2011-08-25 03:47:10 +08:00
/ * *
*
* Requires the database and tables setup in config / environments / test . js to exist
* Ensure the user is present in the pgbouncer auth file too
* TODO : Add OAuth tests .
*
* To run this test , ensure that cartodb _test _user _1 _db metadata exists in Redis for the vizziality . cartodb . com domain
*
* SELECT 5
* HSET rails : users : vizzuality id 1
* HSET rails : users : vizzuality database _name cartodb _dev _user _1 _db
*
* /
2011-06-13 11:23:02 +08:00
require ( '../helper' ) ;
2012-07-13 04:54:12 +08:00
require ( '../support/assert' ) ;
2011-09-07 19:05:10 +08:00
2012-11-12 19:37:34 +08:00
2011-08-25 03:47:10 +08:00
var app = require ( global . settings . app _root + '/app/controllers/app' )
, assert = require ( 'assert' )
2012-09-17 17:50:19 +08:00
, querystring = require ( 'querystring' )
2012-11-12 19:37:34 +08:00
, _ = require ( 'underscore' )
, zipfile = require ( 'zipfile' )
, fs = require ( 'fs' )
2012-11-13 00:10:16 +08:00
, libxmljs = require ( 'libxmljs' )
2013-04-09 17:49:05 +08:00
, Step = require ( 'step' )
2012-11-12 19:37:34 +08:00
;
2011-06-13 11:23:02 +08:00
2012-03-16 20:50:07 +08:00
// allow lots of emitters to be set to silence warning
app . setMaxListeners ( 0 ) ;
2012-07-13 04:54:12 +08:00
suite ( 'app.test' , function ( ) {
2012-10-15 19:20:37 +08:00
var expected _cache _control = 'no-cache,max-age=3600,must-revalidate,public' ;
2012-11-13 02:14:20 +08:00
var expected _cache _control _persist = 'public,max-age=31536000' ;
2011-06-20 21:39:12 +08:00
2012-07-13 04:54:12 +08:00
// use dec_sep for internationalization
var checkDecimals = function ( x , dec _sep ) {
2012-07-13 17:11:30 +08:00
var tmp = '' + x ;
2012-07-13 04:54:12 +08:00
if ( tmp . indexOf ( dec _sep ) > - 1 )
return tmp . length - tmp . indexOf ( dec _sep ) - 1 ;
else
return 0 ;
}
2011-10-05 23:49:54 +08:00
2012-07-16 23:16:28 +08:00
test ( 'GET /api/v1/sql' , function ( done ) {
2011-08-25 03:47:10 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : '/api/v1/sql' ,
2011-08-25 03:47:10 +08:00
method : 'GET'
} , {
2011-11-22 08:06:14 +08:00
status : 400
2012-07-16 23:16:28 +08:00
} , function ( res ) {
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2012-07-16 23:16:28 +08:00
assert . deepEqual ( JSON . parse ( res . body ) , { "error" : [ "You must indicate a sql query" ] } ) ;
done ( ) ;
2011-08-25 03:47:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-06-10 00:34:02 +08:00
2011-10-05 23:49:54 +08:00
2012-07-13 17:01:32 +08:00
test ( 'GET /api/v1/sql with SQL parameter on SELECT only. No oAuth included ' , function ( done ) {
2011-08-25 03:47:10 +08:00
assert . response ( app , {
2011-10-05 23:49:54 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&database=cartodb_test_user_1_db' ,
2011-08-25 03:47:10 +08:00
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
2012-10-15 19:20:37 +08:00
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
2012-07-13 17:01:32 +08:00
done ( ) ;
2011-08-25 03:47:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-08-18 00:27:45 +08:00
2012-11-13 02:14:20 +08:00
test ( 'cache_policy=persist' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&database=cartodb_test_user_1_db&cache_policy=persist' ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control _persist ) ;
