cartodb/CartoDB-SQL-API
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,450 Commits 1 Branch 118 Tags 9.7 MiB
c9846a2437
Commit Graph

142 Commits

Author SHA1 Message Date
Sandro Santilli
2ee9411889 Review cache-control headers: 
* Raise max-age to one year for all cacheable queries
 * Set max-age to 0 for uncacheable (mutating) queries
 2013-07-22 17:21:38 +02:00
Luis Bosque
7b6b541083 Revert "Set max-age=0 when using no-cache" 2013-07-10 07:58:35 +02:00
Sandro Santilli
46b7f7a309 Parse all numbers as floats. Closes #100 2013-07-09 21:51:40 +02:00
Sandro Santilli
bc49aebd2a Don't assume SELECT "updated_at" may write to the database. 
Closes #99
 2013-07-08 17:36:53 +02:00
javi
69b5d825e3 reverted support for get params in post 2013-07-04 16:23:48 +02:00
javi
320e0b97a8 Merge branch 'develop' of github.com:Vizzuality/CartoDB-SQL-API into develop 2013-07-04 16:14:51 +02:00
javi
838c0c93ba Add support for GET params in POST requests 2013-07-04 16:14:44 +02:00
Sandro Santilli
ba28496127 Add support for "text" datatypes in json output format 2013-07-04 16:04:13 +02:00
Sandro Santilli
46e93355c4 Set max-age=0 when using no-cache (don't be self-contraddicting) 2013-06-28 11:17:52 +02:00
Sandro Santilli
7eff0cb107 Retain UTC offset in JSON output for dates 
Hopefully helps reducing confusion when using timezone-less
with postgresql, in that the time that comes out of JSON output
matches the one input by user, except it may be in an unexpected
timezone (the server's one)
 2013-06-19 12:25:48 +02:00
Sandro Santilli
88f1d33b42 Add "fields" member in JSON return. Closes #97 2013-06-14 18:36:05 +02:00
Sandro Santilli
e03262c5da Upgrade node-postgresql to ~1.1.3 fixing evented query model 2013-06-06 17:06:06 +02:00
Sandro Santilli
339bc0b3a4 Fix windowing support for non-uppercased SELECT queries 2013-06-06 15:24:57 +02:00
Sandro Santilli
aff77399b1 Extract geojson test from main test 2013-05-27 17:34:05 +02:00
Sandro Santilli
3f98cab09a Do not execute queries on OPTIONS. Closes #94 2013-05-24 14:21:13 +02:00
Sandro Santilli
985631092b Fix test for custom base_url 2013-05-24 13:51:39 +02:00
Sandro Santilli
cf6bed9bdb Bubble paging UI hack up from model to controller 
... one day we'll need to completely drop this hack!
 2013-05-24 10:22:17 +02:00
Sandro Santilli
81a83b93e4 Make base url configurable, use a wildcard in the example config 2013-05-23 11:49:23 +02:00
Sandro Santilli
414f4b6c3e Do not request caching of TRUNCATE queries 2013-05-06 18:21:22 +02:00
Sandro Santilli
cc74244b33 Do not choke on multiple skipfields parameter 2013-05-06 12:30:32 +02:00
Sandro Santilli
0f17889b05 Really fix the tests for unauthorized attempts to write db 
It was not about specifying the db trough headers but rather
about referencing the _wrong_ database via params. Also fixes
the expected result (which was indeed wrong).
 2013-04-11 13:35:11 +02:00
Sandro Santilli
2210d9b588 Fix test using wrong hostname (thus connecting to wrong db) 2013-04-11 13:00:13 +02:00
Sandro Santilli
e7437ba7cd Rework system catalogue prevention access check to use CDB_QueryTables 
This change reduces the chances of false positive
(forbidding legit queries). Doesn't solve the problem of false
negative (allowing illegit queries).
 2013-04-09 12:36:37 +02:00
Sandro Santilli
d54d953e75 Another bit of improvement for the system-table query prevention 
