CartoDB-SQL-API/app/models/psql.js

var _      = require('underscore')
    , Step   = require('step')
    , pg     = require('pg');//.native; // disabled for now due to: https://github.com/brianc/node-postgres/issues/48
_.mixin(require('underscore.string'));

// Max database connections in the pool
// Subsequent connections will block waiting for a free slot
pg.defaults.poolSize = global.settings.db_pool_size || 16;

// Milliseconds of idle time before removing connection from pool
// TODO: make config setting ?
pg.defaults.poolIdleTimeout = global.settings.db_pool_idleTimeout || 30000;

// Frequency to check for idle clients within the pool, ms
// TODO: make config setting ?
pg.defaults.reapIntervalMillis = global.settings.db_pool_reapInterval || 1000;

pg.on('error', function(err, client) {
  console.log("PostgreSQL connection error: " + err);
});


// PSQL
//
// A simple postgres wrapper with logic about username and database to connect
//
// * intended for use with pg_bouncer
// * defaults to connecting with a "READ ONLY" user to given DB if not passed a specific user_id
var PSQL = function(user_id, db) {

    var error_text = "Incorrect access parameters. If you are accessing via OAuth, please check your tokens are correct. For public users, please ensure your table is published."
    if (!_.isString(user_id) && !_.isString(db)) throw new Error(error_text);

    var me = {
        public_user: "publicuser"
        , user_id: user_id
        , db: db
    };

    me.username = function(){
        var username = this.public_user;
        if (_.isString(this.user_id))
            username = _.template(global.settings.db_user, {user_id: this.user_id});

        return username;
    };

    me.database = function(){
        var database = db;
        if (_.isString(this.user_id))
            database = _.template(global.settings.db_base_name, {user_id: this.user_id});

        return database;
    };

    me.conString = "tcp://" + me.username() + "@" +
                    global.settings.db_host + ":" +
                    global.settings.db_port + "/" +
                    me.database();

    me.eventedQuery = function(sql, callback){
        var that = this;

        Step(
            function(){
                that.sanitize(sql, this);
            },
            function(err, clean){
                if (err) throw err;
                pg.connect(that.conString, this);
            },
            function(err, client, done){
                if (err) throw err;
                var query = client.query(sql);
                // NOTE: for some obscure reason passing "done" directly
                //       as the listener works but can be slower
                //      (by x2 factor!)
                query.on('end', function() { done(); }); 
                return query;
            },
            function(err, query){
                callback(err, query)
            }
        );
    },

    me.query = function(sql, callback){
        var that = this;
        var finish;

        Step(
            function(){
                that.sanitize(sql, this);
            },
            function(err, clean){
                if (err) throw err;
                pg.connect(that.conString, this);
            },
            function(err, client, done){
                if (err) throw err;
                finish = done;
                client.query(sql, this);
            },
            function(err, res){

                // Release client to the pool
                // should this be postponed to after the callback ?
                // NOTE: if we pass a true value to finish() the client
                //       will be removed from the pool.
                //       We don't want this. Not now.
                if ( finish ) finish();

                callback(err, res)
            }
        );
    };

    // throw exception if illegal operations are detected
    // NOTE: this check is weak hack, better database
    //       permissions should be used instead.
    me.sanitize = function(sql, callback){
        // NOTE: illegal table access is checked in main app
        if (sql.match(/^\s+set\s+/i)){
            var error = new SyntaxError("SET command is forbidden");
            error.http_status = 403;
            callback(error); 
            return;
        }
        callback(null,true);
    };

    return me;
};

module.exports = PSQL;
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`var _ = require('underscore')`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`, Step = require('step')`
			`, pg = require('pg');//.native; // disabled for now due to: https://github.com/brianc/node-postgres/issues/48`
			`_.mixin(require('underscore.string'));`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00
Survive postgresql connection losses. Closes #95. 2013-05-25 00:16:12 +08:00			`// Max database connections in the pool`
			`// Subsequent connections will block waiting for a free slot`
			`pg.defaults.poolSize = global.settings.db_pool_size \|\| 16;`

			`// Milliseconds of idle time before removing connection from pool`
			`// TODO: make config setting ?`
			`pg.defaults.poolIdleTimeout = global.settings.db_pool_idleTimeout \|\| 30000;`

			`// Frequency to check for idle clients within the pool, ms`
			`// TODO: make config setting ?`
			`pg.defaults.reapIntervalMillis = global.settings.db_pool_reapInterval \|\| 1000;`

			`pg.on('error', function(err, client) {`
			`console.log("PostgreSQL connection error: " + err);`
			`});`


first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`// PSQL`
			`//`
			`// A simple postgres wrapper with logic about username and database to connect`
			`//`
			`// * intended for use with pg_bouncer`
			`// * defaults to connecting with a "READ ONLY" user to given DB if not passed a specific user_id`
Bubble paging UI hack up from model to controller ... one day we'll need to completely drop this hack! 2013-05-24 16:22:17 +08:00			`var PSQL = function(user_id, db) {`
added body_hash to oauth check and stopped firing exception if incomplete oauth variables sent 2011-08-22 20:33:12 +08:00
add system table sanitizer 2011-11-22 08:06:14 +08:00			`var error_text = "Incorrect access parameters. If you are accessing via OAuth, please check your tokens are correct. For public users, please ensure your table is published."`
			`if (!_.isString(user_id) && !_.isString(db)) throw new Error(error_text);`

