5

I have a problem with the roles of Sync_gateway. My sync_function throws an missing role error at requireRole("adminSync");.

I'm accessing with user admin1 that is configured as it follows:

  "name": "admin1",
  "all_channels": {},
  "passwordhash_bcrypt": "**************",
  "explicit_roles": {
    "adminSync": 1
  },
  "rolesSince": {
    "adminSync": 1
  }

Also I have the role configured as:

{
  "name": "adminSync",
  "admin_channels": {
    "CH_HORAS": 1,
    "CH_PERSONAS": 1,
    "CH_PROYECTOS": 1
  },
  "all_channels": {
    "CH_HORAS": 1,
    "CH_PERSONAS": 1,
    "CH_PROYECTOS": 1
  }
}

Any idea of this error??

Thanks.

mram888
  • 4,899
  • 5
  • 33
  • 59
pikap
  • 132
  • 8

2 Answers2

4

I'm working on the same problem. I looked into sync_gateway source code src/channels/sync_runner.go and found requireRole definition, which is : 

function requireRole(roles) {
            if (!shouldValidate) return;
            roles = makeArray(roles);
            if (!anyInArray(realUserCtx.roles, roles))
                throw({forbidden: "missing role"});
    }

Nevertheless, I tried to add this part of code in my sync function : 

console.log(Array.isArray(realUserCtx.roles));

..and it returned false. realUserCtx.roles is not an array, but a function and I don't know what is inside this function body.

I hope it can help find the solution.

Karl V.
  • 66
  • 2
1

Re, I found out what was wrong,

The variable realUserCtx.roles is a map, so according to the requireRole(..) which needs to compare two arrays, it always return false.

So I needed to change the source code of src/channels/sync_runner.go to convert this map into an array before the comparison.

function mapToArray(mapObject){
        var _array = [];
        if(mapObject){
            for (var property in mapObject) {
                _array.push(property);
            }
        }
        return _array;
    }

then..

function requireRole(roles) {
    ...
    if (!anyInArray(mapToArray(realUserCtx.roles), roles))
    }

If you need more explanations you can contact me in private message. Good luck

Karl V.
  • 66
  • 2