cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed sqlemu to return forbidden when table name contains "private" in its name

Browse Source
This commit is contained in:
javi 2014-01-28 12:04:10 +01:00
parent dc3d36e0a5
commit bdea9f10fc
1 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
test/support/SQLAPIEmu.js
View File

@ -1,5 +1,6 @@
var http = require('http'); var http = require('http');
var url = require('url'); var url = require('url');
var _ = require('underscore');
var o = function(port, cb) { var o = function(port, cb) {
@ -22,7 +23,6 @@ var o = function(port, cb) {
req.on('end', function() { req.on('end', function() {
//console.log("Data is: "); console.dir(data); //console.log("Data is: "); console.dir(data);
query = JSON.parse(data); query = JSON.parse(data);
//console.log("Parsed is: "); console.dir(query);
//console.log("handleQuery is " + that.handleQuery); //console.log("handleQuery is " + that.handleQuery);
that.handleQuery(query, res); that.handleQuery(query, res);
}); });
@ -44,6 +44,10 @@ o.prototype.handleQuery = function(query, res) {
'max': 1234567890.123 'max': 1234567890.123
}; };
res.write(JSON.stringify({rows: [ row ]})); res.write(JSON.stringify({rows: [ row ]}));
} else {
if ( query.q.match('_private_') && query.api_key === undefined) {
res.statusCode = 403;
res.write(JSON.stringify({'error':'forbidden: ' + JSON.stringify(query)}));
} else { } else {
var qs = JSON.stringify(query); var qs = JSON.stringify(query);
var row = { var row = {
@ -55,6 +59,7 @@ o.prototype.handleQuery = function(query, res) {
var out = JSON.stringify(out_obj); var out = JSON.stringify(out_obj);
res.write(out); res.write(out);
} }
}
res.end(); res.end();
}; };