From 178b9e85634f936649c65b3ec4df40b9f4fc4e06 Mon Sep 17 00:00:00 2001 From: Simon Date: Wed, 27 Sep 2017 16:32:49 +0200 Subject: [PATCH] moving layergroup-token middleware to middlewarify style --- lib/cartodb/middleware/context/index.js | 4 ++-- .../{ => context}/layergroup-token.js | 19 ++++++++----------- .../ported/support/ported_server_options.js | 9 ++++----- 3 files changed, 14 insertions(+), 18 deletions(-) rename lib/cartodb/middleware/{ => context}/layergroup-token.js (57%) diff --git a/lib/cartodb/middleware/context/index.js b/lib/cartodb/middleware/context/index.js index 9d87b6ee..411b6f93 100644 --- a/lib/cartodb/middleware/context/index.js +++ b/lib/cartodb/middleware/context/index.js @@ -1,12 +1,12 @@ const cleanUpQueryParams = require('./clean-up-query-params'); -const parseTokenParam = require('./parse-token-param'); +const layergroupToken = require('./layergroup-token'); const authorize = require('./authorize'); const dbConnSetup = require('./db-conn-setup'); module.exports = function prepareContextMiddleware(authApi, pgConnection) { return [ cleanUpQueryParams(), - parseTokenParam(), + layergroupToken, authorize(authApi), dbConnSetup(pgConnection) ]; diff --git a/lib/cartodb/middleware/layergroup-token.js b/lib/cartodb/middleware/context/layergroup-token.js similarity index 57% rename from lib/cartodb/middleware/layergroup-token.js rename to lib/cartodb/middleware/context/layergroup-token.js index d9f7d214..d1ccb3be 100644 --- a/lib/cartodb/middleware/layergroup-token.js +++ b/lib/cartodb/middleware/context/layergroup-token.js @@ -1,4 +1,4 @@ -var LayergroupToken = require('../models/layergroup-token'); +var LayergroupToken = require('../../models/layergroup-token'); module.exports = function layergroupTokenMiddleware(req, res, next) { if (!req.params.hasOwnProperty('token')) { @@ -16,18 +16,15 @@ module.exports = function layergroupTokenMiddleware(req, res, next) { if (!req.params.signer) { req.params.signer = user; } else if (req.params.signer !== user) { - var statusCode = 403; + var err = new Error(`Cannot use map signature of user "${req.params.signer}" on db of user "${user}"`); + err.type = 'auth'; + err.http_status = 403; if (req.query && req.query.callback) { - statusCode = 200; + err.http_status = 200; } - var errorMessage = `Cannot use map signature of user "${req.params.signer}" on db of user "{${user}"`; - return res.status(statusCode).json({ - errors: [errorMessage], - errors_with_context: [{ - type: 'auth', - message: errorMessage - }] - }); + + req.profiler.done('req2params'); + return next(err); } } diff --git a/test/acceptance/ported/support/ported_server_options.js b/test/acceptance/ported/support/ported_server_options.js index af299664..36684f77 100644 --- a/test/acceptance/ported/support/ported_server_options.js +++ b/test/acceptance/ported/support/ported_server_options.js @@ -1,6 +1,7 @@ var _ = require('underscore'); var serverOptions = require('../../../../lib/cartodb/server_options'); var mapnik = require('windshaft').mapnik; +var LayergroupToken = require('../../../../lib/cartodb/models/layergroup-token'); var OverviewsQueryRewriter = require('../../../../lib/cartodb/utils/overviews_query_rewriter'); var overviewsQueryRewriter = new OverviewsQueryRewriter({ zoom_level: 'CDB_ZoomFromScale(!scale_denominator!)' @@ -56,11 +57,9 @@ module.exports = _.extend({}, serverOptions, { // this is in case you want to test sql parameters eg ...png?sql=select * from my_table limit 10 req.params = _.extend({}, req.params); - // We don't want to inherit Date.now() `cache_buster` as it is the default value - // introduced by the middleware when no cache buster is found. - // We are only interested in the `token` for the ported tests. - delete req.params.cache_buster; - delete req.params.signer; + if (req.params.token) { + req.params.token = LayergroupToken.parse(req.params.token).token; + } _.extend(req.params, req.query); req.params.user = 'localhost';