CartoDB-SQL-API/app/controllers/copy_controller.js

'use strict';

const userMiddleware = require('../middlewares/user');
const errorMiddleware = require('../middlewares/error');
const authorizationMiddleware = require('../middlewares/authorization');
const connectionParamsMiddleware = require('../middlewares/connection-params');
const timeoutLimitsMiddleware = require('../middlewares/timeout-limits');
const { initializeProfilerMiddleware } = require('../middlewares/profiler');
const rateLimitsMiddleware = require('../middlewares/rate-limit');
const { RATE_LIMIT_ENDPOINTS_GROUPS } = rateLimitsMiddleware;

const zlib = require('zlib');
const PSQL = require('cartodb-psql');
const copyTo = require('pg-copy-streams').to;
const copyFrom = require('pg-copy-streams').from;


function CopyController(metadataBackend, userDatabaseService, userLimitsService) {
    this.metadataBackend = metadataBackend;
    this.userDatabaseService = userDatabaseService;
    this.userLimitsService = userLimitsService;
}

CopyController.prototype.route = function (app) {
    const { base_url } = global.settings;

    const copyFromMiddlewares = endpointGroup => {
        return [
            initializeProfilerMiddleware('copyfrom'),
            userMiddleware(),
            rateLimitsMiddleware(this.userLimitsService, endpointGroup),
            authorizationMiddleware(this.metadataBackend),
            connectionParamsMiddleware(this.userDatabaseService),
            timeoutLimitsMiddleware(this.metadataBackend),
            this.handleCopyFrom.bind(this),
            this.responseCopyFrom.bind(this),
            errorMiddleware()
        ];
    };

    const copyToMiddlewares = endpointGroup => {
        return [
            initializeProfilerMiddleware('copyto'),
            userMiddleware(),
            rateLimitsMiddleware(this.userLimitsService, endpointGroup),
            authorizationMiddleware(this.metadataBackend),
            connectionParamsMiddleware(this.userDatabaseService),
            timeoutLimitsMiddleware(this.metadataBackend),
            this.handleCopyTo.bind(this),
            errorMiddleware()
        ];
    };

    app.post(`${base_url}/sql/copyfrom`, copyFromMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.COPY_FROM));
    app.get(`${base_url}/sql/copyto`, copyToMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.COPY_TO));
};

CopyController.prototype.handleCopyTo = function (req, res, next) {
    const { sql } = req.query;
    const filename = req.query.filename || 'carto-sql-copyto.dmp';

    if (!sql) {
        throw new Error("Parameter 'sql' is missing");
    }

    // Only accept SQL that starts with 'COPY'
    if (!sql.toUpperCase().startsWith("COPY ")) {
        throw new Error("SQL must start with COPY");
    }

    try {
        // Open pgsql COPY pipe and stream out to HTTP response
        const pg = new PSQL(res.locals.userDbParams);
        pg.connect(function (err, client) {
            if (err) {
                return next(err);
            }

            let copyToStream = copyTo(sql);
            const pgstream = client.query(copyToStream);

            res.on('error', next);
            pgstream.on('error', next);
            pgstream.on('end', next);

            res.setHeader("Content-Disposition", `attachment; filename=${encodeURIComponent(filename)}`);
            res.setHeader("Content-Type", "application/octet-stream");

            pgstream.pipe(res);
        });
    } catch (err) {
        next(err);
    }

};

CopyController.prototype.handleCopyFrom = function (req, res, next) {
    const { sql } = req.query;

    if (!sql) {
        return next(new Error("Parameter 'sql' is missing, must be in URL or first field in POST"));
    }

    // Only accept SQL that starts with 'COPY'
    if (!sql.toUpperCase().startsWith("COPY ")) {
        return next(new Error("SQL must start with COPY"));
    }

    try {
        const start_time = Date.now();

        // Connect and run the COPY
        const pg = new PSQL(res.locals.userDbParams);
        pg.connect(function (err, client) {
            if (err) {
                return next(err);
            }

            let copyFromStream = copyFrom(sql);
            const pgstream = client.query(copyFromStream);
            pgstream.on('error', next);
            pgstream.on('end', function () {
                const end_time = Date.now();
                res.body = {
                    time: (end_time - start_time) / 1000,
                    total_rows: copyFromStream.rowCount
                };

                return next();
            });

            if (req.get('content-encoding') === 'gzip') {
                req.pipe(zlib.createGunzip()).pipe(pgstream);
            } else {
                req.pipe(pgstream);
            }
        });

    } catch (err) {
        next(err);
    }

};

CopyController.prototype.responseCopyFrom = function (req, res, next) {
    if (!res.body || !res.body.total_rows) {
        return next(new Error("No rows copied"));
    }

    res.send(res.body);
};

module.exports = CopyController;
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`'use strict';`

