CartoDB-SQL-API/app/services/user_database_service.js

const _ = require('underscore');

function isApiKeyFound(apikey) {
    return apikey.type !== null &&
        apikey.user !== null &&
        apikey.databasePassword !== null &&
        apikey.databaseRole !== null;
}

function UserDatabaseService(metadataBackend) {
    this.metadataBackend = metadataBackend;
}

function errorUserNotFoundMessageTemplate (user) {
    return `Sorry, we can't find CARTO user '${user}'. Please check that you have entered the correct domain.`;
}

/**
 * Callback is invoked with `dbParams` and `authDbParams`.
 * `dbParams` depends on AuthApi verification so it might return a public user with just SELECT permission, where
 * `authDbParams` will always return connection params as AuthApi had authorized the connection.
 * That might be useful when you have to run a query with and without permissions.
 *
 * @param {AuthApi} authApi
 * @param {String} cdbUsername
 * @param {Function} callback (err, dbParams, authDbParams)
 */
UserDatabaseService.prototype.getConnectionParams = function (username, apikeyToken, authenticated, callback) {
    this.metadataBackend.getAllUserDBParams(username, (err, dbParams) => {
        if (err) {
            err.http_status = 404;
            err.message = errorUserNotFoundMessageTemplate(username);

            return callback(err);
        }

        const dbopts = {
            port: global.settings.db_port,
            host: dbParams.dbhost,
            dbname: dbParams.dbname,
        };

        this.metadataBackend.getApikey(username, apikeyToken, (err, apikey) => {
            if (err) {
                err.http_status = 404;
                err.message = errorUserNotFoundMessageTemplate(username);

                return callback(err);
            }

            if (!isApiKeyFound(apikey)) {
                const apiKeyNotFoundError = new Error('Unauthorized');
                apiKeyNotFoundError.type = 'auth';
                apiKeyNotFoundError.subtype = 'api-key-not-found';
                apiKeyNotFoundError.http_status = 401;

                return callback(apiKeyNotFoundError);  
            }

            dbopts.user = apikey.databaseRole;
            dbopts.pass = apikey.databasePassword;

            this.metadataBackend.getMasterApikey(username, (err, masterApikey) => {
                if (err) {
                    err.http_status = 404;
                    err.message = errorUserNotFoundMessageTemplate(username);

                    return callback(err);
                }

                if (!isApiKeyFound(apikey)) {
                    const apiKeyNotFoundError = new Error('Unauthorized');
                    apiKeyNotFoundError.type = 'auth';
                    apiKeyNotFoundError.subtype = 'api-key-not-found';
                    apiKeyNotFoundError.http_status = 401;

                    return callback(apiKeyNotFoundError);  
                }

                dbopts.user = apikey.databaseRole;
                dbopts.pass = apikey.databasePassword;

                const authDbOpts = _.defaults({ 
                    user: masterApikey.databaseRole, 
                    pass: masterApikey.databasePassword }, 
                dbopts);

                callback(null, dbopts, authDbOpts);
            });

        });
    });
};

module.exports = UserDatabaseService;
Apply some ES6 goodies 2018-02-23 00:35:03 +08:00			`const _ = require('underscore');`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Implement fallback mechanism to be able to authenticate as usual in case of apikey is not found 2018-02-14 23:22:36 +08:00			`function isApiKeyFound(apikey) {`
Use current implementation of cartodb-redis 2018-02-12 23:41:35 +08:00			`return apikey.type !== null &&`
			`apikey.user !== null &&`
			`apikey.databasePassword !== null &&`
			`apikey.databaseRole !== null;`
			`}`

Refactored user database service ans updated controllers to use it. 2016-01-21 23:17:17 +08:00			`function UserDatabaseService(metadataBackend) {`
			`this.metadataBackend = metadataBackend;`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`}`

Template for User not found error 2018-02-23 00:49:02 +08:00			`function errorUserNotFoundMessageTemplate (user) {`
			return `Sorry, we can't find CARTO user '${user}'. Please check that you have entered the correct domain.`;
			`}`

