Make public PostgreSQL user name a configuration parameter

Closes #56.
Updates documentation and tests and example config files

NEWS.md

@@ -3,6 +3,7 @@
 * Still set a meaningful X-Cache-Channel with cache_policy=persist (#105)
 * Fix wrong projection in KML exports for manually altered tables (#116)
 * Set KML folder name to the requested filename (#115)
+* Make public PostgreSQL user name a configuration parameter (#56)
 
 1.6.0 - 2013-10-02
 ------------------

README.md

@@ -38,7 +38,8 @@ Make sure redis is running and knows about active cartodb user.
 
 Make sure your PostgreSQL server is running, is accessible on
 the host and port specified in the <environment> file, has
-a 'publicuser' role and trusts user authentication from localhost
+a 'publicuser' role (or whatever you set ``db_pubuser`` configuration
+directive to) and trusts user authentication from localhost
 connections.
 
 ``` bash

app/controllers/app.js

@@ -38,6 +38,9 @@ var express = require('express')
     , formats     = require(global.settings.app_root + '/app/models/formats')
     ;
 
+// Set default configuration 
+global.settings.db_pubuser = global.settings.db_pubuser || "publicuser";
+
 var tableCache = LRU({
   // store no more than these many items in the cache
   max: global.settings.tableCacheMax || 8192,

app/models/formats/ogr.js

@@ -14,7 +14,7 @@ var bakingExports = {};
 function userid_to_dbuser(user_id) {
   if ( _.isString(user_id) )
       return _.template(global.settings.db_user, {user_id: user_id});
-  return "publicuser" // FIXME: make configurable
+  return global.settings.db_pubuser;
 };
 
 

app/models/psql.js

@@ -87,7 +87,7 @@ var PSQL = function(user_id, db) {
     if (!_.isString(user_id) && !_.isString(db)) throw new Error(error_text);
 
     var me = {
-        public_user: "publicuser"
+        public_user: global.settings.db_pubuser
         , user_id: user_id
         , db: db
     };

config/environments/development.js.example

@@ -6,6 +6,8 @@ module.exports.node_socket_timeout    = 600000;
 module.exports.environment  = 'development';
 module.exports.db_base_name = 'cartodb_dev_user_<%= user_id %>_db';
 module.exports.db_user      = 'development_cartodb_user_<%= user_id %>';
+// Name of the anonymous PostgreSQL user
+module.exports.db_pubuser   = 'publicuser';
 module.exports.db_host      = 'localhost';
 module.exports.db_port      = '5432';
 // Max database connections in the pool

config/environments/production.js.example

@@ -6,6 +6,8 @@ module.exports.node_socket_timeout    = 600000;
 module.exports.environment  = 'production';
 module.exports.db_base_name = 'cartodb_user_<%= user_id %>_db';
 module.exports.db_user      = 'cartodb_user_<%= user_id %>';
+// Name of the anonymous PostgreSQL user
+module.exports.db_pubuser   = 'publicuser';
 module.exports.db_host      = 'localhost';
 module.exports.db_port      = '6432';
 // Max database connections in the pool

config/environments/staging.js.example

@@ -6,6 +6,8 @@ module.exports.node_socket_timeout    = 600000;
 module.exports.environment  = 'staging';
 module.exports.db_base_name = 'cartodb_staging_user_<%= user_id %>_db';
 module.exports.db_user      = 'cartodb_staging_user_<%= user_id %>';
+// Name of the anonymous PostgreSQL user
+module.exports.db_pubuser   = 'publicuser';
 module.exports.db_host      = 'localhost';
 module.exports.db_port      = '6432';
 // Max database connections in the pool

config/environments/test.js.example

@@ -6,6 +6,8 @@ module.exports.node_socket_timeout    = 600000;
 module.exports.environment  = 'test';
 module.exports.db_base_name = 'cartodb_test_user_<%= user_id %>_db';
 module.exports.db_user      = 'test_cartodb_user_<%= user_id %>';
+// Name of the anonymous PostgreSQL user
+module.exports.db_pubuser   = 'publicuser';
 module.exports.db_host      = 'localhost';
 module.exports.db_port      = '5432';