			`const userMiddleware = require('../middlewares/user');`
			`const errorMiddleware = require('../middlewares/error');`
			`const authorizationMiddleware = require('../middlewares/authorization');`
			`const connectionParamsMiddleware = require('../middlewares/connection-params');`
			`const timeoutLimitsMiddleware = require('../middlewares/timeout-limits');`
			`const { initializeProfilerMiddleware } = require('../middlewares/profiler');`
			`const rateLimitsMiddleware = require('../middlewares/rate-limit');`
			`const { RATE_LIMIT_ENDPOINTS_GROUPS } = rateLimitsMiddleware;`

addining gzip support to copyfrom 2018-05-11 19:33:54 +08:00			`const zlib = require('zlib');`
from var to const/let 2018-05-08 19:10:25 +08:00			`const PSQL = require('cartodb-psql');`
			`const copyTo = require('pg-copy-streams').to;`
			`const copyFrom = require('pg-copy-streams').from;`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00

removing unused dependencies 2018-05-04 21:35:23 +08:00			`function CopyController(metadataBackend, userDatabaseService, userLimitsService) {`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`this.metadataBackend = metadataBackend;`
			`this.userDatabaseService = userDatabaseService;`
			`this.userLimitsService = userLimitsService;`
			`}`

			`CopyController.prototype.route = function (app) {`
			`const { base_url } = global.settings;`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`const copyFromMiddlewares = endpointGroup => {`
			`return [`
CopyFrom works, but still needs a decent return payload and a lot of work on returning useful information for error cases (post empty input, db errors returned more nicely? etc) 2018-04-24 19:07:57 +08:00			`initializeProfilerMiddleware('copyfrom'),`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`userMiddleware(),`
			`rateLimitsMiddleware(this.userLimitsService, endpointGroup),`
			`authorizationMiddleware(this.metadataBackend),`
			`connectionParamsMiddleware(this.userDatabaseService),`
			`timeoutLimitsMiddleware(this.metadataBackend),`
			`this.handleCopyFrom.bind(this),`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00			`this.responseCopyFrom.bind(this),`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`errorMiddleware()`
			`];`
			`};`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
CopyFrom works, but still needs a decent return payload and a lot of work on returning useful information for error cases (post empty input, db errors returned more nicely? etc) 2018-04-24 19:07:57 +08:00			`const copyToMiddlewares = endpointGroup => {`
			`return [`
			`initializeProfilerMiddleware('copyto'),`
			`userMiddleware(),`
			`rateLimitsMiddleware(this.userLimitsService, endpointGroup),`
			`authorizationMiddleware(this.metadataBackend),`
			`connectionParamsMiddleware(this.userDatabaseService),`
			`timeoutLimitsMiddleware(this.metadataBackend),`
			`this.handleCopyTo.bind(this),`
			`errorMiddleware()`
			`];`
			`};`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00
adding new endpoints to rate limits 2018-05-04 00:50:13 +08:00			app.post(`${base_url}/sql/copyfrom`, copyFromMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.COPY_FROM));
			app.get(`${base_url}/sql/copyto`, copyToMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.COPY_TO));
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`};`

CopyFrom works, but still needs a decent return payload and a lot of work on returning useful information for error cases (post empty input, db errors returned more nicely? etc) 2018-04-24 19:07:57 +08:00			`CopyController.prototype.handleCopyTo = function (req, res, next) {`
jshinty happy 2018-05-11 20:51:43 +08:00			`const { sql } = req.query;`
			`const filename = req.query.filename \|\| 'carto-sql-copyto.dmp';`
moving copyto headers to correct position 2018-05-11 20:12:23 +08:00
refactoring handleCopyTo 2018-05-08 19:08:29 +08:00			`if (!sql) {`
Get working copyto implementation in place. Many test cases needed still and thoughts on how to communicate errors back that are maybe nicer than stack messages? 2018-04-24 21:55:20 +08:00			`throw new Error("Parameter 'sql' is missing");`
			`}`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
Get working copyto implementation in place. Many test cases needed still and thoughts on how to communicate errors back that are maybe nicer than stack messages? 2018-04-24 21:55:20 +08:00			`// Only accept SQL that starts with 'COPY'`
			`if (!sql.toUpperCase().startsWith("COPY ")) {`
			`throw new Error("SQL must start with COPY");`
			`}`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
			`try {`
Get working copyto implementation in place. Many test cases needed still and thoughts on how to communicate errors back that are maybe nicer than stack messages? 2018-04-24 21:55:20 +08:00			`// Open pgsql COPY pipe and stream out to HTTP response`
from var to const/let 2018-05-08 19:10:25 +08:00			`const pg = new PSQL(res.locals.userDbParams);`
refactoring handleCopyTo 2018-05-08 19:08:29 +08:00			`pg.connect(function (err, client) {`
			`if (err) {`
			`return next(err);`
			`}`