This work is more important for the testcases than the actual code
 2013-04-09 12:20:27 +02:00
Sandro Santilli
1bcffbc68c Make using SET or querying system catalogues harder 
An hack to "prevent" querying system tables already existed but
was pretty weak. This commits makes that a bit stronger. The
filter for SET is new.
 2013-04-09 11:52:34 +02:00
Sandro Santilli
5fa19a0515 Fix parsing of numeric arrays. Closes #88. 
Includes testcase, requires using a fork of node-postgresql.
 2013-03-14 11:41:07 +01:00
Sandro Santilli
8de8bbc460 Add test for multi-statement and begin/commit 2013-02-18 18:39:09 +01:00
Sandro Santilli
d4b1f580ff Fix X-Cache-Channel computation with paging parameters. Closes #85. 2013-02-18 16:19:12 +01:00
Sandro Santilli
5959e6465a Fix Content-Disposition for error responses. Closes #82 2013-02-13 13:32:34 +01:00
Sandro Santilli
fdf49bd2ab Add a test for COPY TO file 2013-01-21 17:39:07 +01:00
Sandro Santilli
19fc0e5854 Fix crash when issuing SQL "COPY" command 
This involved upgrade of node-postgresql module.
See https://github.com/brianc/node-postgres/issues/242
 2013-01-17 10:14:29 +01:00
Sandro Santilli
ef729a027f Split SVG tests from main test file 2013-01-16 11:16:38 +01:00
Sandro Santilli
76b35b71a1 Split KML tests from main test file 2013-01-16 09:58:09 +01:00
Sandro Santilli
e897cb07d2 Add test for null geoms in geojson 
Also drop an hard-coded "the_geom" in geojson output code
 2013-01-11 18:57:45 +01:00
Sandro Santilli
c84f9b1a52 Split SHP tests from main test file 2013-01-11 16:16:28 +01:00
Sandro Santilli
9550837fbe Split CSV tests from main test file 2013-01-11 11:21:59 +01:00
Sandro Santilli
2e85588d99 Format date fields in CSV output 2012-12-07 14:27:02 +01:00
Sandro Santilli
a63cb20be0 Add test for Date field formatting in CSV (#77) 2012-12-07 12:06:44 +01:00
Sandro Santilli
0274425de9 Add another test for CSV truncation (succeeds) 2012-11-16 12:54:09 +01:00
Sandro Santilli
3a641beda8 Fix UTF8 in shapefile export. Closes #66. 
Testcases count reaches 100 ! Happy post-post-gis day :)
 2012-11-16 12:50:21 +01:00
Sandro Santilli
da05e6f4ca Fix KML export truncation. Closes #947 
Also adds test for SHP truncation (isn't trucated)
 2012-11-16 12:22:06 +01:00
Sandro Santilli
bd08eb4add Use inline attachment also with POST, if format isn't given 2012-11-14 16:30:18 +01:00
Sandro Santilli
6b7cada97d Never dispose "inline" when using POST. 2012-11-13 19:27:25 +01:00
Sandro Santilli
0ef13f08c2 Use inline disposition when no format and no filename are given 
See #61
 2012-11-12 19:44:16 +01:00
Sandro Santilli
120cf3f0c5 Add 'cache_policy' parameter. Closes #62 2012-11-12 19:14:20 +01:00
Sandro Santilli
005ae48e3a Support for specifying a list of fields to skip from output. 
Closes #63
 2012-11-12 17:11:17 +01:00
Sandro Santilli
46cec7a0e5 Add support for specifying a filename for exports. Closes #64 
Sets release target to 1.3.0, due to parameter addition
 2012-11-12 12:40:53 +01:00
javi
3fd3c5fabc added the needed headers for CORS 2012-11-01 13:17:45 +01:00
Sandro Santilli
9aa28c5bea Initial support for KML output format. Closes #54. 2012-10-25 18:10:56 +02:00
Sandro Santilli
978c0b4cbe Advertise header presence in CSV Content-Type 2012-10-25 13:40:21 +02:00
Sandro Santilli
a6837573c5 Use "attachment" Content-Disposition for all output formats. 
Closes #61, includes tests

