Removes tables=fake wadus param in ogr2ogr command so it can go to

geometry_colums view to retrieve the column data type. This requires
to grant permissions on geometry_columns and geography_columns to the
public user.
This commit is contained in:
Raul Ochoa 2014-09-22 13:23:30 +02:00
parent 7b9dbaf9f7
commit 2e3eeefd0f
5 changed files with 60 additions and 6 deletions

View File

@ -140,11 +140,7 @@ OgrFormat.prototype.toOGR = function(options, out_format, out_filename, callback
+ " port=" + dbport
+ " user=" + dbuser
+ " dbname=" + dbname
+ " password=" + dbpass
+ " tables=fake" // trick to skip query to geometry_columns (private)
// in turn breaks knowing SRID with gdal-0.10.1:
// http://github.com/CartoDB/CartoDB-SQL-API/issues/110
+ "",
+ " password=" + dbpass,
'-sql', ogrsql
];

View File

@ -14,6 +14,11 @@ suite('app.auth', function() {
url: "/api/v1/sql?api_key=1234&q=INSERT%20INTO%20private_table%20(name)%20VALUES%20('app_auth_test1')",
statusCode: 200
}
,{
desc: 'valid api key should allow delete in protected tables',
url: "/api/v1/sql?api_key=1234&q=DELETE%20FROM%20private_table%20WHERE%20name%3d'app_auth_test1'",
statusCode: 200
}
,{
desc: 'invalid api key should NOT allow insert in protected tables',
url: "/api/v1/sql?api_key=RAMBO&q=INSERT%20INTO%20private_table%20(name)%20VALUES%20('RAMBO')",

View File

@ -962,7 +962,8 @@ var systemQueriesSuitesToTest = [
'SELECT * FROM pg_attribute',
'SELECT * FROM PG_attribute',
'SELECT * FROM "pg_attribute"',
'SELECT a.* FROM untitle_table_4 a,pg_attribute'
'SELECT a.* FROM untitle_table_4 a,pg_attribute',
'SELECT * FROM geometry_columns'
],
api_key_works: true,
no_api_key_works: false

View File

@ -337,4 +337,53 @@ test('check point coordinates, authenticated', function(done){
});
});
test('expects 1000 placemarks in public table', function(done){
var numberOfRowsInPublicTable = 6,
seriesLimit = 200,
expectedRows = numberOfRowsInPublicTable * seriesLimit;
assert.response(app, {
url: '/api/v1/sql',
data: querystring.stringify({
q: "SELECT x, untitle_table_4.* FROM untitle_table_4, generate_series(1," + seriesLimit + ") x",
format: 'kml'
}),
headers: {host: 'vizzuality.cartodb.com', 'Content-Type': 'application/x-www-form-urlencoded' },
method: 'POST'
},
{
status: 200
},
function(res) {
assert.equal(res.body.match(/<Placemark>/g).length, expectedRows);
done();
}
);
});
test('expects 1000 placemarks in private table using the API KEY', function(done){
var numberOfRowsInPrivateTable = 5,
seriesLimit = 200,
expectedRows = numberOfRowsInPrivateTable * seriesLimit;
assert.response(app, {
url: '/api/v1/sql',
data: querystring.stringify({
q: "SELECT x, private_table.* FROM private_table, generate_series(1," + seriesLimit + ") x",
api_key: 1234,
format: 'kml'
}),
headers: {host: 'vizzuality.cartodb.com', 'Content-Type': 'application/x-www-form-urlencoded' },
method: 'POST'
},
{
status: 200
},
function(res) {
assert.equal(res.body.match(/<Placemark>/g).length, expectedRows);
done();
}
);
});
});

View File

@ -127,6 +127,9 @@ GRANT ALL ON TABLE spatial_ref_sys TO :TESTUSER, :PUBLICUSER;
REVOKE ALL ON geometry_columns FROM public;
GRANT ALL ON geometry_columns TO :TESTUSER;
GRANT ALL ON geography_columns TO :TESTUSER;
GRANT ALL ON geometry_columns TO :PUBLICUSER;
GRANT ALL ON geography_columns TO :PUBLICUSER;
-- For https://github.com/CartoDB/CartoDB-SQL-API/issues/118
DROP TABLE IF EXISTS cpg_test;