Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-3793

[3.1.4 backport] Perform allow_dbconfig_env_vars check in getAuthScopeHandleCreateDB

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 3.1.4
    • None
    • SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 146
    • 1

    Description

      getAuthScopeHandleCreateDB uses DecodeAndSanitiseConfig when scanning the incoming config to find the bucket being used.  This is going to trigger environment variable validation on the config, leading to confusing errors.

      The subsequent actual config persistence correctly uses readSanitizeDbConfigJSON which applies the AllowDbConfigEnvVars check, so it's not the case that environment variables will be applied.  However, we should switch getAuthScopeHandleCreateDB to either use readSanitizeDbConfigJSON, or something else more tailored to bucket retrieval that also bypasses the environment variable check.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            gregory.newmansmith Gregory Newman-Smith
            adamf Adam Fraser
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty