CartoDB-SQL-API/app/services/user_database_service.js

'use strict';

var step = require('step');
var _ = require('underscore');

function isApiKeyFound(apikey) {
    return apikey.type !== null &&
        apikey.user !== null &&
        apikey.databasePassword !== null &&
        apikey.databaseRole !== null;
}

function UserDatabaseService(metadataBackend) {
    this.metadataBackend = metadataBackend;
}

/**
 * Callback is invoked with `dbParams` and `authDbParams`.
 * `dbParams` depends on AuthApi verification so it might return a public user with just SELECT permission, where
 * `authDbParams` will always return connection params as AuthApi had authorized the connection.
 * That might be useful when you have to run a query with and without permissions.
 *
 * @param {AuthApi} authApi
 * @param {String} cdbUsername
 * @param {Function} callback (err, dbParams, authDbParams)
 */
UserDatabaseService.prototype.getConnectionParams = function (cdbUsername, apikeyToken, isAuthenticated, callback) {
    var self = this;

    var dbopts = {
        port: global.settings.db_port,
        pass: global.settings.db_pubuser_pass
    };

    step(
        function getDatabaseConnectionParams() {
            self.metadataBackend.getAllUserDBParams(cdbUsername, this);
        },
        function getApiKey (err, dbParams) {
            if (err) {
                err.http_status = 404;
                err.message = "Sorry, we can't find CartoDB user '" + cdbUsername + "'. " +
                    "Please check that you have entered the correct domain.";
                return callback(err);
            }

            const next = this;

            if (apikeyToken === undefined) {
                return next(null, dbopts, dbParams);
            }

            self.getApiKey(cdbUsername, apikeyToken, function (err, apikey) {
                if (err) {
                    return next(err);
                }

                if (!apikey) {
                    return next(null, dbopts, dbParams);
                }

                next(null, dbopts, dbParams, apikey);
            });
        },
        function setDBAuth(err, dbopts, dbParams, apikey) {
            const next = this;

            if (err) {
                return next(err);
            }

            dbopts.host = dbParams.dbhost;
            dbopts.dbname = dbParams.dbname;
            dbopts.user = (!!dbParams.dbpublicuser) ? dbParams.dbpublicuser : global.settings.db_pubuser;

            var user = _.template(global.settings.db_user, {user_id: dbParams.dbuser});
            var pass = null;

            if (global.settings.hasOwnProperty('db_user_pass')) {
                pass = _.template(global.settings.db_user_pass, {
                    user_id: dbParams.dbuser,
                    user_password: dbParams.dbpass
                });
            }

            if (isAuthenticated) {
                if (apikey) {
                    dbopts.user = apikey.databaseRole;
                    dbopts.pass = apikey.databasePassword;
                } else {
                    dbopts.user = user;
                    dbopts.pass = pass;
                }
            }

            var authDbOpts = _.defaults({ user: user, pass: pass }, dbopts);

            return next(null, dbopts, authDbOpts);
        },
        function errorHandle(err, dbopts, authDbOpts) {
            if (err) {
                return callback(err);
            }

            callback(null, dbopts, authDbOpts);
        }
    );
};

UserDatabaseService.prototype.getApiKey = function (cdbUsername, apikeyToken, callback) {
    this.metadataBackend.getApikey(cdbUsername, apikeyToken, (err, apikey) => {
        if (err) {
            return callback(err);
        }

        if (!isApiKeyFound(apikey)) {
            return callback(null);
        }

        callback(null, apikey);
    });
};

module.exports = UserDatabaseService;
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`'use strict';`

			`var step = require('step');`
			`var _ = require('underscore');`

Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`function isApiKeyFound(apikey) {`
Use current implementation of cartodb-redis 2018-02-12 23:41:35 +08:00			`return apikey.type !== null &&`
			`apikey.user !== null &&`
			`apikey.databasePassword !== null &&`
			`apikey.databaseRole !== null;`
			`}`

Refactored user database service ans updated controllers to use it. 2016-01-21 23:17:17 +08:00			`function UserDatabaseService(metadataBackend) {`
			`this.metadataBackend = metadataBackend;`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`}`

