cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename req2params by prepareContext

Browse Source
This commit is contained in:
Daniel García Aubert 2017-09-22 17:56:47 +02:00
parent 6dc9cc0b23
commit 3bab081438
6 changed files with 38 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/cartodb/controllers/analyses.js
View File

@ -9,11 +9,11 @@ var BaseController = require('./base');
var cors = require('../middleware/cors'); var cors = require('../middleware/cors');
var userMiddleware = require('../middleware/user'); var userMiddleware = require('../middleware/user');
const req2paramsMiddleware = require('../middleware/req2params-middleware'); const prepareContextMiddleware = require('../middleware/prepare-context');
function AnalysesController(authApi, pgConnection) { function AnalysesController(authApi, pgConnection) {
BaseController.call(this, authApi, pgConnection); BaseController.call(this, authApi, pgConnection);
this.req2paramsMiddleware = req2paramsMiddleware(authApi, pgConnection); this.prepareContext = prepareContextMiddleware(authApi, pgConnection);
} }
util.inherits(AnalysesController, BaseController); util.inherits(AnalysesController, BaseController);
@ -28,7 +28,7 @@ AnalysesController.prototype.register = function(router) {
router.get( router.get(
'/analyses/catalog', '/analyses/catalog',
this.req2paramsMiddleware, this.prepareContext,
this.catalog.bind(this) this.catalog.bind(this)
); );
}; };

26
lib/cartodb/controllers/layergroup.js
View File

@ -15,7 +15,7 @@ var MapStoreMapConfigProvider = require('../models/mapconfig/provider/map-store-
var QueryTables = require('cartodb-query-tables'); var QueryTables = require('cartodb-query-tables');
const req2paramsMiddleware = require('../middleware/req2params-middleware'); const prepareContextMiddleware = require('../middleware/prepare-context');
/** /**
* @param {AuthApi} authApi * @param {AuthApi} authApi
@ -46,7 +46,7 @@ function LayergroupController(authApi, pgConnection, mapStore, tileBackend, prev
this.dataviewBackend = new DataviewBackend(analysisBackend); this.dataviewBackend = new DataviewBackend(analysisBackend);
this.analysisStatusBackend = new AnalysisStatusBackend(); this.analysisStatusBackend = new AnalysisStatusBackend();
this.req2paramsMiddleware = req2paramsMiddleware(authApi, pgConnection); this.prepareContext = prepareContextMiddleware(authApi, pgConnection);
} }
util.inherits(LayergroupController, BaseController); util.inherits(LayergroupController, BaseController);
@ -61,39 +61,39 @@ LayergroupController.prototype.register = function(router) {
router.get( router.get(
'/:token/:z/:x/:y@:scale_factor?x.:format', '/:token/:z/:x/:y@:scale_factor?x.:format',
this.req2paramsMiddleware, this.prepareContext,
this.tile.bind(this) this.tile.bind(this)
); );
router.get( router.get(
'/:token/:z/:x/:y.:format', '/:token/:z/:x/:y.:format',
this.req2paramsMiddleware, this.prepareContext,
this.tile.bind(this) this.tile.bind(this)
); );
router.get( router.get(
'/:token/:layer/:z/:x/:y.(:format)', '/:token/:layer/:z/:x/:y.(:format)',
this.req2paramsMiddleware, this.prepareContext,
this.layer.bind(this) this.layer.bind(this)
); );
router.get( router.get(
'/:token/:layer/attributes/:fid', '/:token/:layer/attributes/:fid',
this.req2paramsMiddleware, this.prepareContext,
this.attributes.bind(this) this.attributes.bind(this)
); );
router.get( router.get(
'/static/center/:token/:z/:lat/:lng/:width/:height.:format', '/static/center/:token/:z/:lat/:lng/:width/:height.:format',
allowQueryParams(['layer']), allowQueryParams(['layer']),
this.req2paramsMiddleware, this.prepareContext,
this.center.bind(this) this.center.bind(this)
); );
router.get( router.get(
'/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format', '/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format',
allowQueryParams(['layer']), allowQueryParams(['layer']),
this.req2paramsMiddleware, this.prepareContext,
this.bbox.bind(this) this.bbox.bind(this)
); );
@ -116,33 +116,33 @@ LayergroupController.prototype.register = function(router) {
router.get( router.get(
'/:token/dataview/:dataviewName', '/:token/dataview/:dataviewName',
allowQueryParams(allowedDataviewQueryParams), allowQueryParams(allowedDataviewQueryParams),
this.req2paramsMiddleware, this.prepareContext,
this.dataview.bind(this) this.dataview.bind(this)
); );
router.get( router.get(
'/:token/:layer/widget/:dataviewName', '/:token/:layer/widget/:dataviewName',
allowQueryParams(allowedDataviewQueryParams), allowQueryParams(allowedDataviewQueryParams),
this.req2paramsMiddleware, this.prepareContext,
this.dataview.bind(this) this.dataview.bind(this)
); );
router.get( router.get(
'/:token/dataview/:dataviewName/search', '/:token/dataview/:dataviewName/search',
allowQueryParams(allowedDataviewQueryParams), allowQueryParams(allowedDataviewQueryParams),
this.req2paramsMiddleware, this.prepareContext,
this.dataviewSearch.bind(this) this.dataviewSearch.bind(this)
); );
router.get( router.get(
'/:token/:layer/widget/:dataviewName/search', '/:token/:layer/widget/:dataviewName/search',
allowQueryParams(allowedDataviewQueryParams), allowQueryParams(allowedDataviewQueryParams),
this.req2paramsMiddleware, this.prepareContext,
this.dataviewSearch.bind(this) this.dataviewSearch.bind(this)
); );
router.get('/:token/analysis/node/:nodeId', router.get('/:token/analysis/node/:nodeId',
this.req2paramsMiddleware, this.prepareContext,
this.analysisNodeStatus.bind(this) this.analysisNodeStatus.bind(this)
); );
}; };