done ( ) ;
} ) ;
} ) ;
2012-07-13 17:01:32 +08:00
test ( 'GET /api/v1/sql with SQL parameter on SELECT only. no database param, just id using headers' , function ( done ) {
2011-08-25 03:47:10 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4' ,
2011-08-25 03:47:10 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
done ( ) ;
2011-08-25 03:47:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-08-25 03:47:10 +08:00
2012-10-15 19:20:37 +08:00
test ( 'GET /api/v1/sql with SQL parameter on SELECT only. no database param, just id using headers. Authenticated.' ,
function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20cartodb_id*2%20FROM%20untitle_table_4&api_key=1234' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
2013-02-18 23:14:15 +08:00
// Test for https://github.com/Vizzuality/CartoDB-SQL-API/issues/85
test ( "paging doesn't break x-cache-channel" ,
function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?' + querystring . stringify ( {
q : 'SELECT cartodb_id*3 FROM untitle_table_4' ,
api _key : '1234' ,
rows _per _page : 1 ,
page : 2
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
done ( ) ;
} ) ;
} ) ;
2011-10-05 23:49:54 +08:00
2012-07-13 17:01:32 +08:00
test ( 'POST /api/v1/sql with SQL parameter on SELECT only. no database param, just id using headers' , function ( done ) {
2011-09-07 19:05:10 +08:00
assert . response ( app , {
url : '/api/v1/sql' ,
data : querystring . stringify ( { q : "SELECT * FROM untitle_table_4" } ) ,
headers : { host : 'vizzuality.cartodb.com' , 'Content-Type' : 'application/x-www-form-urlencoded' } ,
method : 'POST'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
done ( ) ;
2011-09-07 19:05:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-09-07 19:05:10 +08:00
2013-02-13 20:32:34 +08:00
test ( 'GET /api/v1/sql with INSERT. oAuth not used, so public user - should fail' , function ( done ) {
2011-08-25 03:47:10 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : "/api/v1/sql?q=INSERT%20INTO%20untitle_table_4%20(id)%20VALUES%20(1)&database=cartodb_dev_user_1_db" ,
2011-08-25 03:47:10 +08:00
method : 'GET'
} , {
2013-02-13 20:32:34 +08:00
} , function ( res ) {
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
assert . deepEqual ( JSON . parse ( res . body ) ,
// FIXME: doesn't look like this is what the test subject wants to test...
{ "error" : [ "relation \"untitle_table_4\" does not exist" ] }
) ;
done ( ) ;
2011-08-25 03:47:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-08-18 00:27:45 +08:00
2013-02-13 20:32:34 +08:00
test ( 'GET /api/v1/sql with DROP TABlE. oAuth not used, so public user - should fail' , function ( done ) {
2011-06-21 00:03:29 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : "/api/v1/sql?q=DROP%20TABLE%20untitle_table_4&database=cartodb_dev_user_1_db" ,
2011-08-25 03:47:10 +08:00
method : 'GET'
2011-06-21 00:03:29 +08:00
} , {
2013-02-13 20:32:34 +08:00
} , function ( res ) {
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
assert . deepEqual ( JSON . parse ( res . body ) ,
// FIXME: doesn't look like this is what the test subject wants to test...
{ "error" : [ "table \"untitle_table_4\" does not exist" ] }
) ;
done ( ) ;
2011-06-21 00:03:29 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-08-25 03:47:10 +08:00
2013-02-13 20:32:34 +08:00
// FIXME: Duplicated test, drop
test ( 'GET /api/v1/sql with INSERT. header based db - should fail' , function ( ) {
2011-06-21 00:22:46 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : "/api/v1/sql?q=INSERT%20INTO%20untitle_table_4%20(id)%20VALUES%20(1)" ,
2011-08-25 03:47:10 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2011-06-21 00:22:46 +08:00
} , {
2011-11-22 08:06:14 +08:00
status : 400
2011-06-21 00:22:46 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-08-25 03:47:10 +08:00
2012-09-17 22:56:25 +08:00
// Check results from INSERT
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/13
test ( 'INSERT returns affected rows' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"INSERT INTO private_table(name) VALUES('noret1') UNION VALUES('noret2')"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 2 ) ;
assert . equal ( out . rows . length , 0 ) ;
2012-10-15 19:20:37 +08:00
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
2012-09-17 22:56:25 +08:00
done ( ) ;
} ) ;
} ) ;
// Check results from UPDATE
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/13
test ( 'UPDATE returns affected rows' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"UPDATE private_table SET name = upper(name) WHERE name in ('noret1', 'noret2')"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 2 ) ;
assert . equal ( out . rows . length , 0 ) ;
2012-10-15 19:20:37 +08:00
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
2012-09-17 22:56:25 +08:00
done ( ) ;
} ) ;
} ) ;
// Check results from DELETE
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/13
test ( 'DELETE returns affected rows' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"DELETE FROM private_table WHERE name in ('NORET1', 'NORET2')"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 2 ) ;
assert . equal ( out . rows . length , 0 ) ;
2012-10-15 19:20:37 +08:00
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
2012-09-17 22:56:25 +08:00
done ( ) ;
} ) ;
} ) ;
2012-09-17 17:50:19 +08:00
// Check results from INSERT .. RETURNING
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/50
test ( 'INSERT with RETURNING returns all results' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"INSERT INTO private_table(name) VALUES('test') RETURNING upper(name), reverse(name)"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 1 ) ;
assert . equal ( out . rows . length , 1 ) ;
assert . equal ( _ . keys ( out . rows [ 0 ] ) . length , 2 ) ;
assert . equal ( out . rows [ 0 ] . upper , 'TEST' ) ;
assert . equal ( out . rows [ 0 ] . reverse , 'tset' ) ;
done ( ) ;
} ) ;
} ) ;
// Check results from UPDATE .. RETURNING
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/50
test ( 'UPDATE with RETURNING returns all results' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"UPDATE private_table SET name = 'tost' WHERE name = 'test' RETURNING upper(name), reverse(name)"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 1 ) ;
assert . equal ( out . rows . length , 1 ) ;
assert . equal ( _ . keys ( out . rows [ 0 ] ) . length , 2 ) ;
assert . equal ( out . rows [ 0 ] . upper , 'TOST' ) ;
assert . equal ( out . rows [ 0 ] . reverse , 'tsot' ) ;
done ( ) ;
} ) ;
} ) ;
2012-09-17 22:50:15 +08:00
// Check results from DELETE .. RETURNING
//
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/50
test ( 'DELETE with RETURNING returns all results' , function ( done ) {
assert . response ( app , {
// view prepare_db.sh to see where to set api_key
url : "/api/v1/sql?api_key=1234&"
+ querystring . stringify ( { q :
"DELETE FROM private_table WHERE name = 'tost' RETURNING name"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 1 ) ;
assert . equal ( out . rows . length , 1 ) ;
assert . equal ( _ . keys ( out . rows [ 0 ] ) . length , 1 ) ;
assert . equal ( out . rows [ 0 ] . name , 'tost' ) ;
done ( ) ;
} ) ;
} ) ;
2013-02-13 20:32:34 +08:00
test ( 'GET /api/v1/sql with SQL parameter on DROP TABLE. should fail' , function ( done ) {
2011-08-25 03:47:10 +08:00
assert . response ( app , {
2011-09-07 19:05:10 +08:00
url : "/api/v1/sql?q=DROP%20TABLE%20untitle_table_4" ,
2011-08-25 03:47:10 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2013-02-13 20:32:34 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
assert . deepEqual ( JSON . parse ( res . body ) ,
{ "error" : [ "must be owner of relation untitle_table_4" ] }
) ;
done ( ) ;
2011-08-25 03:47:10 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-10-05 23:49:54 +08:00
2012-10-15 19:20:37 +08:00
test ( 'CREATE TABLE with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
2012-10-15 19:40:04 +08:00
q : 'CREATE TABLE test_table(a int)' ,
2012-10-15 19:20:37 +08:00
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
2013-01-17 16:59:48 +08:00
// Test effects of COPY
// See https://github.com/Vizzuality/cartodb-management/issues/1502
test ( 'COPY TABLE with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : 'COPY test_table FROM stdin;' ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
// We expect a problem, actually
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2013-01-17 16:59:48 +08:00
assert . deepEqual ( JSON . parse ( res . body ) , { "error" : [ "COPY from stdin failed: No source stream defined" ] } ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-15 19:20:37 +08:00
2013-01-22 00:39:07 +08:00
test ( 'COPY TABLE with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : "COPY test_table to '/tmp/x';" ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
// We expect a problem, actually
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2013-01-22 00:39:07 +08:00
assert . deepEqual ( JSON . parse ( res . body ) , { "error" : [ "must be superuser to COPY to or from a file" ] } ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-15 19:40:04 +08:00
test ( 'ALTER TABLE with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : 'ALTER TABLE test_table ADD b int' ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
2013-02-19 01:39:09 +08:00
test ( 'multistatement insert, alter, select, begin, commit' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : 'BEGIN; DELETE FROM test_table; COMMIT; BEGIN; INSERT INTO test_table(b) values (5); COMMIT; ALTER TABLE test_table ALTER b TYPE float USING b::float/2; SELECT b FROM test_table; COMMIT;' ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var parsedBody = JSON . parse ( res . body ) ;
assert . equal ( parsedBody . total _rows , 1 ) ;
assert . deepEqual ( parsedBody . rows [ 0 ] , { b : 2.5 } ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-15 19:20:37 +08:00
test ( 'DROP TABLE with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
2012-10-15 19:40:04 +08:00
q : 'DROP TABLE test_table' ,
2012-10-15 19:20:37 +08:00
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
test ( 'CREATE FUNCTION with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : 'CREATE FUNCTION create_func_test(a int) RETURNS INT AS \'SELECT 1\' LANGUAGE \'sql\'' ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
test ( 'DROP FUNCTION with GET and auth' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?" + querystring . stringify ( {
q : 'DROP FUNCTION create_func_test(a int)' ,
api _key : 1234
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'NONE' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'sends a 400 when an unsupported format is requested' , function ( done ) {
2011-10-28 19:11:18 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=unknown' ,
2012-10-12 17:42:03 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
2012-10-25 19:34:06 +08:00
assert . equal ( res . statusCode , 400 , res . body ) ;
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2012-10-25 19:34:06 +08:00
assert . deepEqual ( JSON . parse ( res . body ) , { "error" : [ "Invalid format: unknown" ] } ) ;
2012-10-12 17:42:03 +08:00
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'GET /api/v1/sql with SQL parameter and no format, ensuring content-disposition set to json' , function ( done ) {
2012-10-12 17:42:03 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4' ,
2011-10-28 19:11:18 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
2012-11-13 02:44:16 +08:00
var ct = res . header ( 'Content-Type' ) ;
assert . ok ( /json/ . test ( ct ) , 'Default format is not JSON: ' + ct ) ;
2011-10-28 19:11:18 +08:00
var cd = res . header ( 'Content-Disposition' ) ;
2012-11-13 02:44:16 +08:00
assert . equal ( true , /^inline/ . test ( cd ) , 'Default format is not disposed inline: ' + cd ) ;
2012-11-12 19:37:34 +08:00
assert . equal ( true , /filename=cartodb-query.json/gi . test ( cd ) , 'Unexpected JSON filename: ' + cd ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2011-10-28 19:11:18 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-10-28 19:11:18 +08:00
2012-11-14 02:26:36 +08:00
test ( 'POST /api/v1/sql with SQL parameter and no format, ensuring content-disposition set to json' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql' ,
data : querystring . stringify ( { q : "SELECT * FROM untitle_table_4" } ) ,
headers : { host : 'vizzuality.cartodb.com' , 'Content-Type' : 'application/x-www-form-urlencoded' } ,
method : 'POST'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var ct = res . header ( 'Content-Type' ) ;
assert . ok ( /json/ . test ( ct ) , 'Default format is not JSON: ' + ct ) ;
var cd = res . header ( 'Content-Disposition' ) ;
2012-11-14 23:30:18 +08:00
assert . equal ( true , /^inline/ . test ( cd ) , 'Default format is not disposed inline: ' + cd ) ;
2012-11-14 02:26:36 +08:00
assert . equal ( true , /filename=cartodb-query.json/gi . test ( cd ) , 'Unexpected JSON filename: ' + cd ) ;
done ( ) ;
} ) ;
} ) ;
2012-11-13 02:44:16 +08:00
test ( 'GET /api/v1/sql with SQL parameter and no format, but a filename' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&filename=x' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var ct = res . header ( 'Content-Type' ) ;
assert . ok ( /json/ . test ( ct ) , 'Default format is not JSON: ' + ct ) ;
var cd = res . header ( 'Content-Disposition' ) ;
assert . equal ( true , /^attachment/ . test ( cd ) , 'Format with filename is not disposed as attachment: ' + cd ) ;
assert . equal ( true , /filename=x.json/gi . test ( cd ) , 'Unexpected JSON filename: ' + cd ) ;
done ( ) ;
} ) ;
} ) ;
2012-11-13 00:10:16 +08:00
test ( 'field named "the_geom_webmercator" is not skipped by default' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var row0 = JSON . parse ( res . body ) . rows [ 0 ] ;
var checkfields = { 'name' : 1 , 'cartodb_id' : 1 , 'the_geom' : 1 , 'the_geom_webmercator' : 1 } ;
for ( var f in checkfields ) {
if ( checkfields [ f ] ) {
assert . ok ( row0 . hasOwnProperty ( f ) , "result does not include '" + f + "'" ) ;
} else {
assert . ok ( ! row0 . hasOwnProperty ( f ) , "result includes '" + f + "'" ) ;
}
}
done ( ) ;
} ) ;
} ) ;
test ( 'skipfields controls included fields' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&skipfields=the_geom_webmercator,cartodb_id,unexistant' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var row0 = JSON . parse ( res . body ) . rows [ 0 ] ;
var checkfields = { 'name' : 1 , 'cartodb_id' : 0 , 'the_geom' : 1 , 'the_geom_webmercator' : 0 } ;
for ( var f in checkfields ) {
if ( checkfields [ f ] ) {
assert . ok ( row0 . hasOwnProperty ( f ) , "result does not include '" + f + "'" ) ;
} else {
assert . ok ( ! row0 . hasOwnProperty ( f ) , "result includes '" + f + "'" ) ;
}
}
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'GET /api/v1/sql ensure cross domain set on errors' , function ( done ) {
2012-10-12 18:17:35 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?q=SELECT%20*gadfgadfg%20FROM%20untitle_table_4' ,
2012-10-12 18:17:35 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-10-25 19:34:06 +08:00
} , {
status : 400
} , function ( res ) {
var cd = res . header ( 'Access-Control-Allow-Origin' ) ;
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2012-10-25 19:34:06 +08:00
assert . equal ( cd , '*' ) ;
2012-10-12 18:17:35 +08:00
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'cannot GET system tables' , function ( done ) {
2013-04-09 17:49:05 +08:00
var req = { headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET' } ;
var pre = '/api/v1/sql?' ;
Step (
function trySysTable1 ( ) {
req . url = pre + querystring . stringify ( { q : 'SELECT * FROM pg_attribute' } ) ;
var next = this ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
function chkSysTable1 _trySysTable2 ( err , res ) {
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
req . url = pre + querystring . stringify ( { q : 'SELECT * FROM PG_attribute' } ) ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
function chkSysTable2 _trySysTable3 ( err , res ) {
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
req . url = pre + querystring . stringify ( { q : 'SELECT * FROM "pg_attribute"' } ) ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
2013-04-09 18:20:27 +08:00
function chkSysTable3 _trySysTable4 ( err , res ) {
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
req . url = pre + querystring . stringify ( { q : 'SELECT a.* FROM untitle_table_4 a,pg_attribute' } ) ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
function chkSysTable4 _trySet1 ( err , res ) {
2013-04-09 17:49:05 +08:00
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
req . url = pre + querystring . stringify ( { q : ' set statement_timeout TO 400' } ) ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
function chkSet1 _trySet2 ( err , res ) {
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
req . url = pre + querystring . stringify ( { q : ' SET work_mem TO 80000' } ) ;
assert . response ( app , req , function ( res ) { next ( null , res ) ; } ) ;
} ,
function chkSet2 ( err , res ) {
if ( err ) throw err ;
var next = this ;
assert . equal ( res . statusCode , 403 ) ;
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
// TODO: check actual error message...
return true ;
} ,
function finish ( err ) {
done ( err ) ;
}
) ;
2012-09-11 18:22:27 +08:00
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'GET decent error if domain is incorrect' , function ( done ) {
2012-09-11 18:22:27 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=geojson' ,
headers : { host : 'vizzualinot.cartodb.com' } ,
2012-09-11 18:22:27 +08:00
method : 'GET'
2012-10-25 19:34:06 +08:00
} , {
status : 404
} , function ( res ) {
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2012-10-25 19:34:06 +08:00
var result = JSON . parse ( res . body ) ;
assert . equal ( result . error [ 0 ] , "Sorry, we can't find this CartoDB. Please check that you have entered the correct domain." ) ;
2012-09-11 18:22:27 +08:00
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'GET decent error if SQL is broken' , function ( done ) {
2012-09-11 18:22:27 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?' + querystring . stringify ( { q :
'SELECT star FROM this and that'
} ) ,
2012-09-11 18:22:27 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-10-25 19:34:06 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 400 , res . statusCode + ': ' + res . body ) ;
2013-02-13 20:32:34 +08:00
assert . deepEqual ( res . headers [ 'content-type' ] , 'application/json; charset=utf-8' ) ;
assert . deepEqual ( res . headers [ 'content-disposition' ] , 'inline' ) ;
2012-10-25 19:34:06 +08:00
var result = JSON . parse ( res . body ) ;
// NOTE: actual error message may be slighly different, possibly worth a regexp here
assert . equal ( result . error [ 0 ] , 'syntax error at or near "and"' ) ;
done ( ) ;
2012-09-11 18:22:27 +08:00
} ) ;
} ) ;
2013-03-14 18:41:07 +08:00
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/88
test ( 'numeric arrays are rendered as such' , function ( done ) {
assert . response ( app , {
url : "/api/v1/sql?"
+ querystring . stringify ( { q :
"SELECT ARRAY[8.7,4.3]::numeric[] as x"
} ) ,
headers : { host : 'vizzuality.localhost.lan:8080' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . statusCode + ': ' + res . body ) ;
var out = JSON . parse ( res . body ) ;
assert . ok ( out . hasOwnProperty ( 'time' ) ) ;
assert . equal ( out . total _rows , 1 ) ;
assert . equal ( out . rows . length , 1 ) ;
assert . ok ( out . rows [ 0 ] . hasOwnProperty ( 'x' ) ) ;
assert . equal ( out . rows [ 0 ] . x . length , 2 ) ;
assert . equal ( out . rows [ 0 ] . x [ 0 ] , '8.7' ) ;
assert . equal ( out . rows [ 0 ] . x [ 1 ] , '4.3' ) ;
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:' ) ; // keep forever
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
// GEOJSON tests
test ( 'GET /api/v1/sql with SQL parameter and geojson format, ensuring content-disposition set to geojson' , function ( done ) {
2011-10-28 19:11:18 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=geojson' ,
2011-10-28 19:11:18 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
2011-10-28 19:11:18 +08:00
var cd = res . header ( 'Content-Disposition' ) ;
2012-10-25 19:34:06 +08:00
assert . equal ( true , /^attachment/ . test ( cd ) , 'GEOJSON is not disposed as attachment: ' + cd ) ;
assert . equal ( true , /filename=cartodb-query.geojson/gi . test ( cd ) ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2011-10-28 19:11:18 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-11-09 07:35:59 +08:00
2012-11-14 02:26:36 +08:00
test ( 'POST /api/v1/sql with SQL parameter and geojson format, ensuring content-disposition set to geojson' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql' ,
data : querystring . stringify ( { q : "SELECT * FROM untitle_table_4" , format : 'geojson' } ) ,
headers : { host : 'vizzuality.cartodb.com' , 'Content-Type' : 'application/x-www-form-urlencoded' } ,
method : 'POST'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var cd = res . header ( 'Content-Disposition' ) ;
assert . equal ( true , /^attachment/ . test ( cd ) , 'GEOJSON is not disposed as attachment: ' + cd ) ;
assert . equal ( true , /filename=cartodb-query.geojson/gi . test ( cd ) ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
test ( 'uses the last format parameter when multiple are used' , function ( done ) {
2012-04-13 07:30:45 +08:00
assert . response ( app , {
2012-10-25 19:34:06 +08:00
url : '/api/v1/sql?format=csv&q=SELECT%20*%20FROM%20untitle_table_4&format=geojson' ,
2012-04-13 07:30:45 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-10-25 19:34:06 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var cd = res . header ( 'Content-Disposition' ) ;
assert . equal ( true , /filename=cartodb-query.geojson/gi . test ( cd ) ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2012-04-13 07:30:45 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2012-04-13 07:30:45 +08:00
2012-11-12 19:37:34 +08:00
test ( 'uses custom filename' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=geojson&filename=x' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var cd = res . header ( 'Content-Disposition' ) ;
assert . equal ( true , /filename=x.geojson/gi . test ( cd ) , cd ) ;
done ( ) ;
} ) ;
} ) ;
2012-11-13 00:10:16 +08:00
test ( 'does not include the_geom and the_geom_webmercator properties by default' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=geojson' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var parsed _body = JSON . parse ( res . body ) ;
var row0 = parsed _body . features [ 0 ] . properties ;
var checkfields = { 'name' : 1 , 'cartodb_id' : 1 , 'the_geom' : 0 , 'the_geom_webmercator' : 0 } ;
for ( var f in checkfields ) {
if ( checkfields [ f ] ) {
assert . ok ( row0 . hasOwnProperty ( f ) , "result does not include '" + f + "'" ) ;
} else {
assert . ok ( ! row0 . hasOwnProperty ( f ) , "result includes '" + f + "'" ) ;
}
}
done ( ) ;
} ) ;
} ) ;
test ( 'skipfields controls fields included in GeoJSON output' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&format=geojson&skipfields=unexistant,cartodb_id' ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var parsed _body = JSON . parse ( res . body ) ;
var row0 = parsed _body . features [ 0 ] . properties ;
var checkfields = { 'name' : 1 , 'cartodb_id' : 0 , 'the_geom' : 0 , 'the_geom_webmercator' : 0 } ;
for ( var f in checkfields ) {
if ( checkfields [ f ] ) {
assert . ok ( row0 . hasOwnProperty ( f ) , "result does not include '" + f + "'" ) ;
} else {
assert . ok ( ! row0 . hasOwnProperty ( f ) , "result includes '" + f + "'" ) ;
}
}
done ( ) ;
} ) ;
} ) ;
2012-10-25 19:34:06 +08:00
2012-07-13 04:54:12 +08:00
test ( 'GET /api/v1/sql as geojson limiting decimal places' , function ( done ) {
2011-11-09 07:35:59 +08:00
assert . response ( app , {
2012-10-18 17:32:08 +08:00
url : '/api/v1/sql?' + querystring . stringify ( {
q : 'SELECT ST_MakePoint(0.123,2.3456) as the_geom' ,
format : 'geojson' ,
dp : '1' } ) ,
2011-11-09 07:35:59 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
2011-11-09 07:35:59 +08:00
var result = JSON . parse ( res . body ) ;
assert . equal ( 1 , checkDecimals ( result . features [ 0 ] . geometry . coordinates [ 0 ] , '.' ) ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2011-11-09 07:35:59 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2011-11-09 07:35:59 +08:00
2012-07-13 04:54:12 +08:00
test ( 'GET /api/v1/sql as geojson with default dp as 6' , function ( done ) {
2012-06-07 01:57:50 +08:00
assert . response ( app , {
2012-10-18 17:32:08 +08:00
url : '/api/v1/sql?' + querystring . stringify ( {
q : 'SELECT ST_MakePoint(0.12345678,2.3456787654) as the_geom' ,
format : 'geojson' } ) ,
2012-06-07 01:57:50 +08:00
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
2012-07-13 17:01:32 +08:00
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
2012-06-07 01:57:50 +08:00
var result = JSON . parse ( res . body ) ;
assert . equal ( 6 , checkDecimals ( result . features [ 0 ] . geometry . coordinates [ 0 ] , '.' ) ) ;
2012-07-13 04:54:12 +08:00
done ( ) ;
2012-06-07 01:57:50 +08:00
} ) ;
2012-07-13 04:54:12 +08:00
} ) ;
2012-06-07 01:57:50 +08:00
2013-01-12 01:57:45 +08:00
test ( 'null geometries in geojson output' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?' + querystring . stringify ( {
q : "SELECT 1 as gid, 'U' as name, null::geometry as the_geom " ,
format : 'geojson'
} ) ,
headers : { host : 'vizzuality.cartodb.com' } ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
var cd = res . header ( 'Content-Disposition' ) ;
assert . equal ( true , /^attachment/ . test ( cd ) , 'GEOJSON is not disposed as attachment: ' + cd ) ;
assert . equal ( true , /filename=cartodb-query.geojson/gi . test ( cd ) ) ;
var gjson = JSON . parse ( res . body ) ;
var expected = {
type : 'FeatureCollection' ,
features : [ { type : 'Feature' ,
properties : { gid : 1 , name : 'U' } ,
geometry : null } ]
} ;
assert . deepEqual ( gjson , expected ) ;
done ( ) ;
} ) ;
} ) ;
2012-11-01 20:16:46 +08:00
/ * *
* CORS
* /
test ( 'GET /api/v1/sql with SQL parameter on SELECT only should return CORS headers ' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&database=cartodb_test_user_1_db' ,
method : 'GET'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
assert . equal ( res . headers [ 'access-control-allow-origin' ] , '*' ) ;
assert . equal ( res . headers [ 'access-control-allow-headers' ] , "X-Requested-With, X-Prototype-Version, X-CSRF-Token" ) ;
done ( ) ;
} ) ;
} ) ;
test ( 'OPTIONS /api/v1/sql with SQL parameter on SELECT only should return CORS headers ' , function ( done ) {
assert . response ( app , {
url : '/api/v1/sql?q=SELECT%20*%20FROM%20untitle_table_4&database=cartodb_test_user_1_db' ,
method : 'OPTIONS'
} , { } , function ( res ) {
assert . equal ( res . statusCode , 200 , res . body ) ;
// Check cache headers
// See https://github.com/Vizzuality/CartoDB-SQL-API/issues/43
assert . equal ( res . headers [ 'x-cache-channel' ] , 'cartodb_test_user_1_db:untitle_table_4' ) ;
assert . equal ( res . headers [ 'cache-control' ] , expected _cache _control ) ;
assert . equal ( res . headers [ 'access-control-allow-origin' ] , '*' ) ;
assert . equal ( res . headers [ 'access-control-allow-headers' ] , "X-Requested-With, X-Prototype-Version, X-CSRF-Token" ) ;
done ( ) ;
} ) ;
} ) ;
2012-10-25 18:38:45 +08:00
2012-07-13 04:54:12 +08:00
} ) ;