diff --git a/NEWS.md b/NEWS.md index 2821ad66..7525f350 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,5 +1,6 @@ 1.1.0 (DD/MM/YY) ----- +* Fix crash on unknown user (#55) * Add /version entry point * CartoCSS versioning * Include style_version in GET /style response diff --git a/lib/cartodb/carto_data.js b/lib/cartodb/carto_data.js index 87a8bf8c..5ad4723c 100644 --- a/lib/cartodb/carto_data.js +++ b/lib/cartodb/carto_data.js @@ -126,7 +126,7 @@ module.exports = function() { that.retrieve(that.table_metadata_db, redisKey, 'privacy', this); }, function(err, data){ - if (err) throw err; + //if (err) throw err; callback(err, data); } ); diff --git a/test/acceptance/server.js b/test/acceptance/server.js index 7dad73d6..eb5dd025 100644 --- a/test/acceptance/server.js +++ b/test/acceptance/server.js @@ -101,6 +101,23 @@ suite('server', function() { }); }); + // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55 + test("get'ing style of private table should fail on unknown username", + function(done) { + assert.response(server, { + headers: {host: 'unknown_user'}, + url: '/tiles/test_table_private_1/style', + method: 'GET' + },{ + }, function(res) { + // FIXME: should be 401 Unauthorized + assert.equal(res.statusCode, 500, res.body); + assert.deepEqual(JSON.parse(res.body), + {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"}); + done(); + }); + }); + test("get'ing style of private table should succeed when authenticated", function(done) { assert.response(server, { @@ -401,6 +418,23 @@ suite('server', function() { }); }); + // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55 + test("get'ing infowindow of private table should fail on unknown username", + function(done) { + assert.response(server, { + headers: {host: 'unknown_user'}, + url: '/tiles/test_table_private_1/infowindow', + method: 'GET' + },{ + }, function(res) { + // FIXME: should be 401 Unauthorized + assert.equal(res.statusCode, 500, res.body); + assert.deepEqual(JSON.parse(res.body), + {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"}); + done(); + }); + }); + test("get'ing infowindow of private table should succeed when authenticated", function(done) { assert.response(server, { @@ -467,6 +501,23 @@ suite('server', function() { }); }); + // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55 + test("get'ing grid of private table should fail on unknown username", + function(done) { + assert.response(server, { + headers: {host: 'unknown_user'}, + url: '/tiles/test_table_private_1/6/31/24.grid.json', + method: 'GET' + },{ + }, function(res) { + // FIXME: should be 401 Unauthorized + assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body); + assert.deepEqual(JSON.parse(res.body), + {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"}); + done(); + }); + }); + test("get'ing the grid of a private table should succeed when authenticated", function(done) { assert.response(server, { @@ -566,6 +617,25 @@ suite('server', function() { }); }); + test("get'ing a tile with data from private table should fail on unknown username", function(done){ + var sql = querystring.stringify({ + sql: "SELECT * FROM test_table_private_1", + cache_buster:2 // this is to avoid getting the cached response + }); + assert.response(server, { + headers: {host: 'unknown_user'}, + url: '/tiles/gadm4/6/31/24.png?' + sql, + method: 'GET' + },{ + }, function(res) { + // FIXME: should be 401 Unauthorized + assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body); + assert.deepEqual(JSON.parse(res.body), + {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"}); + done(); + }); + }); + test("get'ing a tile with data from private table should fail when unauthenticated (uses old redis key)", function(done){ var sql = querystring.stringify({ sql: "SELECT * FROM test_table_private_1",