Commit Graph

1471 Commits

Author SHA1 Message Date
Sandro Santilli
8bd3b491d0 Use cluster2 for clustering (see #33) 2012-09-28 13:05:49 +02:00
Sandro Santilli
1601a02517 Update dependencies to have node-0.8 support 2012-09-28 13:04:32 +02:00
Sandro Santilli
738f47d968 Be tolerant about injections of CartoCSS versions 2012-09-27 10:42:29 +02:00
Sandro Santilli
11ae4d6ff1 Add test to check survival to unparseable style 2012-09-26 16:35:15 +02:00
Luis Bosque
694b425281 Merge branch 'release/staging' into develop 2012-09-25 17:32:03 +02:00
Luis Bosque
5d62c6b588 Merge branch 'release/staging' 2012-09-25 17:31:58 +02:00
Luis Bosque
d7839799ce added NEWS.md for 0.9.0 version 2012-09-25 13:46:41 +02:00
Sandro Santilli
4d524d88d2 Reduce GET style error verbosity 2012-09-25 10:18:47 +02:00
Sandro Santilli
bc506784ca Add an X-Cache-Channel header to all GET requests. Closes #53. 2012-09-25 09:27:03 +02:00
Sandro Santilli
446627e305 Fix iteration on redis keys 2012-09-21 19:07:38 +02:00
Sandro Santilli
29572d35fd Fix iteration on redis keys 2012-09-21 12:58:34 +02:00
Sandro Santilli
5c067b3939 Make test for unauthenticated style setting request predictable
Closes #50
2012-09-19 19:09:42 +02:00
Sandro Santilli
0654f2eae7 Tweak redis and hiredis deps to match those of Windshaft 2012-09-19 19:06:47 +02:00
Sandro Santilli
dd34fc507a Automated localization of external resources referenced in carto 2012-09-19 18:52:13 +02:00
Sandro Santilli
e1e5bb413e Fix test to use expected hostname 2012-09-19 18:13:28 +02:00
Sandro Santilli
adf1124e70 Add script to drop the XML element from all redis stored map styles
WARNING: as of grainstore-0.6.1 a map style with no XML will break
the application, so do _not_ run this script unless you're sure about
what you're doing.
2012-09-18 17:36:20 +02:00
Sandro Santilli
dcbe051654 Return 401 status for unauthorized requests (see #48) 2012-09-05 20:16:55 +02:00
Sandro Santilli
2ae159c568 Require windshaft-0.4.13, update expected response statuses 2012-09-05 20:06:43 +02:00
Sandro Santilli
b469d5eabf Rename authenticated postgresql user configuration setting
See issue #49
2012-09-05 15:49:10 +02:00
Sandro Santilli
5ca84d9ffc Always replace the database user parameter in the XML style
This provides for an automatic migration of styles to any new
authentication user.
2012-09-05 15:41:22 +02:00
Luis Bosque
c3091e50fc added staging to the list of allowed envs 2012-09-04 13:35:06 +02:00
Sandro Santilli
4a95342636 Add staging environment file 2012-09-04 10:52:42 +02:00
Sandro Santilli
87b0e07815 Expose Varnish cache TTL in configuration. Closes #46 2012-09-03 18:57:35 +02:00
Sandro Santilli
c23f136f04 Raise grainstore dependency, to avoid double install
I'm actually not sure Windshaft-cartodb uses grainstore directly,
but so far we've been requiring it from top-level...
2012-09-03 18:47:04 +02:00
Sandro Santilli
b9e29938e2 Compile XML processing regular expression only once.
Requests per second from ~95 to ~98 with a "standard" test.
2012-09-03 15:30:31 +02:00
Sandro Santilli
570f55dbbd Require windshaft >= 0.4.12 for XML postprocessing 2012-09-03 15:17:11 +02:00
Sandro Santilli
1c9f63c901 Add XML processor to change database user when authenticated 2012-09-03 14:54:23 +02:00
Sandro Santilli
de24f55e20 Add test for getting infowindow of private tables 2012-08-14 20:01:32 +02:00
Sandro Santilli
9ba80acab7 Properly bubble getInfowindow errors up to response 2012-08-14 20:01:05 +02:00
Sandro Santilli
b30c8d9a98 Send jsQuery ready error message on GET /infowindow errors 2012-08-14 20:00:26 +02:00
Sandro Santilli
ca47fbd10b Fix unauthenticated access to table styles. Closes #43.
Re-introduces use of the redis "privacy" hash key as an additional
security measure for requests that do not involve PostgreSQL access.