 // Max database connections in the pool

test/prepare_db.sh

@@ -17,6 +17,9 @@ PGHOST=`grep \.db_host ${TESTENV} | sed "s/.*= *'\([^']*\)'.*/\1/"`
 echo "PGHOST: [$PGHOST]"
 PGPORT=`grep \.db_port ${TESTENV} | sed "s/.*=[\t ]*'\([^']*\)'.*/\1/"`
 echo "PGPORT: [$PGPORT]"
+public_user=`grep \.db_pubuser ${TESTENV} | sed "s/.*= *'\([^']*\)'.*/\1/"`
+[ -z "${public_user}" ] && public_user=publicuser
+echo "PUBLICUSER: [${public_user}]"
 
 
 TEST_DB="cartodb_test_user_1_db"
@@ -33,7 +36,7 @@ die() {
 echo "preparing postgres..."
 dropdb ${TEST_DB} # 2> /dev/null # error expected if doesn't exist, but not otherwise
 createdb -Ttemplate_postgis -EUTF8 ${TEST_DB} || die "Could not create test database"
-psql -f test.sql ${TEST_DB} 
+cat test.sql | sed "s/:PUBLICUSER/${public_user}/" | psql ${TEST_DB} 
 psql -f support/CDB_QueryStatements.sql ${TEST_DB} 
 psql -f support/CDB_QueryTables.sql ${TEST_DB} 
 

test/test.sql

@@ -112,15 +112,15 @@ CREATE INDEX test_table_the_geom_webmercator_idx_p ON private_table USING gist (
 
 
 
-CREATE USER publicuser WITH PASSWORD '';
+CREATE USER :PUBLICUSER WITH PASSWORD '';
 CREATE USER test_cartodb_user_1 WITH PASSWORD '';
 
 GRANT ALL ON TABLE untitle_table_4 TO test_cartodb_user_1;
-GRANT SELECT ON TABLE untitle_table_4 TO publicuser;
+GRANT SELECT ON TABLE untitle_table_4 TO :PUBLICUSER;
 GRANT ALL ON TABLE private_table TO test_cartodb_user_1;
 GRANT ALL ON SEQUENCE test_table_cartodb_id_seq_p TO test_cartodb_user_1;
 
-GRANT ALL ON TABLE spatial_ref_sys TO test_cartodb_user_1, publicuser;
+GRANT ALL ON TABLE spatial_ref_sys TO test_cartodb_user_1, :PUBLICUSER;
 
 REVOKE ALL ON geometry_columns FROM public;
 GRANT ALL ON geometry_columns TO test_cartodb_user_1;

test/unit/psql.test.js

@@ -4,6 +4,8 @@ var _      = require('underscore')
   , PSQL   = require('../../app/models/psql')
   , assert = require('assert');
 
+var public_user = global.settings.db_pubuser;
+
 suite('psql', function() {
 
 test('test throws error if no args passed to constructor', function(){  
@@ -28,7 +30,7 @@ test('test instantiate with just db constructor', function(){
 
 test('test username returns default user if not set', function(){  
   var pg = new PSQL(null, 'my_database');
-  assert.equal(pg.username(), "publicuser");
+  assert.equal(pg.username(), public_user);
 });
 
 test('test username returns interpolated user if set', function(){  
@@ -76,9 +78,9 @@ test('test private user can execute INSERT on db', function(done){
   });
 });
 
-test('test publicuser can execute SELECT on enabled tables', function(done){  
+test('test public user can execute SELECT on enabled tables', function(done){  
   var pg = new PSQL("1");
-  var sql = "DROP TABLE IF EXISTS distributors2; CREATE TABLE distributors2 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors2 TO publicuser;";
+  var sql = "DROP TABLE IF EXISTS distributors2; CREATE TABLE distributors2 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors2 TO " + public_user + ";";
   pg.query(sql, function(err, result){
     pg = new PSQL(null, 'cartodb_test_user_1_db');
     pg.query("SELECT count(*) FROM distributors2", function(err, result){
@@ -88,9 +90,9 @@ test('test publicuser can execute SELECT on enabled tables', function(done){
   });
 });
 
-test('test publicuser cannot execute INSERT on db', function(done){
+test('test public user cannot execute INSERT on db', function(done){
   var pg = new PSQL("1");
-  var sql = "DROP TABLE IF EXISTS distributors3; CREATE TABLE distributors3 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors3 TO publicuser;";
+  var sql = "DROP TABLE IF EXISTS distributors3; CREATE TABLE distributors3 (id integer, name varchar(40), UNIQUE(name)); GRANT SELECT ON distributors3 TO " + public_user + ";";
   pg.query(sql, function(err, result){    
     
     pg = new PSQL(null, 'cartodb_test_user_1_db'); //anonymous user