Adds documentation about values passed over callback in getConnectionParams 2016-01-28 21:25:03 +08:00			`/**`
			* Callback is invoked with `dbParams` and `authDbParams`.
			* `dbParams` depends on AuthApi verification so it might return a public user with just SELECT permission, where
			* `authDbParams` will always return connection params as AuthApi had authorized the connection.
			`* That might be useful when you have to run a query with and without permissions.`
			`*`
			`* @param {AuthApi} authApi`
			`* @param {String} cdbUsername`
			`* @param {Function} callback (err, dbParams, authDbParams)`
			`*/`
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`UserDatabaseService.prototype.getConnectionParams = function (cdbUsername, apikeyToken, isAuthenticated, callback) {`
Refactored user database service ans updated controllers to use it. 2016-01-21 23:17:17 +08:00			`var self = this;`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
			`var dbopts = {`
			`port: global.settings.db_port,`
			`pass: global.settings.db_pubuser_pass`
			`};`

			`step(`
			`function getDatabaseConnectionParams() {`
Implements authDbParams interface Uses user and pass from redis and relies on rest of params prepared for normal dbParams 2016-01-28 21:38:02 +08:00			`self.metadataBackend.getAllUserDBParams(cdbUsername, this);`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`},`
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`function getApiKey (err, dbParams) {`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`if (err) {`
			`err.http_status = 404;`
			`err.message = "Sorry, we can't find CartoDB user '" + cdbUsername + "'. " +`
			`"Please check that you have entered the correct domain.";`
			`return callback(err);`
			`}`

Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`const next = this;`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`if (apikeyToken === undefined) {`
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`return next(null, dbopts, dbParams);`
			`}`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`self.getApiKey(cdbUsername, apikeyToken, function (err, apikey) {`
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`if (err) {`
			`return next(err);`
			`}`

Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`if (!apikey) {`
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`return next(null, dbopts, dbParams);`
			`}`

			`next(null, dbopts, dbParams, apikey);`
			`});`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`},`
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`function setDBAuth(err, dbopts, dbParams, apikey) {`
			`const next = this;`
Apply user timeout to ogr2ogr command 2017-08-09 18:50:16 +08:00
			`if (err) {`
			`return next(err);`
			`}`

Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`dbopts.host = dbParams.dbhost;`
			`dbopts.dbname = dbParams.dbname;`
			`dbopts.user = (!!dbParams.dbpublicuser) ? dbParams.dbpublicuser : global.settings.db_pubuser;`

Implements authDbParams interface Uses user and pass from redis and relies on rest of params prepared for normal dbParams 2016-01-28 21:38:02 +08:00			`var user = _.template(global.settings.db_user, {user_id: dbParams.dbuser});`
			`var pass = null;`
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00
Implements authDbParams interface Uses user and pass from redis and relies on rest of params prepared for normal dbParams 2016-01-28 21:38:02 +08:00			`if (global.settings.hasOwnProperty('db_user_pass')) {`
			`pass = _.template(global.settings.db_user_pass, {`
			`user_id: dbParams.dbuser,`
			`user_password: dbParams.dbpass`
			`});`
			`}`

Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`if (isAuthenticated) {`
			`if (apikey) {`
			`dbopts.user = apikey.databaseRole;`
			`dbopts.pass = apikey.databasePassword;`
			`} else {`
			`dbopts.user = user;`
			`dbopts.pass = pass;`
			`}`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`}`

Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`var authDbOpts = _.defaults({ user: user, pass: pass }, dbopts);`
Implements authDbParams interface Uses user and pass from redis and relies on rest of params prepared for normal dbParams 2016-01-28 21:38:02 +08:00
Extract to a middleware user timeout limit from user-database-services 2018-02-22 19:45:55 +08:00			`return next(null, dbopts, authDbOpts);`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`},`
Extract to a middleware user timeout limit from user-database-services 2018-02-22 19:45:55 +08:00			`function errorHandle(err, dbopts, authDbOpts) {`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`if (err) {`
			`return callback(err);`
			`}`

Extract to a middleware user timeout limit from user-database-services 2018-02-22 19:45:55 +08:00			`callback(null, dbopts, authDbOpts);`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`}`
			`);`
			`};`

Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`UserDatabaseService.prototype.getApiKey = function (cdbUsername, apikeyToken, callback) {`
			`this.metadataBackend.getApikey(cdbUsername, apikeyToken, (err, apikey) => {`
			`if (err) {`
			`return callback(err);`
			`}`

			`if (!isApiKeyFound(apikey)) {`
			`return callback(null);`
			`}`

			`callback(null, apikey);`
			`});`
			`};`

Renamed exposed function 2015-12-10 22:06:25 +08:00			`module.exports = UserDatabaseService;`