cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Catch "name not found" errors from metadata backend and set http code status 404

Browse Source
This commit is contained in:
Daniel García Aubert 2018-02-19 18:28:58 +01:00
parent 47ccb7ded8
commit 2e3abfb2cd
2 changed files with 22 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
lib/cartodb/api/auth_api.js
View File

@ -70,6 +70,10 @@ AuthApi.prototype.authorizedByAPIKey = function(user, res, callback) {
this.metadataBackend.getApikey(user, apikeyToken, (err, apikey) => {
if (err) {
if (err.message && -1 !== err.message.indexOf('name not found')) {
err.http_status = 404;
}
return callback(err);
}
@ -100,7 +104,7 @@ AuthApi.prototype.authorizedByAPIKey = function(user, res, callback) {
error.subtype = 'api-key-username-mismatch';
error.http_status = 403;
return callback(error);
return callback(error);
}
if (!apikey.grantsMaps) {
@ -137,8 +141,8 @@ AuthApi.prototype.authorize = function(req, res, callback) {
if (err) {
return callback(err);
}
}
callback(null, true);
});
}
@ -147,17 +151,17 @@ AuthApi.prototype.authorize = function(req, res, callback) {
if (err) {
return callback(err);
}
if (isAuthorizedBySigner) {
return this.pgConnection.setDBAuth(user, res.locals, 'master', function (err) {
req.profiler.done('setDBAuth');
if (err) {
return callback(err);
}
}
callback(null, true);
});
});
}
// if no signer name was given, use default api key
@ -170,7 +174,7 @@ AuthApi.prototype.authorize = function(req, res, callback) {
}
callback(null, true);
});
});
}
// if signer name was given, return no authorization

11
lib/cartodb/backends/pg_connection.js
View File

@ -22,6 +22,9 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba
if (apikeyType === 'master') {
this.metadataBackend.getMasterApikey(username, (err, apikey) => {
if (err) {
if (err.message && -1 !== err.message.indexOf('name not found')) {
err.http_status = 404;
}
return callback(err);
}
@ -39,6 +42,9 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba
} else if (apikeyType === 'regular') { //Actually it can be any type of api key
this.metadataBackend.getApikey(username, params.api_key, (err, apikey) => {
if (err) {
if (err.message && -1 !== err.message.indexOf('name not found')) {
err.http_status = 404;
}
return callback(err);
}
@ -64,11 +70,14 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba
return this.setDBAuth(username, params, 'default', callback);
}
return callback();
return callback();
});
} else if (apikeyType === 'default') {
this.metadataBackend.getApikey(username, 'default_public', (err, apikey) => {
if (err) {
if (err.message && -1 !== err.message.indexOf('name not found')) {
err.http_status = 404;
}
return callback(err);
}