Commit Graph

588 Commits

Author SHA1 Message Date
Raul Ochoa
8503a5c7c9 Tables extent API: returns estimated bounds for a list of tables 2015-04-27 12:55:20 +02:00
Raul Ochoa
2de0e5d52b Extracts psql query run to its own class to be reusable 2015-04-27 12:48:34 +02:00
Raul Ochoa
8fb3dc7529 Move templateName function to template maps model 2015-04-27 11:55:05 +02:00
Raul Ochoa
446c432484 dry content type validation 2015-04-23 12:05:52 +02:00
Raul Ochoa
c49f3aaba5 DRY ifUnauthenticated method 2015-04-23 12:01:53 +02:00
Raul Ochoa
fed29b3b50 Extract finish function 2015-04-23 11:47:01 +02:00
Raul Ochoa
e7d134d70c No more {username}@{template_name} template id
It's still backwards compatible
2015-04-23 11:29:55 +02:00
Raul Ochoa
026a0750e3 Call callback on invalid map store token for named maps
fixes #267
2015-04-21 18:59:52 +02:00
Raul Ochoa
0c578a193c Remove stack for debug environment option 2015-04-14 16:44:03 +02:00
Raul Ochoa
84f579f0ec Do not add x-profiler header as it's already added by sendResponse 2015-04-14 16:41:04 +02:00
Raul Ochoa
1bf2809355 Do not check statsd_client in profiler 2015-04-14 16:40:15 +02:00
Raul Ochoa
e91bc91057 Adds test suite for x-cache-channel 2015-04-10 13:39:20 +02:00
Raul Ochoa
2d84d38b90 Do not add x-cache-channel header for GET template routes 2015-04-10 10:55:46 +02:00
Raul Ochoa
98bc95bc58 Add user from params to fakereq object so it's propagated
fixes #280
2015-04-08 11:11:48 +02:00
Raul Ochoa
ab9ae60958 Merge branch 'master' into render-limits 2015-04-07 14:18:34 +02:00
Raul Ochoa
2eb7529efb Pick cacheOnTimeout and render limit from mapnik config
- adds default mapnik configuration values
 - removes old top-level mapnik config, rely on renderer one
2015-04-07 12:52:33 +02:00
Luis Bosque
7934d659fb Removed more unused code from healthcheck 2015-04-06 20:49:29 +02:00
Luis Bosque
21b5ed9c8a Fixed healthcheck for jshint 2015-04-06 20:35:22 +02:00
Luis Bosque
da70839f78 Disable per-user healthchecks 2015-04-06 20:15:26 +02:00
Raul Ochoa
2e1f08d764 Adds a feature flag to cache timed out tile requests: cacheOnTimeout 2015-04-06 18:52:54 +02:00
Raul Ochoa
e3c6569302 Adds an onTileErrorStrategy that intercepts error timeout
- returns an fallback image without error
2015-04-06 18:43:40 +02:00
Raul Ochoa
38e4812b43 Restore previous beforeLayergroupCreate hook behaviour
Adds new rendercache's beforeRendererCreate hook
2015-04-01 19:35:55 +02:00
Raul Ochoa
a9ab9f8b5c Pick render limit and add it to request context
- Extends the problematic fake request in templates
 - Picks the value in waterfall, this must be improved because:
   1. It does not make sense if there is no layers with limits
   2. If we want to include it always without considering the layer type
      we can do the operation in parallel
2015-04-01 15:11:58 +02:00
Raul Ochoa
f019f34601 Mapnik renderer configuration not part of the renderer root configuration
- All configuration must be moved into `renderer.mapnik`
 - see `config/environments/*.js.example` for reference
2015-04-01 15:04:56 +02:00
Raul Ochoa
400e51f13a Removes rollbar as optional logger 2015-03-31 11:36:29 +02:00
Raul Ochoa
f1e8c9a709 Tests for cdb request 2015-03-30 16:28:37 +02:00
Raul Ochoa
b2d9e5e822 Merge branch 'master' into 257-remove-old-api 2015-03-30 11:57:03 +02:00
Raul Ochoa
d0313a4228 Remove gc_prob as it is no longer used in grainstore 2015-03-27 17:59:55 +01:00
Raul Ochoa
1f53884722 Remove metrics for authorizedBy* 2015-03-27 17:57:46 +01:00
Raul Ochoa
d210643d63 Only required query params 2015-03-26 17:19:16 +01:00
Raul Ochoa
4be0a70362 Do not append interactivity to params, it is no longer
it will be used from mapconfig layer definition
2015-03-26 13:05:35 +01:00
Luis Bosque
e3b7027b24 Remove unnecesary variable in health check 2015-03-25 18:23:03 +01:00
Luis Bosque
0f30b7d7ef Return failed health checks with disabled file 2015-03-25 18:19:40 +01:00
Raul Ochoa
07bc281e25 Remove check table privacy 2015-03-23 19:19:46 +01:00
Raul Ochoa
