cartodb/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not use locals middleware in layergroup controller

Browse Source
This commit is contained in:
Daniel García Aubert 2018-03-23 14:13:27 +01:00
parent 7ba3394508
commit f76606bc26
4 changed files with 21 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/cartodb/api/auth_api.js
View File

@ -25,7 +25,7 @@ module.exports = AuthApi;
// null if the request is not signed by anyone // null if the request is not signed by anyone
// or will be a string cartodb username otherwise. // or will be a string cartodb username otherwise.
// //
AuthApi.prototype.authorizedBySigner = function(res, callback) { AuthApi.prototype.authorizedBySigner = function(req, res, callback) {
if ( ! res.locals.token || ! res.locals.signer ) { if ( ! res.locals.token || ! res.locals.signer ) {
return callback(null, false); // no signer requested return callback(null, false); // no signer requested
} }
@ -33,7 +33,7 @@ AuthApi.prototype.authorizedBySigner = function(res, callback) {
var self = this; var self = this;
var layergroup_id = res.locals.token; var layergroup_id = res.locals.token;
var auth_token = res.locals.auth_token; var auth_token = req.query.auth_token;
this.mapStore.load(layergroup_id, function(err, mapConfig) { this.mapStore.load(layergroup_id, function(err, mapConfig) {
if (err) { if (err) {
@ -180,7 +180,7 @@ AuthApi.prototype.authorize = function(req, res, callback) {
}); });
} }
this.authorizedBySigner(res, (err, isAuthorizedBySigner) => { this.authorizedBySigner(req, res, (err, isAuthorizedBySigner) => {
if (err) { if (err) {
return callback(err); return callback(err);
} }