NOTE: this includes the default "json" format.
 2012-10-25 13:34:06 +02:00
Sandro Santilli
5d8eccc81e Fix CSV output with no rows. Closes #60 2012-10-25 13:14:47 +02:00
Sandro Santilli
d0ae7e08a6 Initial support for Shapefile output 2012-10-18 12:51:12 +02:00
Sandro Santilli
d399d2153f Improve input data control in test for "dp" parameter 2012-10-18 11:32:08 +02:00
Sandro Santilli
d9b733e5c6 Recognize ALTER as a writing query 2012-10-15 13:40:04 +02:00
Sandro Santilli
d23416cc60 Set X-Cache-Channel to NONE when the SQL may write to the database 
Note that "may write" allows for false positive, so there could be
less cache hits than possibly allowable. If this will be a problem
for any real use case we could still improve the regular expression
used to detect "writing" queries.

Automated tests are added to check for the X-Cache-Channel header
with both writing and read-only queries performed by authenticated
requests.

Closes #27
Closes #43
 2012-10-15 13:23:17 +02:00
Sandro Santilli
ac83700810 Send a 404 on unsupported format requested 2012-10-12 12:17:35 +02:00
Sandro Santilli
0d91ab2c6a Survive multiple "format" parameters, only using last one 2012-10-12 11:42:03 +02:00
Sandro Santilli
6a2c0e9727 Initial support for SVG output (#49) 
This version only dumps the geometries with no identifier.
Scales geometries to fit in a 1024x768 pixels area, using
a circle radius of 5 pixels, a stroke-width of 1 pixel and
no fill.  Supports trimming number of decimals.
Adds a viewBox tag to fit the drawing to the output device window.

Includes an automated testcase.
 2012-10-04 12:04:50 +02:00
Sandro Santilli
4521942820 Test "CSV" format, drop "KML" from the list of supported formats 2012-10-04 12:04:50 +02:00
Sandro Santilli
2ac6e2d132 Add tests for INSERT/UPDATE/DELETE and _no_ RETURNING (#13) 2012-09-17 16:56:25 +02:00
Sandro Santilli
fe2c6bfe1f Add test for DELETE .. RETURNING (#50) 2012-09-17 16:50:15 +02:00
Sandro Santilli
adfe97bf81 Add test for broken SQL (#51) 2012-09-17 13:04:16 +02:00
Sandro Santilli
8b824801cf Fix INSERT and UPDATE with RETURNING clause. Closes #50 
Includes regression test
 2012-09-17 11:50:19 +02:00
Sandro Santilli
acb625b72f Expect correct JSON, never mind formatting of it 
This is because express-3.0.0beta6 send indented JSON ...
 2012-07-16 17:16:28 +02:00
Sandro Santilli
aee257c5ef Do not leak "tmp" variable to globals 2012-07-13 11:11:30 +02:00
Sandro Santilli
ce4f99fa7f Print body on unexpected non-200 response status 2012-07-13 11:01:32 +02:00
Sandro Santilli
e4f3a94256 Port tests to mocha. Closes #35. 2012-07-13 10:29:09 +02:00
Simon Tokumine
374583e655 add tests and refactor validations for input parameters. closes #29 2012-06-06 19:47:21 +01:00
Simon Tokumine
fb61c32850 add acceptance test for default dp change in geojson 2012-06-06 18:57:50 +01:00
Simon Tokumine
4cbdf62cc2 make wellformed CSV and stream back to browser. #9 2012-04-13 15:37:09 +01:00
Simon Tokumine
ffc1fa3fe1 closes #11. closes #9. Pending reorganisation. 2012-04-13 00:30:45 +01:00
Simon Tokumine
81f44f2935 merge conflicts 2012-04-10 12:56:22 +01:00
Simon Tokumine
dd9de25616 node v0.6 compatibility 2012-03-16 13:50:07 +01:00
javi santana
59739483e8 added auth using api token 2011-12-26 19:16:41 +01:00
Simon Tokumine
025f201ea8 add system table sanitizer 2011-11-22 00:06:14 +00:00
Simon Tokumine
8ebdd0474c Add test for system tables 2011-11-21 23:06:38 +00:00
Simon Tokumine
de191ed33b Add decimal place limiting to geojson call 2011-11-08 23:35:59 +00:00
Simon Tokumine
f740d9ea14 words have meaning. 2011-10-28 12:18:06 +01:00
Simon Tokumine
555e072195 tidy geojson, add content-disposition and remove KML for now. Closes #7 2011-10-28 12:11:18 +01:00
javi
b3012ff73c added test fixtures 2011-10-05 17:49:54 +02:00
Simon Tokumine
d9870305da updated to post 2011-09-07 12:05:10 +01:00
Simon Tokumine
f10cd72e0b updated acceptance tests for host name based public api and made work :) 2011-08-24 20:47:10 +01:00
Simon Tokumine
bb08f4f982 further fixes for public 2011-08-17 18:42:19 +01:00
Simon Tokumine
fefa051450 added true oauth to application. got rid of bogus 2011-08-17 17:27:45 +01:00
Alvaro Bautista
f0df331fb4 Change request path from /v1 to /api/v1 2011-07-04 17:28:39 +02:00
Simon Tokumine
317da1f311 added dangerous test 2011-06-20 18:22:46 +02:00
Simon Tokumine
719644e76d added public user shouldn't insert test 2011-06-20 18:03:29 +02:00
Simon Tokumine
80ecdc565c oauth 2011-06-20 15:39:12 +02:00
Fernando Blat
21277ff9d2 Introduced a new parameter db_port to change it in a easy way 
Some space and linebreaks cleaning
 2011-06-13 12:31:50 +02:00
Simon Tokumine
bcd56de458 first draft, tidied, unit tests, modules, refactor, environments, see TODO for next steps" 2011-06-13 04:23:02 +01:00
Fernando Blat
159f72fe3d First version of the API server with some TODOs to solve 2011-06-09 18:34:02 +02:00