1d433bf5b2 Remove table param from generateCacheChannel 2015-03-23 18:58:57 +01:00
Raul Ochoa
d5e20ef558 Remove cache_policy query param 2015-03-23 18:40:59 +01:00
Raul Ochoa
36ea58e750 no longer possible to set cache_buster request param 2015-03-23 18:03:19 +01:00
Raul Ochoa
e1e5f87123 No longer possible to set sql param 2015-03-23 18:02:41 +01:00
Raul Ochoa
ea3d2124dc No sql param in generateCacheChannel 2015-03-23 17:56:51 +01:00
Raul Ochoa
415d0c42d5 jshint 2015-03-23 17:56:18 +01:00
Raul Ochoa
c19f652ff3 Remove some old accepted query params 2015-03-23 17:54:37 +01:00
Raul Ochoa
f5f7be627f Move userByReq to its own model 2015-03-23 17:35:09 +01:00
Raul Ochoa
23f5be6c33 Remove config and sql api backend 2015-03-23 15:00:33 +01:00
Raul Ochoa
07297f6bda Remove cdbQueryTablesFromPostgres option, now uses it by default 2015-03-23 14:44:42 +01:00
Raul Ochoa
02bc7b9fbf Remove per-table varnish invalidation 2015-03-23 14:27:41 +01:00
Raul Ochoa
5f6185dd51 Merge branch 'master' into 257-remove-old-api
Conflicts:
	lib/cartodb/cartodb_windshaft.js
	lib/cartodb/server_options.js
	package.json
2015-03-23 12:24:10 +01:00
Raul Ochoa
9ba53dc4cf Adds user param to params whitelist and uses localhost user for tests 2015-03-20 00:30:56 +01:00
javi
c1c6d493b7 allow urls like /u/:user/ 2015-03-18 15:54:05 +01:00
Raul Ochoa
b6d3785599 Fix Max cyclomatic complexity value 2015-03-16 00:36:38 +01:00
Raul Ochoa
645a2cd442 120 chars lines 2015-03-16 00:27:14 +01:00
Raul Ochoa
8c09dfd230 No capitalize step 2015-03-16 00:21:55 +01:00
Raul Ochoa
336491b54c Remove unused vars 2015-03-16 00:16:36 +01:00
Raul Ochoa
4365c1dbc2 Define mapnikXmlParams variable 2015-03-16 00:07:05 +01:00
Raul Ochoa
3c56c1fab3 Adds next param 2015-03-16 00:05:01 +01:00
Raul Ochoa
0a331cee37 do not redefine vars 2015-03-16 00:03:59 +01:00
Raul Ochoa
d7f5c40645 Triple === 2015-03-16 00:00:02 +01:00
Raul Ochoa
5df24e7f27 Remove Unreachable 'break' after 'return' 2015-03-15 23:58:38 +01:00
Raul Ochoa
406a1ffb0b no global replaceVars func 2015-03-15 23:58:12 +01:00
Raul Ochoa
438ecd5598 jshint: fix Function declarations should not be placed in blocks 2015-03-15 23:56:14 +01:00
Raul Ochoa
bd1c24ee1c jshint: Remove Confusing use of '!' 2015-03-15 23:52:46 +01:00
Raul Ochoa
e561f77d4d jshint: fix Dot notation 2015-03-15 23:49:32 +01:00
Raul Ochoa
d03a2c64a6 jshint: fix Missing semicolon 2015-03-15 23:46:59 +01:00
Raul Ochoa
fda8afdaf2 jshint: fix Bad line breaking 2015-03-15 23:44:45 +01:00
Raul Ochoa
71efe2109c Merge branch 'master' into 257-remove-old-api
Conflicts:
	lib/cartodb/cartodb_windshaft.js
	package.json
2015-02-18 14:51:21 +01:00
Raul Ochoa
d311dd4245 Use PgConnection to set db auth
No need to use request context anymore
X-Cache-Channel will be set now even for private tables: fixes #253
2015-02-16 11:57:53 +01:00
Raul Ochoa
b25bb03cdf Merge branch 'master' into private-cdb_tablemetadata
Conflicts:
	lib/cartodb/server_options.js
	test/support/sql/windshaft.test.sql
2015-02-16 11:41:45 +01:00
Raul Ochoa
597cb5286d No more before/after state change actions as there is no longer
a style change
2015-02-11 18:44:09 +01:00
Raul Ochoa
59dfd11e5b Remove geom_type retrieval 2015-02-10 16:57:43 +01:00
Raul Ochoa
636591ecbb Removes flush_cache endpoint 2015-02-10 00:13:50 +01:00
Raul Ochoa
a4eade31a2 Removes map_metadata endpoint 2015-02-10 00:08:08 +01:00
Raul Ochoa
ba0f394a48 Remove infowindow endpoint 2015-02-10 00:03:44 +01:00
Raul Ochoa
75c4153f9b No need to retrieve api key externally, QueryTablesApi takes care 2015-02-09 19:41:38 +01:00
Raul Ochoa
90b22b2718 QueryTables and last updated_at retrieved with user
Move setDBAuth and setDBConn to PgConnection entity
 - It uses cartodb-redis to retrieve datasource configuration
Start using it in ServerOptions, TemplateMaps and QueryTablesApi
QueryTablesApi don't receive anymore the connection/credentials
 - It will always use an authenticated query to retrieve last update
 - That will allow to query affected private tables last update