12
lib/cartodb/controllers/map.js
View File

@ -20,7 +20,7 @@ var NamedMapsCacheEntry = require('../cache/model/named_maps_entry');
var NamedMapMapConfigProvider = require('../models/mapconfig/provider/named-map-provider'); var NamedMapMapConfigProvider = require('../models/mapconfig/provider/named-map-provider');
var CreateLayergroupMapConfigProvider = require('../models/mapconfig/provider/create-layergroup-provider'); var CreateLayergroupMapConfigProvider = require('../models/mapconfig/provider/create-layergroup-provider');
const req2paramsMiddleware = require('../middleware/req2params-middleware'); const prepareContextMiddleware = require('../middleware/prepare-context');
/** /**
* @param {AuthApi} authApi * @param {AuthApi} authApi
@ -53,7 +53,7 @@ function MapController(authApi, pgConnection, templateMaps, mapBackend, metadata
this.resourceLocator = new ResourceLocator(global.environment); this.resourceLocator = new ResourceLocator(global.environment);
this.statsBackend = statsBackend; this.statsBackend = statsBackend;
this.req2paramsMiddleware = req2paramsMiddleware(authApi, pgConnection); this.prepareContext = prepareContextMiddleware(authApi, pgConnection);
} }
util.inherits(MapController, BaseController); util.inherits(MapController, BaseController);
@ -66,28 +66,28 @@ MapController.prototype.register = function(app) {
app.base_url_mapconfig, app.base_url_mapconfig,
cors(), cors(),
userMiddleware, userMiddleware,
this.req2paramsMiddleware, this.prepareContext,
this.createGet.bind(this) this.createGet.bind(this)
); );
app.post( app.post(
app.base_url_mapconfig, app.base_url_mapconfig,
cors(), cors(),
userMiddleware, userMiddleware,
this.req2paramsMiddleware, this.prepareContext,
this.createPost.bind(this) this.createPost.bind(this)
); );
app.get( app.get(
app.base_url_templated + '/:template_id/jsonp', app.base_url_templated + '/:template_id/jsonp',
cors(), cors(),
userMiddleware, userMiddleware,
this.req2paramsMiddleware, this.prepareContext,
this.jsonp.bind(this) this.jsonp.bind(this)
); );
app.post( app.post(
app.base_url_templated + '/:template_id', app.base_url_templated + '/:template_id',
cors(), cors(),
userMiddleware, userMiddleware,
this.req2paramsMiddleware, this.prepareContext,
this.instantiate.bind(this) this.instantiate.bind(this)
); );
app.options(app.base_url_mapconfig, cors('Content-Type')); app.options(app.base_url_mapconfig, cors('Content-Type'));

