Tidy middlewares up: put rate limit middleware after authorization
This commit is contained in:
Daniel García Aubert
parent
4cba4c7a1f
commit
d3e2707fce
@ -26,10 +26,10 @@ AnalysesController.prototype.register = function (app) {
|
|||||||
`${mapconfigBasePath}/analyses/catalog`,
|
`${mapconfigBasePath}/analyses/catalog`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS_CATALOG),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS_CATALOG),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
createPGClient(),
|
createPGClient(),
|
||||||
getDataFromQuery({ queryTemplate: catalogQueryTpl, key: 'catalog' }),
|
getDataFromQuery({ queryTemplate: catalogQueryTpl, key: 'catalog' }),
|
||||||
|
|||||||
@ -90,11 +90,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/:z/:x/:y@:scale_factor?x.:format`,
|
`${mapConfigBasePath}/:token/:z/:x/:y@:scale_factor?x.:format`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -118,11 +118,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/:z/:x/:y.:format`,
|
`${mapConfigBasePath}/:token/:z/:x/:y.:format`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -147,11 +147,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
distinguishLayergroupFromStaticRoute(),
|
distinguishLayergroupFromStaticRoute(),
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -175,11 +175,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/:layer/attributes/:fid`,
|
`${mapConfigBasePath}/:token/:layer/attributes/:fid`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ATTRIBUTES),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ATTRIBUTES),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -201,11 +201,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/static/center/:token/:z/:lat/:lng/:width/:height.:format`,
|
`${mapConfigBasePath}/static/center/:token/:z/:lat/:lng/:width/:height.:format`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
|
||||||
cleanUpQueryParams(['layer']),
|
cleanUpQueryParams(['layer']),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -226,11 +226,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format`,
|
`${mapConfigBasePath}/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
|
||||||
cleanUpQueryParams(['layer']),
|
cleanUpQueryParams(['layer']),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -254,11 +254,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/dataview/:dataviewName`,
|
`${mapConfigBasePath}/:token/dataview/:dataviewName`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
|
||||||
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -278,11 +278,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName`,
|
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
|
||||||
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -302,11 +302,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/dataview/:dataviewName/search`,
|
`${mapConfigBasePath}/:token/dataview/:dataviewName/search`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
|
||||||
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -326,11 +326,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName/search`,
|
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName/search`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
|
||||||
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
|
||||||
createMapStoreMapConfigProvider(
|
createMapStoreMapConfigProvider(
|
||||||
this.mapStore,
|
this.mapStore,
|
||||||
@ -350,11 +350,11 @@ LayergroupController.prototype.register = function(app) {
|
|||||||
`${mapConfigBasePath}/:token/analysis/node/:nodeId`,
|
`${mapConfigBasePath}/:token/analysis/node/:nodeId`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS),
|
|
||||||
layergroupToken(),
|
layergroupToken(),
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
analysisNodeStatus(this.analysisStatusBackend),
|
analysisNodeStatus(this.analysisStatusBackend),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
|
|||||||
@ -101,10 +101,10 @@ MapController.prototype.composeCreateMapMiddleware = function (endpointGroup, us
|
|||||||
return [
|
return [
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, endpointGroup),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, endpointGroup),
|
||||||
cleanUpQueryParams(['aggregation']),
|
cleanUpQueryParams(['aggregation']),
|
||||||
initProfiler(isTemplateInstantiation),
|
initProfiler(isTemplateInstantiation),
|
||||||
checkJsonContentType(),
|
checkJsonContentType(),
|
||||||
|
|||||||
@ -56,10 +56,10 @@ NamedMapsController.prototype.register = function(app) {
|
|||||||
`${templateBasePath}/:template_id/:layer/:z/:x/:y.(:format)`,
|
`${templateBasePath}/:template_id/:layer/:z/:x/:y.(:format)`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_TILES),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_TILES),
|
||||||
cleanUpQueryParams(),
|
cleanUpQueryParams(),
|
||||||