2015-02-09 14:46:52 +01:00
Raul Ochoa
6bd967e9fb Merge branch 'master' into medusa-improvements
Conflicts:
	lib/cartodb/server_options.js
2015-02-06 12:01:28 +01:00
Raul Ochoa
13f5fda1b8 Merge pull request #255 from CartoDB/empty-flush_cache-endpoint
Remove per table flush cache endpoint
2015-02-05 17:37:56 +01:00
Raul Ochoa
09527b6808 Remove no longer needed method from query_tables_api 2015-02-05 17:08:20 +01:00
Raul Ochoa
d065ace036 Remove per table flush cache endpoint 2015-02-05 17:05:50 +01:00
Raul Ochoa
fa8b27231c Removed unused/old template lock functionality 2015-02-04 19:36:16 +01:00
Raul Ochoa
c17af23a40 A non empty datasource from MapConfigNamedLayersAdapter.getLayers
means the affected tables can have private tables involved.
That implies QueryTablesApi will need the proper user to use
CDB_QueryTables. So we store it in a request context to use it in
the afterLayergroupCreate call.

Tiles for these layergroups will fail to add a X-Cache-Channel
header because it won't be possible to use the proper user within
those tiles. Ok, they will fail if they are not requested through
the same tiler instance because if they are they most likely will
reuse the in memory cache.

See https://github.com/CartoDB/Windshaft-cartodb/issues/253
2015-02-04 19:31:20 +01:00
Raul Ochoa
2c7bc6adde Datasource to give per-layer authentication in named layers
Make beforeLayergroupCreate to return a datasource with different
 authentication for the different layers.
 - Named layers will get access to private tables in case it's needed

Changes in MapConfigNamedLayersAdapter:
  - It will retrieve the dbAuth params only if named layers are present so
  there is no extra overhead for normal layers
  - Rename queue function signature from `callback` to `done` so it is easier
  to follow the code

Add several tests to validate `named` layers authentication
2015-02-04 11:30:36 +01:00
Raul Ochoa
4949616c4e Some acceptance tests, http_status = 403 should not happen in adapter,
needs improvement
2015-01-30 19:29:45 +01:00
Raul Ochoa
87eaeb0074 Some integration tests for different cases in named layers type 2015-01-30 18:57:01 +01:00
Raul Ochoa
8b07156a2d Make templateMaps available in cartodb windshaft 2015-01-30 16:51:09 +01:00
Raul Ochoa
d0ef87b0cf Add a before layergroup creation action to allow first level named
maps layer type to be extended as other layers
2015-01-30 15:31:49 +01:00
Raul Ochoa
e28fe1fdc0 Initialize template maps in server options 2015-01-30 15:30:13 +01:00
Raul Ochoa
aecb07b008 Create redis pool in server options when not supplied 2015-01-30 15:28:55 +01:00
Raul Ochoa
efe090f5b0 Accept 'open' string in templated auth as authorized 2015-01-28 17:29:50 +01:00
Raul Ochoa
6ab6fd91e4 Merge pull request #248 from CartoDB/196-validate-layergroup-in-named-maps
Basic layergroup validation on named map creation/update
2015-01-26 17:04:48 +01:00
Raul Ochoa
e690170689 More exhaustive layergroup validation:
- layers is an array and it's not empty
- layers has at least options
2015-01-26 15:51:10 +01:00
Raul Ochoa
11d9f5dd76 Basic layergroup validation on named map creation/update 2015-01-23 18:24:25 +01:00
Raul Ochoa
571a635fed Old style, avoid merge conflicts, missing history 2015-01-23 17:46:58 +01:00
Raul Ochoa
6e70518146 Split between old cache_enabled and new purge_enabled configuration 2015-01-23 17:46:16 +01:00
Raul Ochoa
fabb438cf0 Escape \b for the regex 2015-01-23 17:22:49 +01:00
Raul Ochoa
272e8cd221 Adds Surrogate Keys to named maps 2015-01-23 16:37:38 +01:00
Raul Ochoa
885accdadf Adds varnish http port to the default configurations 2015-01-23 16:36:45 +01:00
Raul Ochoa
f5a3b77737 Make TemplateMaps to emit messages when adding/updating/deleting templates 2015-01-23 16:35:47 +01:00
Raul Ochoa
20eb92a3b1 Remove signedmaps and locks functionality as it is no longer needed 2015-01-22 19:28:59 +01:00
Raul Ochoa
8d22ed7594 Tests to validate template instantiation returns new instances with
default values if they are missing.