Adds documentation about values passed over callback in getConnectionParams 2016-01-28 21:25:03 +08:00			`/**`
			* Callback is invoked with `dbParams` and `authDbParams`.
			* `dbParams` depends on AuthApi verification so it might return a public user with just SELECT permission, where
			* `authDbParams` will always return connection params as AuthApi had authorized the connection.
			`* That might be useful when you have to run a query with and without permissions.`
			`*`
			`* @param {AuthApi} authApi`
			`* @param {String} cdbUsername`
			`* @param {Function} callback (err, dbParams, authDbParams)`
			`*/`
Template for User not found error 2018-02-23 00:49:02 +08:00			`UserDatabaseService.prototype.getConnectionParams = function (username, apikeyToken, authenticated, callback) {`
			`this.metadataBackend.getAllUserDBParams(username, (err, dbParams) => {`
Remove step 2018-02-22 22:58:52 +08:00			`if (err) {`
			`err.http_status = 404;`
Template for User not found error 2018-02-23 00:49:02 +08:00			`err.message = errorUserNotFoundMessageTemplate(username);`

Remove step 2018-02-22 22:58:52 +08:00			`return callback(err);`
			`}`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Remove step 2018-02-22 22:58:52 +08:00			`const dbopts = {`
			`port: global.settings.db_port,`
use apikeys instead of metadata for the database connections parameters 2018-05-25 23:23:24 +08:00			`host: dbParams.dbhost,`
			`dbname: dbParams.dbname,`
Remove step 2018-02-22 22:58:52 +08:00			`};`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Template for User not found error 2018-02-23 00:49:02 +08:00			`this.metadataBackend.getApikey(username, apikeyToken, (err, apikey) => {`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`if (err) {`
Remove step 2018-02-22 22:58:52 +08:00			`err.http_status = 404;`
Template for User not found error 2018-02-23 00:49:02 +08:00			`err.message = errorUserNotFoundMessageTemplate(username);`

Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00			`return callback(err);`
			`}`

Remove step 2018-02-22 22:58:52 +08:00			`if (!isApiKeyFound(apikey)) {`
use apikeys instead of metadata for the database connections parameters 2018-05-25 23:23:24 +08:00			`const apiKeyNotFoundError = new Error('Unauthorized');`
			`apiKeyNotFoundError.type = 'auth';`
			`apiKeyNotFoundError.subtype = 'api-key-not-found';`
			`apiKeyNotFoundError.http_status = 401;`

			`return callback(apiKeyNotFoundError);`
Remove step 2018-02-22 22:58:52 +08:00			`}`
Implemented job controller to enqueue jobs 2015-12-07 16:40:51 +08:00
Remove step 2018-02-22 22:58:52 +08:00			`dbopts.user = apikey.databaseRole;`
			`dbopts.pass = apikey.databasePassword;`
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00
use apikeys instead of metadata for the database connections parameters 2018-05-25 23:23:24 +08:00			`this.metadataBackend.getMasterApikey(username, (err, masterApikey) => {`
			`if (err) {`
			`err.http_status = 404;`
			`err.message = errorUserNotFoundMessageTemplate(username);`

			`return callback(err);`
			`}`

			`if (!isApiKeyFound(apikey)) {`
			`const apiKeyNotFoundError = new Error('Unauthorized');`
			`apiKeyNotFoundError.type = 'auth';`
			`apiKeyNotFoundError.subtype = 'api-key-not-found';`
			`apiKeyNotFoundError.http_status = 401;`

			`return callback(apiKeyNotFoundError);`
			`}`

			`dbopts.user = apikey.databaseRole;`
			`dbopts.pass = apikey.databasePassword;`

			`const authDbOpts = _.defaults({`
			`user: masterApikey.databaseRole,`
			`pass: masterApikey.databasePassword },`
			`dbopts);`

			`callback(null, dbopts, authDbOpts);`
			`});`
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00
Remove step 2018-02-22 22:58:52 +08:00			`});`
Move authorization to auth-api and extract it from user-database-service 2018-02-22 18:46:34 +08:00			`});`
			`};`

Renamed exposed function 2015-12-10 22:06:25 +08:00			`module.exports = UserDatabaseService;`