getNamedMapProvider({
|
getNamedMapProvider({
|
||||||
namedMapProviderCache: this.namedMapProviderCache,
|
namedMapProviderCache: this.namedMapProviderCache,
|
||||||
@ -82,10 +82,10 @@ NamedMapsController.prototype.register = function(app) {
|
|||||||
`${mapconfigBasePath}/static/named/:template_id/:width/:height.:format`,
|
`${mapconfigBasePath}/static/named/:template_id/:width/:height.:format`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC_NAMED),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorize(this.authApi),
|
authorize(this.authApi),
|
||||||
dbConnSetup(this.pgConnection),
|
dbConnSetup(this.pgConnection),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC_NAMED),
|
||||||
cleanUpQueryParams(['layer', 'zoom', 'lon', 'lat', 'bbox']),
|
cleanUpQueryParams(['layer', 'zoom', 'lon', 'lat', 'bbox']),
|
||||||
getNamedMapProvider({
|
getNamedMapProvider({
|
||||||
namedMapProviderCache: this.namedMapProviderCache,
|
namedMapProviderCache: this.namedMapProviderCache,
|
||||||
|
|||||||
@ -27,10 +27,10 @@ NamedMapsAdminController.prototype.register = function (app) {
|
|||||||
`${templateBasePath}/`,
|
`${templateBasePath}/`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_CREATE),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
checkContentType({ action: 'POST', label: 'POST TEMPLATE' }),
|
checkContentType({ action: 'POST', label: 'POST TEMPLATE' }),
|
||||||
authorizedByAPIKey({ authApi: this.authApi, action: 'create', label: 'POST TEMPLATE' }),
|
authorizedByAPIKey({ authApi: this.authApi, action: 'create', label: 'POST TEMPLATE' }),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_CREATE),
|
||||||
createTemplate({ templateMaps: this.templateMaps }),
|
createTemplate({ templateMaps: this.templateMaps }),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
);
|
);
|
||||||
@ -39,10 +39,10 @@ NamedMapsAdminController.prototype.register = function (app) {
|
|||||||
`${templateBasePath}/:template_id`,
|
`${templateBasePath}/:template_id`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_UPDATE),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
checkContentType({ action: 'PUT', label: 'PUT TEMPLATE' }),
|
checkContentType({ action: 'PUT', label: 'PUT TEMPLATE' }),
|
||||||
authorizedByAPIKey({ authApi: this.authApi, action: 'update', label: 'PUT TEMPLATE' }),
|
authorizedByAPIKey({ authApi: this.authApi, action: 'update', label: 'PUT TEMPLATE' }),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_UPDATE),
|
||||||
updateTemplate({ templateMaps: this.templateMaps }),
|
updateTemplate({ templateMaps: this.templateMaps }),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
);
|
);
|
||||||
@ -51,9 +51,9 @@ NamedMapsAdminController.prototype.register = function (app) {
|
|||||||
`${templateBasePath}/:template_id`,
|
`${templateBasePath}/:template_id`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_GET),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorizedByAPIKey({ authApi: this.authApi, action: 'get', label: 'GET TEMPLATE' }),
|
authorizedByAPIKey({ authApi: this.authApi, action: 'get', label: 'GET TEMPLATE' }),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_GET),
|
||||||
retrieveTemplate({ templateMaps: this.templateMaps }),
|
retrieveTemplate({ templateMaps: this.templateMaps }),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
);
|
);
|
||||||
@ -62,9 +62,9 @@ NamedMapsAdminController.prototype.register = function (app) {
|
|||||||
`${templateBasePath}/:template_id`,
|
`${templateBasePath}/:template_id`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_DELETE),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorizedByAPIKey({ authApi: this.authApi, action: 'delete', label: 'DELETE TEMPLATE' }),
|
authorizedByAPIKey({ authApi: this.authApi, action: 'delete', label: 'DELETE TEMPLATE' }),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_DELETE),
|
||||||
destroyTemplate({ templateMaps: this.templateMaps }),
|
destroyTemplate({ templateMaps: this.templateMaps }),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
);
|
);
|
||||||
@ -73,9 +73,9 @@ NamedMapsAdminController.prototype.register = function (app) {
|
|||||||
`${templateBasePath}/`,
|
`${templateBasePath}/`,
|
||||||
cors(),
|
cors(),
|
||||||
user(),
|
user(),
|
||||||
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_LIST),
|
|
||||||
credentials(),
|
credentials(),
|
||||||
authorizedByAPIKey({ authApi: this.authApi, action: 'list', label: 'GET TEMPLATE LIST' }),
|
authorizedByAPIKey({ authApi: this.authApi, action: 'list', label: 'GET TEMPLATE LIST' }),
|
||||||
|
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.NAMED_LIST),
|
||||||
listTemplates({ templateMaps: this.templateMaps }),
|
listTemplates({ templateMaps: this.templateMaps }),
|
||||||
sendResponse()
|
sendResponse()
|
||||||
);
|
);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user