2015-01-22 18:38:42 +01:00
Raul Ochoa
e8ab3a48c6 Removes TemplateMaps dependency on SignedMaps
- Token validation is done against the template
 - Template is always extended with default values for auth and placeholders
 - MapConfig is extended, in order to validate auth_toknes, with template info:
    - template name
    - template auth
 - No more locks to create, update or delete templates
    - Trusting in redis' hash semantics
    - Some tradeoffs:
        * A client having more templates than allowed by a race condition
        between limit (HLEN) check and creation (HSET)
        * Updating a template could happen while the deleting it, resulting in
        in a new template
        * Templates already instantiated will be accessible thrught their
        layergroup so it is possible to continue requesting tiles/grids/etc.
 - Authorization is now handled by template maps
2015-01-22 15:40:40 +01:00
Raul Ochoa
64b5a64e1b Add templateMaps to serveroptions for the time being 2015-01-21 11:44:06 +01:00
Raul Ochoa
8bc08d75b7 Separate signed maps instantiation 2015-01-20 18:40:56 +01:00
Raul Ochoa
c14157acc2 Moves template routing 2015-01-20 18:16:09 +01:00
Raul Ochoa
595dac57a0 Moves setDBParams into controller 2015-01-20 18:14:10 +01:00
Raul Ochoa
5632b19e16 Remove unused functionality from app 2015-01-20 18:13:36 +01:00
Raul Ochoa
007196555d Use userByReq from serverOptions 2015-01-20 18:12:24 +01:00
Raul Ochoa
62ffc05ef4 Move template map instantiation into controller 2015-01-20 17:57:53 +01:00
Raul Ochoa
5962141114 Moves template options to controller 2015-01-20 17:45:47 +01:00
Raul Ochoa
7901a05b55 List templates moved into controller 2015-01-20 17:39:33 +01:00
Raul Ochoa
4c2a0ca048 Delete moved to controller 2015-01-20 17:34:23 +01:00
Raul Ochoa
b40c8e6624 Retrieve template moved to controller 2015-01-20 17:17:06 +01:00
Raul Ochoa
97d3b1a03b Move update template to controller 2015-01-20 17:07:55 +01:00
Raul Ochoa
fcea0c9b83 Move template creation to controller 2015-01-20 16:58:12 +01:00
Raul Ochoa
7ce8737e75 Initial split template maps endpoint into its own controller 2015-01-20 16:56:06 +01:00
Raul Ochoa
caa05e779a Add scale_factor param as valid one 2015-01-14 18:11:13 +01:00
Raul Ochoa
845ebcac15 Merge branch 'master' into static-controllers
Conflicts:
	npm-shrinkwrap.json
2015-01-13 12:45:37 +01:00
Raul Ochoa
3f1aa9955b Remove query tables api dependency from health check 2015-01-13 12:09:02 +01:00
Alejandro Martínez
96bcd14bb8 Remove PostgreSQL from health checks
This way the health checks will only check for Redis and Mapnik
initialization.
An empty tile without layers or datasources is generated.
2015-01-13 11:29:19 +01:00
Raul Ochoa
48d60821a7 Exposes http renderer config 2014-12-01 18:43:40 +01:00
Raul Ochoa
97c55c1187 Removes console.log 2014-11-05 15:42:16 +01:00
Raul Ochoa
7c389a8010 Health check endpoint 2014-11-05 15:06:01 +01:00
Raul Ochoa
c88330f5f2 Allow a different cache-control max-age for layergroup responses 2014-10-24 16:05:41 +02:00
Raul Ochoa
cf5e34eae6 Upgrades Windshaft to start reporting redis/renderers/mapnik pool metrics 2014-10-15 16:45:49 +02:00
Raul Ochoa
9f5faf7cf8 Server options to instantiate cartodb-redis with redis configuration if pool is not provided 2014-10-14 21:19:44 +02:00
Raul Ochoa
711c1a89ee Merge branch 'master' into one-redis-mpool 2014-10-14 18:23:17 +02:00
Raul Ochoa
774104b34e Defaults resultSet to object if undefined in QueryTablesApi 2014-10-13 15:24:14 +02:00
Raul Ochoa
3dad6e96e3 Merge branch 'master' into one-redis-mpool 2014-10-07 12:47:10 +02:00
Raul Ochoa
b4bee864d2 Lock now considers the creation time and compares against a ttl so
a lock is not keep forever in case of failure.