			`let copyToStream = copyTo(sql);`
			`const pgstream = client.query(copyToStream);`

Get working copyto implementation in place. Many test cases needed still and thoughts on how to communicate errors back that are maybe nicer than stack messages? 2018-04-24 21:55:20 +08:00			`res.on('error', next);`
			`pgstream.on('error', next);`
refactoring handleCopyTo 2018-05-08 19:08:29 +08:00			`pgstream.on('end', next);`
addining gzip support to copyfrom 2018-05-11 19:33:54 +08:00
moving copyto headers to correct position 2018-05-11 20:12:23 +08:00			res.setHeader("Content-Disposition", `attachment; filename=${encodeURIComponent(filename)}`);
			`res.setHeader("Content-Type", "application/octet-stream");`

Changes suggested by jshint 2018-04-26 16:04:38 +08:00			`pgstream.pipe(res);`
Get working copyto implementation in place. Many test cases needed still and thoughts on how to communicate errors back that are maybe nicer than stack messages? 2018-04-24 21:55:20 +08:00			`});`
			`} catch (err) {`
			`next(err);`
Working code for /copyfrom (streaming) and /copyto (streaming) 2018-04-26 00:37:04 +08:00			`}`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
Changes suggested by jshint 2018-04-26 16:04:38 +08:00			`};`
CopyFrom works, but still needs a decent return payload and a lot of work on returning useful information for error cases (post empty input, db errors returned more nicely? etc) 2018-04-24 19:07:57 +08:00
using Busboy instead of multer 2018-05-08 18:52:33 +08:00			`CopyController.prototype.handleCopyFrom = function (req, res, next) {`
validating inputs 2018-05-11 16:38:33 +08:00			`const { sql } = req.query;`

addining gzip support to copyfrom 2018-05-11 19:33:54 +08:00			`if (!sql) {`
validating inputs 2018-05-11 16:38:33 +08:00			`return next(new Error("Parameter 'sql' is missing, must be in URL or first field in POST"));`
			`}`
Change from form-multipart to POST with chunked upload 2018-05-11 03:11:55 +08:00
validating inputs 2018-05-11 16:38:33 +08:00			`// Only accept SQL that starts with 'COPY'`
			`if (!sql.toUpperCase().startsWith("COPY ")) {`
			`return next(new Error("SQL must start with COPY"));`
			`}`

Change from form-multipart to POST with chunked upload 2018-05-11 03:11:55 +08:00			`try {`
			`const start_time = Date.now();`

			`// Connect and run the COPY`
			`const pg = new PSQL(res.locals.userDbParams);`
			`pg.connect(function (err, client) {`
			`if (err) {`
			`return next(err);`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00			`}`
refactoring handleCopyTo 2018-05-08 19:08:29 +08:00
Change from form-multipart to POST with chunked upload 2018-05-11 03:11:55 +08:00			`let copyFromStream = copyFrom(sql);`
			`const pgstream = client.query(copyFromStream);`
			`pgstream.on('error', next);`
			`pgstream.on('end', function () {`
			`const end_time = Date.now();`
			`res.body = {`
			`time: (end_time - start_time) / 1000,`
			`total_rows: copyFromStream.rowCount`
			`};`

			`return next();`
			`});`
Changes suggested by jshint 2018-04-26 16:04:38 +08:00
addining gzip support to copyfrom 2018-05-11 19:33:54 +08:00			`if (req.get('content-encoding') === 'gzip') {`
			`req.pipe(zlib.createGunzip()).pipe(pgstream);`
			`} else {`
			`req.pipe(pgstream);`
			`}`
Change from form-multipart to POST with chunked upload 2018-05-11 03:11:55 +08:00			`});`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00
Change from form-multipart to POST with chunked upload 2018-05-11 03:11:55 +08:00			`} catch (err) {`
			`next(err);`
			`}`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
			`};`

			`CopyController.prototype.responseCopyFrom = function (req, res, next) {`
			`if (!res.body \|\| !res.body.total_rows) {`
			`return next(new Error("No rows copied"));`
More jshint changes 2018-04-26 16:20:21 +08:00			`}`
using Busboy instead of multer 2018-05-08 18:52:33 +08:00
			`res.send(res.body);`
Implementation including multer, custom storage engine, and pg-copy, but without turning over pg-copy, and demonstrating the missing 'sql' parameter in the custom storage engine. 2018-04-13 03:25:28 +08:00			`};`

adding /sql tro the endpoints 2018-05-04 00:31:49 +08:00			`module.exports = CopyController;`