Accessing private table styles is tested with this commit.
Accessing private table metadata or infowindow is _not_ tested,
but should also be fixed now.
2012-08-14 19:26:40 +02:00
Sandro Santilli
d1869af134 Require at least grainstore 0.3.2, for proper mapnik-2.0 target 2012-08-14 19:06:11 +02:00
Sandro Santilli
fb3f3a312e Really fix setting or deleting styles from unauth. request
Closes #44
2012-08-14 16:15:41 +02:00
Sandro Santilli
39bc387f97 Add test for getting style of private table (auth or not)
NOTE: the unauthorized request CAN GET the style of a private table.
This needs to be fixed (see #43) -- meanwhile the test is disabled.
2012-08-14 15:32:36 +02:00
Sandro Santilli
9e484f9aea Add tests for getting the GRID of private tables (auth or not) 2012-08-14 15:31:58 +02:00
Sandro Santilli
461c0343bd typo in comment 2012-08-14 15:13:23 +02:00
Sandro Santilli
070c6da6da Rationalize acceptance test dividing tests in sections 2012-08-14 15:06:04 +02:00
Sandro Santilli
b5348db94c Add CORS headers to all requests
In addition to the ones served by the base Windshaft server this commit
adds CORS headers to the GET /infowindow, GET /map_metadata and
DEL /flush_cache requests. Closes issue #42.
2012-08-14 14:50:18 +02:00
Sandro Santilli
282ac94e29 Prevent unauthenticated requests from changing map styles 2012-08-07 17:10:15 +02:00
Sandro Santilli
6a92fd3170 Propagate style changes to caches for unauthenticated requests
Closes #41, does it implementing the new afterStyleChange and
afterStyleDelete callbacks in Windshaft 0.4.10.

Adds automated testcases for the bug.
2012-08-07 16:11:49 +02:00
Sandro Santilli
c0eaf826ab Add another test for authentications using old redis key (#39) 2012-08-02 11:17:53 +02:00
Sandro Santilli
651c45bc16 Use the correct redis variable for checking map key (closes #39)
Includes testcase
2012-08-02 11:15:01 +02:00
Sandro Santilli
0c8da93f0c Give more info about failing tests 2012-08-02 10:55:47 +02:00
Sandro Santilli
406902f74e Make benchmarker executable 2012-07-25 18:29:43 +02:00
Sandro Santilli
d3a539da93 Backport benchmark changes to master branch 2012-07-25 18:10:40 +02:00
Sandro Santilli
de275bfc50 Delegate user permission to PostgreSQL (closes #18)
If the request is authenticated (with map_key) then we log as the
database owner, otherwise we log as the default user.
The default user is now "publicuser" by default.

Raises dependency on Windshaft to 0.4.9+, to get the grainstore
version allowing override of database username.

Add test for req2params function, particularly authentication,
Add test for authenticated / unauthenticated access
2012-07-18 11:09:17 +02:00
Sandro Santilli
c918b09e64 Require carto_data only after setting the global env (closes #28)
This one is for "cluster.js", the previous was for app.js
2012-07-10 20:39:24 +02:00
Sandro Santilli
d18cf96007 More quoting (really closes #30)
It seems redis only like double quotes
2012-07-10 19:38:45 +02:00
Sandro Santilli
d9b7bfff2c Properly quote database name
Seems to fix #30, but also reveals that a FLUSHALL is also needed
when redis is started by ourselves...
2012-07-10 19:28:16 +02:00
Sandro Santilli
e628b8249a Require global leak free node-varnish 0.1.1 (closes #25)
Also stop ignoring leaks and run mocha once for all tests
2012-07-10 16:37:32 +02:00