Pending: lazy removal of expired locks.
2014-09-25 19:00:35 +02:00
Raul Ochoa
3e571b4ce8 Use object.keys to iterate over objects 2014-09-25 12:17:32 +02:00
Raul Ochoa
fb8fd5121e Do not expose internal implementation 2014-09-25 12:16:34 +02:00
Raul Ochoa
ac2a3243b5 Don't cache regexes and avoid the _re hack 2014-09-25 12:04:52 +02:00
Raul Ochoa
1c10b8193b Adds dot to compile templates 2014-09-24 19:17:51 +02:00
Raul Ochoa
abf0fa1b32 Remove unused var 2014-09-24 19:12:43 +02:00
Raul Ochoa
4c5bc13c7f Check style fixes 2014-09-24 19:11:53 +02:00
Raul Ochoa
7009eb20f8 Check style fixes 2014-09-24 11:42:53 +02:00
Raul Ochoa
24cbd192aa Share one redis-mpool across the application 2014-09-24 11:42:36 +02:00
Raul Ochoa
9496d83d1c Adds poolSize configuration for mapnik 2014-09-18 19:06:45 +02:00
Raul Ochoa
7faff8f887 Removes cors metric 2014-08-26 11:53:59 +02:00
Raul Ochoa
f406001315 Removes get_infowindow and get_map_metadata metrics 2014-08-25 19:15:31 +02:00
Raul Ochoa
2b2020b43b Removes getTableGeometryType metric 2014-08-25 19:09:54 +02:00
Raul Ochoa
65e0364d37 Removes duplicated code in query_tables_api 2014-08-22 12:52:05 +02:00
Raul Ochoa
965e1cd0c4 Supports !scale_denominator! dynamic param in SQL queries 2014-08-22 10:16:39 +02:00
Raul Ochoa
a3a5964926 Upgrades dependencies 2014-08-14 19:54:45 +02:00
Raul Ochoa
6a8cff6fcd Merge branch 'remove-mapnik-dependency'
Conflicts:
	NEWS.md
2014-08-14 19:26:52 +02:00
Raul Ochoa
23a7684208 Removes mapnik dependency as it now relies on Windshaft to check mapnik version 2014-08-14 18:27:54 +02:00
Raul Ochoa
f2541d8cae Merge branch 'master' into CDB-3686
Conflicts:
	package.json
2014-08-13 15:31:22 +02:00
Raul Ochoa
40acf533ae Specifies name in the redis pool 2014-08-13 15:12:46 +02:00
Raul Ochoa
e7ab71c606 Merge branch 'master' into CDB-3686 2014-08-11 12:19:11 +02:00
Raul Ochoa
2ed656ca0d Upgrades windshaft (and grainstore) to be able to specify the tile
format, see: https://github.com/mapnik/mapnik/wiki/OutputFormats
2014-08-07 01:57:21 +02:00
Raul Ochoa
5cf79c82bb Configurable QueryTablesAPI to call directly postgresql using cartodb-psql
or to keep using a request to the SQL API
2014-08-06 21:48:08 +02:00
Raul Ochoa
d1373bec66 Improves SQL query for affected tables and last updated time 2014-08-04 17:48:59 +02:00
Raul Ochoa
dabcba9f5f Merge branch 'master' into CDB-3686 2014-08-04 13:11:40 +02:00
Raul Ochoa
414673b347 CDB-3657 Adds profiler as JSON to the header 2014-08-04 12:53:15 +02:00
Raul Ochoa
507a6a8979 CDB-3686 Style changes 2014-08-04 01:32:49 +02:00
Raul Ochoa
9f8d73a1df Removes duplicated file 2014-07-30 18:17:14 +02:00
Raul Ochoa
3af45e1a32 Moves calls to SQL API to its own entity.
Groups affected tables and last updated time for affected tables into one request.
2014-07-30 13:46:46 +02:00
Raul Ochoa
75088c89d3 Style fixes 2014-07-30 13:45:53 +02:00
Raul Ochoa
67df6a4d73 Adds support for several auth tokens 2014-07-08 10:35:45 +02:00
Raul Ochoa
f756b9d77f Removes search_path param 2014-07-04 12:18:35 +02:00
Raul Ochoa
bfdcee3772 Retrieving db public user from redis. It uses a new multiget method from cartodb-redis 2014-07-03 21:39:47 +02:00
Raul Ochoa
470aea22d9 Sets full search_path 2014-07-03 10:24:37 +02:00
javi
3806ad8843 Merge remote-tracking branch 'origin/CDB-2891-search_path' into multiuser 2014-06-27 09:10:39 +02:00
Raul Ochoa
037ce2dc12 CDB-2891 Exposes username as search_path in params 2014-06-27 00:48:48 +01:00
javi
338c0bcdbe use regclass instead table name to look for last_updated in CDB_tablemetadata 2014-06-26 15:00:55 +02:00
Raul Ochoa
4cf1ddd6fc CDB-3256 Adds response and method references to fake request object 2014-06-24 15:52:47 +02:00
Raul Ochoa
5e73b12cf5 CDB-3256 adds headers based on affected tables when creating a layergroup via HTTP GET 2014-06-24 12:16:30 +02:00
Sandro Santilli
49829f8935 Set default PostgreSQL application name to "cartodb_tiler" 2014-05-07 16:19:22 +02:00
Sandro Santilli
882ec65ba0 Use signer's map_key when contacting sql-api
Includes testcase.
Fixes #188
2014-04-08 09:44:49 +02:00
Sandro Santilli
9e495b42ee Do not cache non-success jsonp responses
Closes #186
Includes testcase
2014-03-21 13:58:20 +01:00
Sandro Santilli
60b552027b Add optional support for rollbar
Re-targets to 1.10.0
Also installs an uncaught exception handler

Closes #150
2014-03-12 17:21:35 +01:00
javi
5bfc360856 added serverMetadata option for layer group, close #182 CDB-1940 2014-03-06 15:19:12 +01:00
Sandro Santilli
0afc9c154b Cleanly catch exceptions from sendResponse
Closes #178
2014-03-04 18:04:58 +01:00
Sandro Santilli
97e00fb47d Do not send duplicated stats on template instanciation
Closes #179
2014-03-04 17:51:50 +01:00
Sandro Santilli
ffda103d61 Do not UNWATCH on every redis client release
Closes #161
2014-03-04 15:36:08 +01:00
Sandro Santilli
ecc9ea1226 Use 403 for forbidden, not 401
Includes upgrade of windshaft to 0.19.3
Includes upgrade of redis-mpool to 0.0.4
2014-03-04 15:32:31 +01:00
Sandro Santilli
93345a19b2 Do not log an error on GET /
Closes #177
2014-03-04 14:26:41 +01:00
Sandro Santilli
1741a20575 Do not cache map creation responses
Closes #176
CDB-1908 #resolve
CDB-1901 #resolve

Includes testcase
2014-03-04 10:46:15 +01:00
Sandro Santilli
30eb939dc7 Fix error message on missing requested signature
We don't really distinguish between missing or non-authorizing
signature. And that's fine. See #170
2014-03-03 18:14:17 +01:00
Sandro Santilli
40a254922a Raise 403 forbidden on missing requested signature
Closes #170
Includes testcase
2014-03-03 18:06:39 +01:00
Sandro Santilli
7bc5bab432 Properly prefix statsd labels for all endpoints
CDB-1861 #resolve
Will be 100% complete with update of Windshaft to 0.19.3+
2014-03-03 16:24:20 +01:00
Sandro Santilli
bddc65a504 Forbid instanciating templates of foreign users
Closes #173
Includes testcase
2014-02-28 16:05:46 +01:00
Sandro Santilli
ddd2628c19 Fix database connection settings on template instanciation
Closes #174
Enhances testsuite to ensure test.js settings are read
2014-02-28 15:56:31 +01:00
Sandro Santilli
f46dc90035 Forbid using map signatures of foreign users
Closes #173
Includes testcase
2014-02-28 13:24:38 +01:00
Sandro Santilli
55f333c0b7 Call userByReq() only once in req2params 2014-02-27 16:40:59 +01:00
Sandro Santilli
f24e4f8a0a Really skip CDB_TableMetadata lookup for sql affected by no tables
Closes #169
2014-02-27 15:34:09 +01:00
Sandro Santilli
36632c762e Do not query CDB_TableMetadata for queries affected by no tables
Closes #16
2014-02-27 12:32:34 +01:00
Sandro Santilli
f284362988 Reduce sql-api communication timeout, and allow overriding it
Introduces new sqlapi.timeout directive, defaults to 100 ms
Includes testcase.
Closes #167
2014-02-27 10:33:32 +01:00
Sandro Santilli
a13c1f61af Do not log an error for a legit request requiring no X-Cache-Channel 2014-02-24 17:34:00 +01:00
Sandro Santilli
5c466c51a8 Revert order of hostname components for statsd.prefix 2014-02-21 17:25:10 +01:00
Sandro Santilli
09ea924eb2 Allow using GET with sql-api for queries shorter than configured len
Introduces new sqlapi.max_get_sql_length directive, defaults to 2048.
Closes #155
Includes testcases.
