2011-06-13 11:23:02 +08:00
require ( '../helper' ) ;
var _ = require ( 'underscore' )
, PSQL = require ( '../../app/models/psql' )
, assert = require ( 'assert' ) ;
2013-11-06 00:49:10 +08:00
var public _user = global . settings . db _pubuser ;
2012-07-13 04:54:12 +08:00
suite ( 'psql' , function ( ) {
test ( 'test throws error if no args passed to constructor' , function ( ) {
var msg ;
2011-06-13 11:23:02 +08:00
try {
2012-06-02 04:07:22 +08:00
var pg = new PSQL ( ) ;
2011-06-13 11:23:02 +08:00
} catch ( err ) {
2012-07-13 04:54:12 +08:00
msg = err . message ;
2011-06-13 11:23:02 +08:00
}
2012-07-13 04:54:12 +08:00
assert . equal ( msg , "Incorrect access parameters. If you are accessing via OAuth, please check your tokens are correct. For public users, please ensure your table is published." ) ;
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test instantiate with just user constructor' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( "1" , null ) ;
assert . equal ( pg . user _id , "1" ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test instantiate with just db constructor' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( null , 'my_database' ) ;
assert . equal ( pg . db , "my_database" ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test username returns default user if not set' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( null , 'my_database' ) ;
2013-11-06 00:49:10 +08:00
assert . equal ( pg . username ( ) , public _user ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test username returns interpolated user if set' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( 'simon' , 'my_database' ) ;
assert . equal ( pg . username ( ) , "test_cartodb_user_simon" ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test username returns default db if user not set' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( null , 'my_database' ) ;
assert . equal ( pg . database ( ) , "my_database" ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test username returns interpolated db if user set' , function ( ) {
2011-06-13 11:23:02 +08:00
var pg = new PSQL ( 'simon' ) ;
assert . equal ( pg . database ( ) , "cartodb_test_user_simon_db" ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test private user can execute SELECTS on db' , function ( done ) {
2012-06-02 03:50:09 +08:00
var pg = new PSQL ( '1' ) ;
2012-06-02 04:12:29 +08:00
var sql = "SELECT 1 as test_sum" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
assert . equal ( result . rows [ 0 ] . test _sum , 1 ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2011-06-13 11:23:02 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test private user can execute CREATE on db' , function ( done ) {
2012-06-02 03:50:09 +08:00
var pg = new PSQL ( '1' ) ;
2012-06-02 04:12:29 +08:00
var sql = "DROP TABLE IF EXISTS distributors; CREATE TABLE distributors (id integer, name varchar(40), UNIQUE(name))" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
2012-07-13 04:54:12 +08:00
assert . ok ( _ . isNull ( err ) ) ;
done ( ) ;
2011-06-13 11:23:02 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2012-07-13 04:54:12 +08:00
test ( 'test private user can execute INSERT on db' , function ( done ) {
2012-06-02 03:50:09 +08:00
var pg = new PSQL ( '1' ) ;
2012-06-02 04:12:29 +08:00
var sql = "DROP TABLE IF EXISTS distributors1; CREATE TABLE distributors1 (id integer, name varchar(40), UNIQUE(name))" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
2012-06-02 04:12:29 +08:00
sql = "INSERT INTO distributors1 (id, name) VALUES (1, 'fish')" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
2012-07-13 04:54:12 +08:00
assert . deepEqual ( result . rows , [ ] ) ;
done ( ) ;
2011-06-13 11:23:02 +08:00
} ) ;
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2013-11-06 00:49:10 +08:00
test ( 'test public user can execute SELECT on enabled tables' , function ( done ) {
2012-06-02 03:50:09 +08:00
var pg = new PSQL ( "1" ) ;
2013-11-06 00:49:10 +08:00
var sql = "DROP TABLE IF EXISTS distributors2; CREATE TABLE distributors2 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors2 TO " + public _user + ";" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
2012-06-02 03:50:09 +08:00
pg = new PSQL ( null , 'cartodb_test_user_1_db' ) ;
2011-06-13 11:23:02 +08:00
pg . query ( "SELECT count(*) FROM distributors2" , function ( err , result ) {
assert . equal ( result . rows [ 0 ] . count , 0 ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2011-06-13 11:23:02 +08:00
} ) ;
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-13 11:23:02 +08:00
2013-11-06 00:49:10 +08:00
test ( 'test public user cannot execute INSERT on db' , function ( done ) {
2012-06-02 03:50:09 +08:00
var pg = new PSQL ( "1" ) ;
2013-11-06 00:49:10 +08:00
var sql = "DROP TABLE IF EXISTS distributors3; CREATE TABLE distributors3 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors3 TO " + public _user + ";" ;
2011-06-13 11:23:02 +08:00
pg . query ( sql , function ( err , result ) {
2012-06-02 03:50:09 +08:00
pg = new PSQL ( null , 'cartodb_test_user_1_db' ) ; //anonymous user
2011-06-13 11:23:02 +08:00
pg . query ( "INSERT INTO distributors3 (id, name) VALUES (1, 'fishy')" , function ( err , result ) {
2012-07-13 04:54:12 +08:00
assert . equal ( err . message , 'permission denied for relation distributors3' ) ;
done ( ) ;
2011-06-13 11:23:02 +08:00
} ) ;
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2013-06-14 17:18:16 +08:00
test ( 'Windowed SQL with simple select' , function ( ) {
// NOTE: intentionally mixed-case and space-padded
var sql = "\n \tSEleCT * from table1" ;
var out = PSQL . window _sql ( sql , 1 , 0 ) ;
assert . equal ( out , "SELECT * FROM (" + sql + ") AS cdbq_1 LIMIT 1 OFFSET 0" ) ;
} ) ;
test ( 'Windowed SQL with CTE select' , function ( ) {
// NOTE: intentionally mixed-case and space-padded
var cte = "\n \twiTh x as( update test set x=x+1)" ;
var select = "\n \tSEleCT * from x" ;
var sql = cte + select ;
var out = PSQL . window _sql ( sql , 1 , 0 ) ;
assert . equal ( out , cte + "SELECT * FROM (" + select + ") AS cdbq_1 LIMIT 1 OFFSET 0" ) ;
} ) ;
test ( 'Windowed SQL with CTE update' , function ( ) {
// NOTE: intentionally mixed-case and space-padded
var cte = "\n \twiTh a as( update test set x=x+1)" ;
var upd = "\n \tupdate tost set y=x from x" ;
var sql = cte + upd ;
var out = PSQL . window _sql ( sql , 1 , 0 ) ;
assert . equal ( out , sql ) ;
} ) ;
test ( 'Windowed SQL with complex CTE and insane quoting' , function ( ) {
// NOTE: intentionally mixed-case and space-padded
var cte = "\n \twiTh \"('a\" as( update \"\"\"test)\" set x='x'+1), \")b(\" as ( select ')))\"' from z )" ;
var sel = "\n \tselect '\"' from x" ;
var sql = cte + sel ;
var out = PSQL . window _sql ( sql , 1 , 0 ) ;
assert . equal ( out , cte + "SELECT * FROM (" + sel + ") AS cdbq_1 LIMIT 1 OFFSET 0" ) ;
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;