31
lib/cartodb/controllers/layergroup.js
View File

@ -1,7 +1,6 @@
const cors = require('../middleware/cors'); const cors = require('../middleware/cors');
const user = require('../middleware/user'); const user = require('../middleware/user');
const vectorError = require('../middleware/vector-error'); const vectorError = require('../middleware/vector-error');
const locals = require('../middleware/locals');
const cleanUpQueryParams = require('../middleware/clean-up-query-params'); const cleanUpQueryParams = require('../middleware/clean-up-query-params');
const layergroupToken = require('../middleware/layergroup-token'); const layergroupToken = require('../middleware/layergroup-token');
const credentials = require('../middleware/credentials'); const credentials = require('../middleware/credentials');
@ -91,7 +90,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/:z/:x/:y@:scale_factor?x.:format`, `${mapConfigBasePath}/:token/:z/:x/:y@:scale_factor?x.:format`,
cors(), cors(),
cleanUpQueryParams(), cleanUpQueryParams(),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
layergroupToken(), layergroupToken(),
@ -110,17 +108,16 @@ LayergroupController.prototype.register = function(app) {
surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }), surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }),
lastModifiedHeader(), lastModifiedHeader(),
incrementSuccessMetrics(global.statsClient), incrementSuccessMetrics(global.statsClient),
sendResponse(),
incrementErrorMetrics(global.statsClient), incrementErrorMetrics(global.statsClient),
tileError(), tileError(),
vectorError() vectorError(),
sendResponse()
); );
app.get( app.get(
`${mapConfigBasePath}/:token/:z/:x/:y.:format`, `${mapConfigBasePath}/:token/:z/:x/:y.:format`,
cors(), cors(),
cleanUpQueryParams(), cleanUpQueryParams(),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
layergroupToken(), layergroupToken(),
@ -139,10 +136,10 @@ LayergroupController.prototype.register = function(app) {
surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }), surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }),
lastModifiedHeader(), lastModifiedHeader(),
incrementSuccessMetrics(global.statsClient), incrementSuccessMetrics(global.statsClient),
sendResponse(),
incrementErrorMetrics(global.statsClient), incrementErrorMetrics(global.statsClient),
tileError(), tileError(),
vectorError() vectorError(),
sendResponse()
); );
app.get( app.get(
@ -150,7 +147,6 @@ LayergroupController.prototype.register = function(app) {
distinguishLayergroupFromStaticRoute(), distinguishLayergroupFromStaticRoute(),
cors(), cors(),
cleanUpQueryParams(), cleanUpQueryParams(),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.TILE),
layergroupToken(), layergroupToken(),
@ -169,17 +165,16 @@ LayergroupController.prototype.register = function(app) {
surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }), surrogateKeyHeader({ surrogateKeysCache: this.surrogateKeysCache }),
lastModifiedHeader(), lastModifiedHeader(),
incrementSuccessMetrics(global.statsClient), incrementSuccessMetrics(global.statsClient),
sendResponse(),
incrementErrorMetrics(global.statsClient), incrementErrorMetrics(global.statsClient),
tileError(), tileError(),
vectorError() vectorError(),
sendResponse()
); );
app.get( app.get(
`${mapConfigBasePath}/:token/:layer/attributes/:fid`, `${mapConfigBasePath}/:token/:layer/attributes/:fid`,
cors(), cors(),
cleanUpQueryParams(), cleanUpQueryParams(),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ATTRIBUTES), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ATTRIBUTES),
layergroupToken(), layergroupToken(),
@ -206,7 +201,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/static/center/:token/:z/:lat/:lng/:width/:height.:format`, `${mapConfigBasePath}/static/center/:token/:z/:lat/:lng/:width/:height.:format`,
cors(), cors(),
cleanUpQueryParams(['layer']), cleanUpQueryParams(['layer']),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
layergroupToken(), layergroupToken(),
@ -232,7 +226,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format`, `${mapConfigBasePath}/static/bbox/:token/:west,:south,:east,:north/:width/:height.:format`,
cors(), cors(),
cleanUpQueryParams(['layer']), cleanUpQueryParams(['layer']),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.STATIC),
layergroupToken(), layergroupToken(),
@ -261,7 +254,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/dataview/:dataviewName`, `${mapConfigBasePath}/:token/dataview/:dataviewName`,
cors(), cors(),
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS), cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
layergroupToken(), layergroupToken(),
@ -286,7 +278,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName`, `${mapConfigBasePath}/:token/:layer/widget/:dataviewName`,
cors(), cors(),
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS), cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW),
layergroupToken(), layergroupToken(),
@ -311,7 +302,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/dataview/:dataviewName/search`, `${mapConfigBasePath}/:token/dataview/:dataviewName/search`,
cors(), cors(),
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS), cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
layergroupToken(), layergroupToken(),
@ -336,7 +326,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/:layer/widget/:dataviewName/search`, `${mapConfigBasePath}/:token/:layer/widget/:dataviewName/search`,
cors(), cors(),
cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS), cleanUpQueryParams(ALLOWED_DATAVIEW_QUERY_PARAMS),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.DATAVIEW_SEARCH),
layergroupToken(), layergroupToken(),
@ -361,7 +350,6 @@ LayergroupController.prototype.register = function(app) {
`${mapConfigBasePath}/:token/analysis/node/:nodeId`, `${mapConfigBasePath}/:token/analysis/node/:nodeId`,
cors(), cors(),
cleanUpQueryParams(), cleanUpQueryParams(),
locals(),
user(), user(),
rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS), rateLimit(this.userLimitsApi, RATE_LIMIT_ENDPOINTS_GROUPS.ANALYSIS),
layergroupToken(), layergroupToken(),
@ -521,7 +509,7 @@ function getFeatureAttributes (attributesBackend) {
} }
function getStatusCode(tile, format){ function getStatusCode(tile, format){
return tile.length === 0 && format === 'mvt'? 204 : 200; return tile.length === 0 && format === 'mvt' ? 204 : 200;
} }
function parseFormat (format = '') { function parseFormat (format = '') {
@ -654,6 +642,11 @@ function incrementErrorMetrics (statsClient) {
function tileError () { function tileError () {
return function tileErrorMiddleware (err, req, res, next) { return function tileErrorMiddleware (err, req, res, next) {
if (err.message === 'Tile does not exist' && req.params.format === 'mvt') {
res.statusCode = 204;
return next();
}
// See https://github.com/Vizzuality/Windshaft-cartodb/issues/68 // See https://github.com/Vizzuality/Windshaft-cartodb/issues/68
let errMsg = err.message ? ( '' + err.message ) : ( '' + err ); let errMsg = err.message ? ( '' + err.message ) : ( '' + err );

4
lib/cartodb/middleware/error-middleware.js
View File

@ -15,10 +15,6 @@ module.exports = function errorMiddleware (/* options */) {
var statusCode = findStatusCode(err); var statusCode = findStatusCode(err);
if (err.message === 'Tile does not exist' && res.locals.format === 'mvt') {
statusCode = 204;
}
setErrorHeader(allErrors, statusCode, res); setErrorHeader(allErrors, statusCode, res);
debug('[%s ERROR] -- %d: %s, %s', label, statusCode, err, err.stack); debug('[%s ERROR] -- %d: %s, %s', label, statusCode, err, err.stack);

5
lib/cartodb/middleware/layergroup-token.js
View File

@ -5,13 +5,12 @@ const authErrorMessageTemplate = function (signer, user) {
module.exports = function layergroupToken () { module.exports = function layergroupToken () {
return function layergroupTokenMiddleware (req, res, next) { return function layergroupTokenMiddleware (req, res, next) {
if (!res.locals.token) { if (!req.params.token) {
return next(); return next();
} }
const user = res.locals.user; const user = res.locals.user;
const layergroupToken = LayergroupToken.parse(req.params.token);
const layergroupToken = LayergroupToken.parse(res.locals.token);
res.locals.token = layergroupToken.token; res.locals.token = layergroupToken.token;
res.locals.cache_buster = layergroupToken.cacheBuster; res.locals.cache_buster = layergroupToken.cacheBuster;