8
lib/cartodb/controllers/named_maps.js
View File

@ -9,7 +9,7 @@ var BaseController = require('./base');
var cors = require('../middleware/cors'); var cors = require('../middleware/cors');
var userMiddleware = require('../middleware/user'); var userMiddleware = require('../middleware/user');
var allowQueryParams = require('../middleware/allow-query-params'); var allowQueryParams = require('../middleware/allow-query-params');
const req2paramsMiddleware = require('../middleware/req2params-middleware'); const prepareContextMiddleware = require('../middleware/prepare-context');
function NamedMapsController(authApi, pgConnection, namedMapProviderCache, tileBackend, previewBackend, function NamedMapsController(authApi, pgConnection, namedMapProviderCache, tileBackend, previewBackend,
surrogateKeysCache, tablesExtentApi, metadataBackend) { surrogateKeysCache, tablesExtentApi, metadataBackend) {
@ -21,7 +21,7 @@ function NamedMapsController(authApi, pgConnection, namedMapProviderCache, tileB
this.surrogateKeysCache = surrogateKeysCache; this.surrogateKeysCache = surrogateKeysCache;
this.tablesExtentApi = tablesExtentApi; this.tablesExtentApi = tablesExtentApi;
this.metadataBackend = metadataBackend; this.metadataBackend = metadataBackend;
this.req2paramsMiddleware = req2paramsMiddleware(authApi, pgConnection); this.prepareContext = prepareContextMiddleware(authApi, pgConnection);
} }
util.inherits(NamedMapsController, BaseController); util.inherits(NamedMapsController, BaseController);
@ -33,7 +33,7 @@ NamedMapsController.prototype.register = function(app) {
app.base_url_templated + '/:template_id/:layer/:z/:x/:y.(:format)', app.base_url_templated + '/:template_id/:layer/:z/:x/:y.(:format)',
cors(), cors(),
userMiddleware, userMiddleware,
this.req2paramsMiddleware, this.prepareContext,
this.tile.bind(this) this.tile.bind(this)
); );
@ -42,7 +42,7 @@ NamedMapsController.prototype.register = function(app) {
cors(), cors(),
userMiddleware, userMiddleware,
allowQueryParams(['layer']), allowQueryParams(['layer']),
this.req2paramsMiddleware, this.prepareContext,
this.staticMap.bind(this) this.staticMap.bind(this)
); );
}; };

4
lib/cartodb/middleware/req2params-middleware.js → lib/cartodb/middleware/prepare-context.js
View File

@ -24,8 +24,8 @@ var REQUEST_QUERY_PARAMS_WHITELIST = [
* @param req - standard express request obj. Should have host & table * @param req - standard express request obj. Should have host & table
* @param callback * @param callback
*/ */
module.exports = function req2paramsMiddleware (authApi, pgConnection) { module.exports = function prepareContextMiddleware (authApi, pgConnection) {
return function req2params (req, res, next) { return function prepareContext (req, res, next) {
var allowedQueryParams = REQUEST_QUERY_PARAMS_WHITELIST; var allowedQueryParams = REQUEST_QUERY_PARAMS_WHITELIST;
if (Array.isArray(req.context.allowedQueryParams)) { if (Array.isArray(req.context.allowedQueryParams)) {
allowedQueryParams = allowedQueryParams.concat(req.context.allowedQueryParams); allowedQueryParams = allowedQueryParams.concat(req.context.allowedQueryParams);

