All pastes #2127297 Raw Edit

Untitled

public text v1 · immutable
#2127297 ·published 2012-03-12 12:32 UTC
rendered paste body
 OS Process Error <0.7813.0> :: {<<"compilation_error">>,
                                                     <<"Expression does not eval to a function. ((new String(\"\\n    function(newDoc, oldDoc, userCtx) {\\n        if (newDoc._deleted === true) {\\n            // allow deletes by admins and matching users\\n            // without checking the other fields\\n            if ((userCtx.roles.indexOf('_admin') !== -1) ||\\n                (userCtx.name == oldDoc.name)) {\\n                return;\\n            } else {\\n                throw({forbidden: 'Only admins may delete other user docs.'});\\n            }\\n        }\\n\\n        if ((oldDoc && oldDoc.type !== 'user') || newDoc.type !== 'user') {\\n            throw({forbidden : 'doc.type must be user'});\\n        } // we only allow user docs for now\\n\\n        if (!newDoc.name) {\\n            throw({forbidden: 'doc.name is required'});\\n        }\\n\\n        if (newDoc.roles && !isArray(newDoc.roles)) {\\n            throw({forbidden: 'doc.roles must be an array'});\\n        }\\n\\n        if (newDoc._id !== ('org.couchdb.user:' + newDoc.name)) {\\n            throw({\\n                forbidden: 'Doc ID must be of the form org.couchdb.user:name'\\n            });\\n        }\\n\\n        if (oldDoc) { // validate all updates\\n            if (oldDoc.name !== newDoc.name) {\\n                throw({forbidden: 'Usernames can not be changed.'});\\n            }\\n        }\\n\\n        if (newDoc.password_sha && !newDoc.salt) {\\n            throw({\\n                forbidden: 'Users with password_sha must have a salt.' +\\n                    'See /_utils/script/couch.js for example code.'\\n            });\\n        }\\n\\n        if (userCtx.roles.indexOf('_admin') === -1) {\\n            if (oldDoc) { // validate non-admin updates\\n                if (userCtx.name !== newDoc.name) {\\n                    throw({\\n                        forbidden: 'You may only update your own user document.'\\n                    });\\n                }\\n                // validate role updates\\n                var oldRoles = oldDoc.roles.sort();\\n                var newRoles = newDoc.roles.sort();\\n\\n                if (oldRoles.length !== newRoles.length) {\\n                    throw({forbidden: 'Only _admin may edit roles'});\\n                }\\n\\n                for (var i = 0; i < oldRoles.length; i++) {\\n                    if (oldRoles[i] !== newRoles[i]) {\\n                        throw({forbidden: 'Only _admin may edit roles'});\\n                    }\\n                }\\n            } else if (newDoc.roles.length > 0) {\\n                throw({forbidden: 'Only _admin may set roles'});\\n            }\\n        }\\n\\n        // no system roles in users db\\n        for (var i = 0; i < newDoc.roles.length; i++) {\\n            if (newDoc.roles[i][0] === '_') {\\n                throw({\\n                    forbidden:\\n                    'No system roles (starting with underscore) in users db.'\\n                });\\n            }\\n        }\\n\\n        // no system names as names\\n        if (newDoc.name[0] === '_') {\\n            throw({forbidden: 'Username may not start with underscore.'});\\n        }\\n    }\\n\")))">>}