2014-02-20 10:17:48 +01:00
Sandro Santilli
c8a042abdd Expand "addCacheChannel" stats 2014-02-19 18:10:33 +01:00
Sandro Santilli
b4fc8ec4a5 Allow using ":host" as part of statsd.prefix
It'll be replaced with hostname.
Closes #153
2014-02-19 15:31:12 +01:00
Sandro Santilli
6c6f3d02f6 Always generate X-Cache-Channel for token-based tile responses
Closes #152
2014-02-19 10:09:54 +01:00
Sandro Santilli
36a135f02b Refactor addCacheChannel using Step 2014-02-19 07:19:41 +01:00
Sandro Santilli
1c3734fde7 Make server_option a callable function, to reduce globals
Updates acceptance test for #152 to not mess wit internals
2014-02-19 06:45:29 +01:00
Sandro Santilli
3c09be64ce Add pending test for X-Cache-Channel on tiler restart (#152) 2014-02-18 18:33:00 +01:00
Sandro Santilli
c14378ca5d Avoid checking for table privacy when not using table maps
See #147
2014-02-17 18:20:18 +01:00
Sandro Santilli
26b9c8123d Set maxSocket to allow more than 5 concurrent connections to sql-api 2014-02-17 18:03:11 +01:00
Sandro Santilli
1f2e4edd35 Comments cleanup 2014-02-17 11:10:08 +01:00
Sandro Santilli
212eec2ca6 Pass profiler back to windshaft on createLayergroup 2014-02-17 08:50:12 +01:00
Sandro Santilli
935826ed1a Integrate statsd in template instanciation endpoint
NOTE: stats are only enabled using windshaft 0.18.2+
2014-02-15 08:23:43 +01:00
Sandro Santilli
8f3c6c3c87 Add profiler calls in template instanciation endpoint 2014-02-15 08:06:57 +01:00
Sandro Santilli
63401ca3df Use a single redis client in SignedMap.isAuthorized 2014-02-14 17:07:52 +01:00
Sandro Santilli
def474c611 Skip getting geometry type if request has no table 2014-02-14 12:26:34 +01:00
Sandro Santilli
c1b2d16119 rename tablePrivacy_getUserDBName profile label 2014-02-14 11:47:43 +01:00
Sandro Santilli
678d653ee9 Allow configuring TTL of mapConfigs via "mapConfigTTL" 2014-02-13 15:44:54 +01:00
Sandro Santilli
4a6af108b4 Fix use of maxUserTemplate configuration variable 2014-02-13 15:01:58 +01:00
Sandro Santilli
e4cd37647e Allow limiting number of allowed user templates
Adds maxUserTemplates directive.
Closes #136
2014-02-13 14:55:31 +01:00
Sandro Santilli
f7cef9dcd8 Fix bogus reference in SignedMaps when globals.environment is not set 2014-02-13 10:57:41 +01:00
Sandro Santilli
b673cb2a1f Add more detailed profile info about the "authorize" step
Closes #142
2014-02-13 10:25:28 +01:00
Sandro Santilli
e88e49001a Do not retrive user's api key if no api key was provided
Reduces redis interaction, see #142
2014-02-13 10:16:11 +01:00
Sandro Santilli
bf45bbea56 Do not send multiple equal commands to Varnish on connect
Closes #135
Also accept varnish "secret" in config
2014-02-12 16:14:27 +01:00
javi
01feeae6f4 include state configuration for windshaft fixes #139 2014-02-12 15:27:42 +01:00
Sandro Santilli
a948038ff4 Disable debug logging unless "debug" config param evaluates to true
Closes #137
2014-02-11 16:34:43 +01:00
Sandro Santilli
8c013ed2d1 Rename Step function in setDBConn 2014-02-11 13:42:44 +01:00
Sandro Santilli
7a749631e8 Fix profiler labels 2014-02-11 13:40:17 +01:00
Sandro Santilli
747f4803ba Include hash of template in the maptoken returned from instanciation
Doing so basically removes the need to include the template identifier
in the surrogate keys of the responses for resources fetched via
the instance whenever template is updated. See #105
2014-02-10 15:30:35 +01:00
Sandro Santilli
399bed34ad Do not try to replace template variables in undefined elements
See #133
2014-02-10 11:26:21 +01:00
Sandro Santilli
6b41fef96c Fix sendError calls to receive the full Error instance 2014-02-10 11:11:35 +01:00
Sandro Santilli
fe6e915c0d Always set database access parameters from req2params
Fixes privileged database access from unauthorized users while
fetching torque tiles or feature attributes (unreleased feature).
Closes #132.