20
test/unit/cartodb/req2params.test.js
View File

@ -7,17 +7,17 @@ var PgConnection = require('../../../lib/cartodb/backends/pg_connection');
var AuthApi = require('../../../lib/cartodb/api/auth_api'); var AuthApi = require('../../../lib/cartodb/api/auth_api');
var TemplateMaps = require('../../../lib/cartodb/backends/template_maps'); var TemplateMaps = require('../../../lib/cartodb/backends/template_maps');
var req2paramsMiddleware = require('../../../lib/cartodb/middleware/req2params-middleware'); var prepareContextMiddleware = require('../../../lib/cartodb/middleware/prepare-context');
var windshaft = require('windshaft'); var windshaft = require('windshaft');
describe('req2params', function() { describe('prepare-context', function() {
var test_user = _.template(global.environment.postgres_auth_user, {user_id:1}); var test_user = _.template(global.environment.postgres_auth_user, {user_id:1});
var test_pubuser = global.environment.postgres.user; var test_pubuser = global.environment.postgres.user;
var test_database = test_user + '_db'; var test_database = test_user + '_db';
var req2params; var prepareContext;
before(function() { before(function() {
var redisPool = new RedisPool(global.environment.redis); var redisPool = new RedisPool(global.environment.redis);
var mapStore = new windshaft.storage.MapStore(); var mapStore = new windshaft.storage.MapStore();
@ -26,12 +26,12 @@ describe('req2params', function() {
var templateMaps = new TemplateMaps(redisPool); var templateMaps = new TemplateMaps(redisPool);
var authApi = new AuthApi(pgConnection, metadataBackend, mapStore, templateMaps); var authApi = new AuthApi(pgConnection, metadataBackend, mapStore, templateMaps);
req2params = req2paramsMiddleware(authApi, pgConnection); prepareContext = prepareContextMiddleware(authApi, pgConnection);
}); });
it('can be found in server_options', function(){ it('can be found in server_options', function(){
assert.ok(_.isFunction(req2params)); assert.ok(_.isFunction(prepareContext));
}); });
function prepareRequest(req) { function prepareRequest(req) {
@ -45,7 +45,7 @@ describe('req2params', function() {
it('cleans up request', function(done){ it('cleans up request', function(done){
var req = {headers: { host:'localhost' }, query: {dbuser:'hacker',dbname:'secret'}}; var req = {headers: { host:'localhost' }, query: {dbuser:'hacker',dbname:'secret'}};
var res = {}; var res = {};
req2params(prepareRequest(req), res, function(err, req) { prepareContext(prepareRequest(req), res, function(err, req) {
if ( err ) { done(err); return; } if ( err ) { done(err); return; }
assert.ok(_.isObject(req.query), 'request has query'); assert.ok(_.isObject(req.query), 'request has query');
assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query'); assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query');
@ -60,7 +60,7 @@ describe('req2params', function() {
it('sets dbname from redis metadata', function(done){ it('sets dbname from redis metadata', function(done){
var req = {headers: { host:'localhost' }, query: {} }; var req = {headers: { host:'localhost' }, query: {} };
var res = {}; var res = {};
req2params(prepareRequest(req), res, function(err, req) { prepareContext(prepareRequest(req), res, function(err, req) {
if ( err ) { done(err); return; } if ( err ) { done(err); return; }
assert.ok(_.isObject(req.query), 'request has query'); assert.ok(_.isObject(req.query), 'request has query');
assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query'); assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query');
@ -75,7 +75,7 @@ describe('req2params', function() {
it('sets also dbuser for authenticated requests', function(done){ it('sets also dbuser for authenticated requests', function(done){
var req = {headers: { host:'localhost' }, query: {map_key: '1234'} }; var req = {headers: { host:'localhost' }, query: {map_key: '1234'} };
var res = {}; var res = {};
req2params(prepareRequest(req), res, function(err, req) { prepareContext(prepareRequest(req), res, function(err, req) {
if ( err ) { done(err); return; } if ( err ) { done(err); return; }
assert.ok(_.isObject(req.query), 'request has query'); assert.ok(_.isObject(req.query), 'request has query');
assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query'); assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query');
@ -92,7 +92,7 @@ describe('req2params', function() {
map_key: '1235' map_key: '1235'
} }
}; };
req2params(prepareRequest(req), res, function(err, req) { prepareContext(prepareRequest(req), res, function(err, req) {
// wrong key resets params to no user // wrong key resets params to no user
assert.ok(req.params.dbuser === test_pubuser, 'could inject dbuser ('+req.params.dbuser+')'); assert.ok(req.params.dbuser === test_pubuser, 'could inject dbuser ('+req.params.dbuser+')');
done(); done();
@ -117,7 +117,7 @@ describe('req2params', function() {
}; };
var res = {}; var res = {};
req2params(prepareRequest(req), res, function(err, req) { prepareContext(prepareRequest(req), res, function(err, req) {
if ( err ) { if ( err ) {
return done(err); return done(err);
} }