From 73a065c1ccafd869262b073a5d19bf3f3f98576f Mon Sep 17 00:00:00 2001 From: Sandro Santilli Date: Tue, 17 Dec 2013 10:56:12 +0100 Subject: [PATCH] Make sure user from domain is always computed locally Involved upgrade of cartodb-redis to 0.3.0 Really closes #100 --- lib/cartodb/server_options.js | 43 ++++++++++++++++++++++++++++------- npm-shrinkwrap.json | 15 +++++++----- package.json | 2 +- 3 files changed, 45 insertions(+), 15 deletions(-) diff --git a/lib/cartodb/server_options.js b/lib/cartodb/server_options.js index a3366e8f..8341530d 100644 --- a/lib/cartodb/server_options.js +++ b/lib/cartodb/server_options.js @@ -384,14 +384,23 @@ module.exports = function(){ var user = me.userByReq(req); Step( - function(){ - cartoData.checkMapKey(req, this); + function (){ + cartoData.getUserMapKey(user, this); }, - function checkApiKey(err, check_result){ + function checkApiKey(err, val){ if (err) throw err; + var valid = 0; + if ( val ) { + if ( val == req.query.map_key ) valid = 1; + else if ( val == req.query.api_key ) valid = 1; + // check also in request body + else if ( req.body && req.body.map_key && val == req.body.map_key ) valid = 1; + else if ( req.body && req.body.api_key && val == req.body.api_key ) valid = 1; + } + // if not authorized by api_key, continue - if (check_result !== 1) return null; + if (valid !== 1) return null; // authorized by api key, login as the given username and stop that.setDBAuth(user, req.params, function(err) { @@ -556,14 +565,23 @@ module.exports = function(){ */ me.getInfowindow = function(req, callback){ var that = this; + var user = me.userByReq(req); Step( function(){ + // TODO: if this step really needed ? that.req2params(req, this); }, + function getDatabase(err){ + if (err) throw err; + cartoData.getUserDBName(user, this); + }, + function getInfowindow(err, dbname){ + if (err) throw err; + cartoData.getTableInfowindow(dbname, req.params.table, this); + }, function(err, data){ - if (err) callback(err, null); - else cartoData.getInfowindow(data, callback); + callback(err, data); } ); }; @@ -575,14 +593,23 @@ module.exports = function(){ */ me.getMapMetadata = function(req, callback){ var that = this; + var user = me.userByReq(req); Step( function(){ + // TODO: if this step really needed ? that.req2params(req, this); }, + function getDatabase(err){ + if (err) throw err; + cartoData.getUserDBName(user, this); + }, + function getMapMetadata(err, dbname){ + if (err) throw err; + cartoData.getTableMapMetadata(dbname, req.params.table, this); + }, function(err, data){ - if (err) callback(err, null); - else cartoData.getMapMetadata(data, callback); + callback(err, data); } ); }; diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index e2365ab5..743e1838 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -264,12 +264,7 @@ "version": "2.9.202" }, "cartodb-redis": { - "version": "0.2.0", - "dependencies": { - "generic-pool": { - "version": "2.0.4" - } - } + "version": "0.3.0" }, "mapnik": { "version": "0.7.25" @@ -286,6 +281,14 @@ "redis": { "version": "0.8.6" }, + "redis-mpool": { + "version": "0.0.2", + "dependencies": { + "generic-pool": { + "version": "2.0.4" + } + } + }, "hiredis": { "version": "0.1.15", "dependencies": { diff --git a/package.json b/package.json index 5a60edf0..5c0c56f7 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "windshaft" : "~0.14.5", "step": "0.0.x", "request": "2.9.202", - "cartodb-redis": "~0.2.0", + "cartodb-redis": "~0.3.0", "mapnik": "~0.7.22", "lzma": "~1.2.3" },