/= <<"salt">>) and | |
+ (Key =/= <<"password">>) and | |
+ (Key =/= <<"password_sha">>) and | |
+ (Key =/= <<"password_scheme">>) and | |
+ (Key =/= <<"derived_Key">>) and | |
+ (Key =/= <<"pbkdf2">>) and | |
+ (Key =/= <<"iterations">>) and | |
+ (Key =/= <<"bcrypt">>) and | |
+ (Key =/= <<"x-csrf-token">>) | |
+ end, Body)} | |
+ } | |
+ end | |
end. | |
get_doc_name(#doc{id= <<"org.couchdb.user:", Name/binary>>}) -> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment