CartoDB-SQL-API/app/controllers/app.js

// CartoDB SQL API
//
// all requests expect the following URL args:
// - `sql` {String} SQL to execute
//
// for private (read/write) queries:
// - OAuth. Must have proper OAuth 1.1 headers. For OAuth 1.1 spec see Google
//
// eg. /api/v1/?sql=SELECT 1 as one (with a load of OAuth headers or URL arguments)
//
// for public (read only) queries:
// - sql only, provided the subdomain exists in CartoDB and the table's sharing options are public
//
// eg. vizzuality.cartodb.com/api/v1/?sql=SELECT * from my_table

var express= require('express')
    , app    = express.createServer(
                express.logger({buffer:true,
                                format:'[:remote-addr :date] \033[90m:method\033[0m \033[36m:url\033[0m \033[90m:status :response-time ms -> :res[Content-Type]\033[0m'}))
    , Step   = require('step')
    , Meta   = require(global.settings.app_root + '/app/models/metadata')
    , oAuth  = require(global.settings.app_root + '/app/models/oauth')
    , PSQL   = require(global.settings.app_root + '/app/models/psql')
    , _      = require('underscore');

_.mixin(require('underscore.string'));
app.enable('jsonp callback');
app.get('/api/v1/', function(req, res){

    //sanitize input
    var sql       = req.query.sql;
    var database  = req.query.database; // deprecate this in future
    var limit     = parseInt(req.query.rows_per_page);
    var offset    = parseInt(req.query.page);
    var that      = this;

    sql       = (sql == "")      ? null : sql;
    database  = (database == "") ? null : database;
    limit     = (_.isNumber(limit))  ? limit : null;
    offset    = (_.isNumber(offset)) ? offset * limit : null;

    var start = new Date().getTime();

    try {
        if (!_.isString(sql)) throw new Error("You must indicate a sql query");
        var pg;

        // 1. Get database from redis via the username stored in the host header subdomain
        // 2. Run the request through OAuth to get R/W user id if signed
        // 3. Run query with r/w or public user
        // 4. package results and send back
        Step(
            function getDatabaseName(){
                Meta.getDatabase(req, this);
            },
            function setDBGetUser(err, data) {
                if (err) throw err;
                database = (data == "") ? null : data;
                oAuth.verifyRequest(req, this);
            },
            function querySql(err, user_id){
                if (err) throw err;
                pg = new PSQL(user_id, database, limit, offset);
                pg.query(sql, this);
            },
            function packageResults(err, result){
                if (err) throw err;
                var end = new Date().getTime();
                res.send({'time' : ((end - start)/1000),
                    'total_rows': result.rows.length,
                    'rows'      : result.rows});
            },
            function errorHandle(err, result){
                handleException(err, res);
            }
        );
    } catch (err) {
        handleException(err, res);
    }
});

function handleException(err, res){
    var msg = (global.settings.environment == 'development') ? {error:[err.message], stack: err.stack} : {error:[err.message]}
    // TODO: email this Exception report
    console.log("EXCEPTION REPORT")
    console.log(err.message);
    console.log(err.stack);
    res.send(msg, 400);
}

module.exports = app;
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`// CartoDB SQL API`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`//`
			`// all requests expect the following URL args:`
			// - `sql` {String} SQL to execute
			`//`
			`// for private (read/write) queries:`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`// - OAuth. Must have proper OAuth 1.1 headers. For OAuth 1.1 spec see Google`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`//`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`// eg. /api/v1/?sql=SELECT 1 as one (with a load of OAuth headers or URL arguments)`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`//`
			`// for public (read only) queries:`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`// - sql only, provided the subdomain exists in CartoDB and the table's sharing options are public`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`//`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`// eg. vizzuality.cartodb.com/api/v1/?sql=SELECT * from my_table`

			`var express= require('express')`
			`, app = express.createServer(`
			`express.logger({buffer:true,`
			`format:'[:remote-addr :date] \033[90m:method\033[0m \033[36m:url\033[0m \033[90m:status :response-time ms -> :res[Content-Type]\033[0m'}))`
			`, Step = require('step')`
			`, Meta = require(global.settings.app_root + '/app/models/metadata')`
			`, oAuth = require(global.settings.app_root + '/app/models/oauth')`
			`, PSQL = require(global.settings.app_root + '/app/models/psql')`
			`, _ = require('underscore');`

			`_.mixin(require('underscore.string'));`
			`app.enable('jsonp callback');`
Change request path from /v1 to /api/v1 2011-07-04 23:28:39 +08:00			`app.get('/api/v1/', function(req, res){`

added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`//sanitize input`
			`var sql = req.query.sql;`
			`var database = req.query.database; // deprecate this in future`
			`var limit = parseInt(req.query.rows_per_page);`
			`var offset = parseInt(req.query.page);`
			`var that = this;`

			`sql = (sql == "") ? null : sql;`
			`database = (database == "") ? null : database;`
			`limit = (_.isNumber(limit)) ? limit : null;`
			`offset = (_.isNumber(offset)) ? offset * limit : null;`

			`var start = new Date().getTime();`

			`try {`
			`if (!_.isString(sql)) throw new Error("You must indicate a sql query");`
			`var pg;`

			`// 1. Get database from redis via the username stored in the host header subdomain`
			`// 2. Run the request through OAuth to get R/W user id if signed`
			`// 3. Run query with r/w or public user`
			`// 4. package results and send back`
			`Step(`
			`function getDatabaseName(){`
			`Meta.getDatabase(req, this);`
			`},`
			`function setDBGetUser(err, data) {`
			`if (err) throw err;`
			`database = (data == "") ? null : data;`
			`oAuth.verifyRequest(req, this);`
			`},`
			`function querySql(err, user_id){`
			`if (err) throw err;`
			`pg = new PSQL(user_id, database, limit, offset);`
			`pg.query(sql, this);`
			`},`
			`function packageResults(err, result){`
			`if (err) throw err;`
			`var end = new Date().getTime();`
			`res.send({'time' : ((end - start)/1000),`
			`'total_rows': result.rows.length,`
			`'rows' : result.rows});`
			`},`
			`function errorHandle(err, result){`
			`handleException(err, res);`
			`}`
			`);`
			`} catch (err) {`
further fixes for public 2011-08-18 01:42:19 +08:00			`handleException(err, res);`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`}`
first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 11:23:02 +08:00			`});`

added true oauth to application. got rid of bogus 2011-08-18 00:27:45 +08:00			`function handleException(err, res){`
added ability to query user metadata Redis data for database name from the request host 2011-08-24 04:42:27 +08:00			`var msg = (global.settings.environment == 'development') ? {error:[err.message], stack: err.stack} : {error:[err.message]}`
			`// TODO: email this Exception report`
			`console.log("EXCEPTION REPORT")`
			`console.log(err.message);`
			`console.log(err.stack);`
			`res.send(msg, 400);`
remove args trim (broken for some reason) and funcionise exception handler 2011-06-13 20:07:21 +08:00			`}`

oauth 2011-06-20 21:39:12 +08:00			`module.exports = app;`