cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

configure tileuser and mapkey security

Browse Source
This commit is contained in:
Simon Tokumine 2011-09-21 16:33:25 -04:00
parent 3c95856255
commit 2e1b36a1a4
5 changed files with 67 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/environments/development.js
View File

@ -1,5 +1,5 @@
module.exports.name = 'development';
module.exports.postgres = {user: 'postgres', host: '127.0.0.1', port: 5432};
module.exports.postgres = {user: 'tileuser', host: '127.0.0.1', port: 5432};
module.exports.redis = {host: '127.0.0.1',
port: 6379,
idleTimeoutMillis: 1,

2
config/environments/production.js
View File

@ -1,4 +1,4 @@
module.exports.name = 'production';
module.exports.postgres = {user: 'publicuser', host: '127.0.0.1', port: 6432};
module.exports.postgres = {user: 'tileuser', host: '127.0.0.1', port: 6432};
module.exports.redis = {host: '127.0.0.1', port: 6379};
module.exports.windshaft_port = 8181;

2
config/environments/test.js
View File

@ -1,5 +1,5 @@
module.exports.name = 'test';
module.exports.postgres = {user: 'postgres', host: '127.0.0.1', port: 5432};
module.exports.postgres = {user: 'tileuser', host: '127.0.0.1', port: 5432};
module.exports.redis = {host: '127.0.0.1',
port: 6379,
idleTimeoutMillis: 1,

52
lib/cartodb/carto_data.js
View File

@ -54,6 +54,58 @@ module.exports = function() {
this.retrieve(this.user_metadata_db, redisKey, 'id', callback);
};
/**
* Get the user map key for this particular subdomain/username
*
* @param req - standard express req object. importantly contains host information
* @param callback
*/
me.getMapKey = function(req, callback) {
// strip subdomain from header host
var username = req.headers.host.split('.')[0]
var redisKey = _.template(this.user_key, {username: username});
this.retrieve(this.user_metadata_db, redisKey, 'map_key', callback);
};
/**
* Get privacy for cartodb table
*
* @param req - standard req object. Importantly contains table and host information
* @param callback - is the table private or not?
*/
me.authorize= function(req, callback) {
var that = this;
Step(
function(){
that.getMapKey(req, this);
},
function checkIfInternal(err, data){
if (err) throw err;
if (data === req.query.map_key){
callback(err, true); // Internal access so early exit with access.
} else {
return true; // continue to check if the table is public/private
}
},
function (err, data){
if (err) throw err;
that.getDatabase(req, this);
},
function(err, data){
if (err) throw err;
var redisKey = _.template(that.table_key, {database_name: data, table_name: req.params.table});
that.retrieve(that.table_metadata_db, redisKey, 'privacy', this);
},
function(err, data){
if (err) throw err;
callback(err, data);
}
);
};
/**

15
lib/cartodb/server_options.js
View File

@ -19,7 +19,7 @@ module.exports = function(){
me.req2params = function(req, callback){
// Whitelist query parameters and attach format
var good_query = ['sql', 'geom_type', 'cache_buster','callback', 'interactivity'];
var good_query = ['sql', 'geom_type', 'cache_buster','callback', 'interactivity', 'map_key'];
var bad_query = _.difference(_.keys(req.query), good_query);
_.each(bad_query, function(key){ delete req.query[key]; });
@ -32,7 +32,17 @@ me.req2params = function(req, callback){
req.params.interactivity = req.params.interactivity || 'cartodb_id';
Step(
function getDatabase(){
function getPrivacy(){
cartoData.authorize(req, this);
},
function gatekeep(err, data){
if(err) throw err;
if(data === "0") throw new Error("Sorry, you are unauthorized");
return data;
},
function getDatabase(err, data){
if(err) throw err;
cartoData.getDatabase(req, this);
},
function getGeometryType(err, data){
@ -42,7 +52,6 @@ me.req2params = function(req, callback){
cartoData.getGeometryType(req, this);
},
function finishSetup(err, data){
if (err) throw err;
if (!_.isNull(data))
_.extend(req.params, {geom_type: data});