			`var me = {`
			`public_user: "publicuser"`
			`, user_id: user_id`
			`, db: db`
			`};`

			`me.username = function(){`
			`var username = this.public_user;`
			`if (_.isString(this.user_id))`
			`username = _.template(global.settings.db_user, {user_id: this.user_id});`

			`return username;`
			`};`

			`me.database = function(){`
			`var database = db;`
			`if (_.isString(this.user_id))`
			`database = _.template(global.settings.db_base_name, {user_id: this.user_id});`

			`return database;`
			`};`

Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00			`me.conString = "tcp://" + me.username() + "@" +`
			`global.settings.db_host + ":" +`
			`global.settings.db_port + "/" +`
			`me.database();`

Switch to using evented query model for postgresql This enables formats for processing rows as they arrive from the database, thus possibly reducing memory use. For a start the skip fields are immediately removed from the result, rather than only at the end. 2013-05-29 20:36:31 +08:00			`me.eventedQuery = function(sql, callback){`
			`var that = this;`

			`Step(`
			`function(){`
			`that.sanitize(sql, this);`
			`},`
			`function(err, clean){`
			`if (err) throw err;`
			`pg.connect(that.conString, this);`
			`},`
			`function(err, client, done){`
			`if (err) throw err;`
			`var query = client.query(sql);`
			`// NOTE: for some obscure reason passing "done" directly`
			`// as the listener works but can be slower`
			`// (by x2 factor!)`
			`query.on('end', function() { done(); });`
			`return query;`
			`},`
			`function(err, query){`
			`callback(err, query)`
			`}`
			`);`
			`},`

Bubble paging UI hack up from model to controller ... one day we'll need to completely drop this hack! 2013-05-24 16:22:17 +08:00			`me.query = function(sql, callback){`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`var that = this;`
Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00			`var finish;`
add system table sanitizer 2011-11-22 08:06:14 +08:00
			`Step(`
			`function(){`
			`that.sanitize(sql, this);`
			`},`
			`function(err, clean){`
			`if (err) throw err;`
Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00			`pg.connect(that.conString, this);`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`},`
Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00			`function(err, client, done){`
Hide dangerous methods of the PSQL model class These steps are prepatorial to recactoring to event-based model 2013-05-24 16:38:27 +08:00			`if (err) throw err;`
Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00			`finish = done;`
Bubble paging UI hack up from model to controller ... one day we'll need to completely drop this hack! 2013-05-24 16:22:17 +08:00			`client.query(sql, this);`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`},`
			`function(err, res){`
Expose PostgreSQL client pooling settings in environment files Actually also moves to a real pooling model, managed by node-pg. Closes #47 See .example files for new configurations 2013-05-24 18:06:14 +08:00
			`// Release client to the pool`
			`// should this be postponed to after the callback ?`
			`// NOTE: if we pass a true value to finish() the client`
			`// will be removed from the pool.`
			`// We don't want this. Not now.`
			`if ( finish ) finish();`

add system table sanitizer 2011-11-22 08:06:14 +08:00			`callback(err, res)`
			`}`
			`);`
			`};`

Make using SET or querying system catalogues harder An hack to "prevent" querying system tables already existed but was pretty weak. This commits makes that a bit stronger. The filter for SET is new. 2013-04-09 17:49:05 +08:00			`// throw exception if illegal operations are detected`
			`// NOTE: this check is weak hack, better database`
			`// permissions should be used instead.`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`me.sanitize = function(sql, callback){`
Rework system catalogue prevention access check to use CDB_QueryTables This change reduces the chances of false positive (forbidding legit queries). Doesn't solve the problem of false negative (allowing illegit queries). 2013-04-09 18:36:37 +08:00			`// NOTE: illegal table access is checked in main app`
Make using SET or querying system catalogues harder An hack to "prevent" querying system tables already existed but was pretty weak. This commits makes that a bit stronger. The filter for SET is new. 2013-04-09 17:49:05 +08:00			`if (sql.match(/^\s+set\s+/i)){`
			`var error = new SyntaxError("SET command is forbidden");`
			`error.http_status = 403;`
			`callback(error);`
			`return;`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`}`
Make using SET or querying system catalogues harder An hack to "prevent" querying system tables already existed but was pretty weak. This commits makes that a bit stronger. The filter for SET is new. 2013-04-09 17:49:05 +08:00			`callback(null,true);`
add system table sanitizer 2011-11-22 08:06:14 +08:00			`};`

			`return me;`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`};`

Introduced a new parameter db_port to change it in a easy way Some space and linebreaks cleaning 2011-06-13 18:31:50 +08:00			`module.exports = PSQL;`