Includes testcase, which closes #119
2014-02-07 18:08:41 +01:00
javi
f5e0d06e2f fixed when default value in a template attribute is a number and type = number checking fails fixed #130 2014-02-06 17:45:48 +01:00
javi
78f69d5236 template variables with spaces are not replaced correctly fixed #129 2014-02-06 17:33:26 +01:00
Sandro Santilli
b4936ffafa Do not allow creating template with auth='token' and no valid tokens
Closes #128
Includes acceptance test for both creation and update
2014-02-06 12:24:14 +01:00
Sandro Santilli
752e9ec655 Add checkInvalidCertificate method for SignedMap class
Includes unit test
2014-02-06 12:05:01 +01:00
Sandro Santilli
9018e39762 Make endpoints configurable
Closes #127
Uses /api/v1/maps* in the production and staging example configs,
keeps /maps* for development and test (they are examples...)
2014-02-05 15:14:47 +01:00
Sandro Santilli
a964ed5fe6 Implement Unified Map API
Closes #126
2014-02-04 19:04:59 +01:00
Sandro Santilli
b862904506 Be explicit about the map output srid configuration 2014-02-04 16:26:26 +01:00
javi
7197cc2d62 added stack to response in development mode 2014-02-04 14:58:21 +01:00
Sandro Santilli
978ea9cd04 Fix sqlapi request header to be "Host", not "Hostname"
Closes (better) #117 -- automated test included
2014-01-30 16:46:26 +01:00
Sandro Santilli
ca4f3d2025 Re-introduce sqlapi.host directive, allowing DNS lookups drop
For backward compatibility, sqlapi.host is only used if domain
is also defined and has a different value (empty string allowed).

Closes #117
2014-01-30 16:12:37 +01:00
Sandro Santilli
1f0faba71c Stop processing XML on renderer creation
Not needed anymore since 1.6.1 introduced on-demand XML generation.
2014-01-30 11:14:52 +01:00
Sandro Santilli
d32278b227 Rename template instanciation function 2014-01-29 14:30:27 +01:00
javi
ad0b2ffc8e added support for template instanciation with jsonp closes #116 2014-01-29 13:11:37 +01:00
Sandro Santilli
67e4e7e99b Set api_key to signer's when instanciating a template map
Closes #114
2014-01-28 12:37:41 +01:00
javi
92ca447c06 fixed #91 2014-01-28 12:05:01 +01:00
javi
e4e08db0b4 Merge branch 'master' of github.com:Vizzuality/Windshaft-cartodb 2014-01-22 19:10:37 +01:00
javi
164d952e56 support CORS in template instanciation endpoint, fixes #113 2014-01-22 19:10:09 +01:00
Sandro Santilli
5772c81590 Fix support for long (>64k chars) queries in layergroup creation
Closes #111. Includes testcase.
2014-01-16 17:20:30 +01:00
Sandro Santilli
f89fd98ed7 Expect malformed response objects (#109)
Include test for sql errors on layergroup creation
Closes #109
2014-01-15 11:53:19 +01:00
Sandro Santilli
d6fe5339cf Do not choke on headers cleanup when response headers are not set
Raise a WARNING instead.
See #107 (github) and CDB-1438 (JIRA)
2014-01-13 18:56:09 +01:00
Sandro Santilli
2690ef3f05 Drop cache headers from error responses.
Closes #107 (github), #resolve CDB-1423 (JIRA)
2014-01-13 11:20:02 +01:00
Sandro Santilli
4ee4492490 Yet another username extraction fix. Thanks again @demimismo.
Closes #100 (yet again)
2014-01-09 16:46:47 +01:00
Sandro Santilli
fcd17692ee Fix username extraction in another two places. Thanks @demimismo.
Closes #100 (again)
2014-01-09 15:36:16 +01:00
Sandro Santilli
ef3733aebe Improve error on attempt to delete missing template 2013-12-20 12:54:38 +01:00
Sandro Santilli
c7465479a2 Improve error on a signature certificate with no or broken auth 2013-12-20 10:41:27 +01:00
Sandro Santilli
50a902a90b Fix english of error message for sql-api connection problems 2013-12-18 12:59:26 +01:00
Sandro Santilli
0f90d687c7 Implement signed teplate maps
Closes #98

Raises minimum required redis version to 2.4.0+ (Debian stable has 2.4.14)
2013-12-17 17:39:21 +01:00
Sandro Santilli
84b7d78ea4 Add an utility authorizedByAPIKey method for reuse 2013-12-17 17:17:17 +01:00
Sandro Santilli
73a065c1cc Make sure user from domain is always computed locally
Involved upgrade of cartodb-redis to 0.3.0
Really closes #100
2013-12-17 17:17:17 +01:00
Sandro Santilli
1f693c6c78 Add 'user_from_host' directive to generalize username extraction
Closes #100
Default extractor is backward compatible
2013-12-17 17:17:17 +01:00
Sandro Santilli
e9db535dd8 Drop the idea that we can distinguish a "dbowner" from the domain
We only recognize "users"
2013-12-17 17:17:17 +01:00