Commit Graph

99 Commits

Author SHA1 Message Date
Raul Ochoa
3f0d344313 Changes rules for names in templates
Now valid names can start with numbers and can contain dashes (-).
Closes #306
2015-06-04 10:41:40 -04:00
Raul Ochoa
26545af9ae fix jshint 2015-04-27 18:03:15 +02:00
Raul Ochoa
1ee96f14ce fix jshint 2015-04-27 18:02:15 +02:00
Raul Ochoa
2250e6d608 fix jshint 2015-04-27 18:00:47 +02:00
Raul Ochoa
5ad27e4bf5 fix jshint 2015-04-27 17:58:56 +02:00
Raul Ochoa
f1e8c9a709 Tests for cdb request 2015-03-30 16:28:37 +02:00
Raul Ochoa
4be0a70362 Do not append interactivity to params, it is no longer
it will be used from mapconfig layer definition
2015-03-26 13:05:35 +01:00
Raul Ochoa
36ea58e750 no longer possible to set cache_buster request param 2015-03-23 18:03:19 +01:00
Raul Ochoa
c19f652ff3 Remove some old accepted query params 2015-03-23 17:54:37 +01:00
Raul Ochoa
efe090f5b0 Accept 'open' string in templated auth as authorized 2015-01-28 17:29:50 +01:00
Raul Ochoa
6ab6fd91e4 Merge pull request #248 from CartoDB/196-validate-layergroup-in-named-maps
Basic layergroup validation on named map creation/update
2015-01-26 17:04:48 +01:00
Raul Ochoa
e690170689 More exhaustive layergroup validation:
- layers is an array and it's not empty
- layers has at least options
2015-01-26 15:51:10 +01:00
Raul Ochoa
81f1b0dcf8 Adds tests for named maps surrogate keys and for invalidation 2015-01-26 15:02:28 +01:00
Raul Ochoa
11d9f5dd76 Basic layergroup validation on named map creation/update 2015-01-23 18:24:25 +01:00
Raul Ochoa
20eb92a3b1 Remove signedmaps and locks functionality as it is no longer needed 2015-01-22 19:28:59 +01:00
Raul Ochoa
8d22ed7594 Tests to validate template instantiation returns new instances with
default values if they are missing.
2015-01-22 18:38:42 +01:00
Raul Ochoa
981be0edd5 Replace signed maps auth tests with template maps tests 2015-01-22 17:55:47 +01:00
Raul Ochoa
e8ab3a48c6 Removes TemplateMaps dependency on SignedMaps
- Token validation is done against the template
 - Template is always extended with default values for auth and placeholders
 - MapConfig is extended, in order to validate auth_toknes, with template info:
    - template name
    - template auth
 - No more locks to create, update or delete templates
    - Trusting in redis' hash semantics
    - Some tradeoffs:
        * A client having more templates than allowed by a race condition
        between limit (HLEN) check and creation (HSET)
        * Updating a template could happen while the deleting it, resulting in
        in a new template
        * Templates already instantiated will be accessible thrught their
        layergroup so it is possible to continue requesting tiles/grids/etc.
 - Authorization is now handled by template maps
2015-01-22 15:40:40 +01:00
Raul Ochoa
b4bee864d2 Lock now considers the creation time and compares against a ttl so
a lock is not keep forever in case of failure.

Pending: lazy removal of expired locks.
2014-09-25 19:00:35 +02:00
Sandro Santilli
6824c09916 Change example test user and database names
This is to avoid a clash with cartodb test databases
2014-02-20 18:03:43 +01:00
Sandro Santilli
1c3734fde7 Make server_option a callable function, to reduce globals
Updates acceptance test for #152 to not mess wit internals
2014-02-19 06:45:29 +01:00
Sandro Santilli
e4cd37647e Allow limiting number of allowed user templates
Adds maxUserTemplates directive.
Closes #136
2014-02-13 14:55:31 +01:00
Sandro Santilli
fe6e915c0d Always set database access parameters from req2params
Fixes privileged database access from unauthorized users while
fetching torque tiles or feature attributes (unreleased feature).
Closes #132.

Includes testcase, which closes #119
2014-02-07 18:08:41 +01:00
javi
f5e0d06e2f fixed when default value in a template attribute is a number and type = number checking fails fixed #130 2014-02-06 17:45:48 +01:00
javi
78f69d5236 template variables with spaces are not replaced correctly fixed #129 2014-02-06 17:33:26 +01:00
Sandro Santilli
b4936ffafa Do not allow creating template with auth='token' and no valid tokens
Closes #128
Includes acceptance test for both creation and update
2014-02-06 12:24:14 +01:00
Sandro Santilli
752e9ec655 Add checkInvalidCertificate method for SignedMap class
Includes unit test
2014-02-06 12:05:01 +01:00
Sandro Santilli
0f90d687c7 Implement signed teplate maps
Closes #98

Raises minimum required redis version to 2.4.0+ (Debian stable has 2.4.14)
2013-12-17 17:39:21 +01:00
Sandro Santilli
6f689745c0 Fix lzma testcase 2013-12-17 17:17:16 +01:00
Sandro Santilli
63fd660eb1 Fix error handling in testcase 2013-12-17 17:17:16 +01:00
Sandro Santilli
385022de80 Revert "fixed #91" -- the fix was for an unconfirmed bug
This reverts commit 9155724082.
See #38 for further action
2013-12-17 17:17:16 +01:00
javi
a378fc4e68 fixed #91 2013-12-17 17:17:16 +01:00
Sandro Santilli
a60a3adc12 CartoDB redis interaction delegated to "cartodb-redis" module 2013-12-17 17:17:14 +01:00
Sandro Santilli
eb51d18012 Add support for specifying database connection passwords 2013-12-17 17:17:13 +01:00
Sandro Santilli
a27cf1b41c Do not let anonymous requests use authorized renderer caches
Puts dbuser in params, for correct use by Windshaft renderer cache.
Before this fix, and after commit 1c9f63c9, the renderer cache key
did not contain the db user.
2013-12-17 17:17:12 +01:00
Sandro Santilli
730f9534dc Clean handling of redis connection failures in testcase 2013-12-17 17:17:11 +01:00
javi
efa79b243c fixed lzma decoding to fix browser requirements 2013-04-24 15:10:58 +02:00
Sandro Santilli
e5af3b90f4 Revert "Require interactivity param in single-layer grid fetching request"
This reverts commit 3383c44eb7.

Fixes regression with default interactivity parameter.
Closes #74. See #69.
2013-04-05 18:11:36 +02:00
Sandro Santilli
3383c44eb7 Require interactivity param in single-layer grid fetching request
Closes #69
2013-03-29 18:25:28 +01:00
Sandro Santilli
996a565017 Adapt req2params test now that we throw on on missing user metadata 2012-10-05 16:11:00 +02:00
Sandro Santilli
352c209380 Replace "vizzuality.localhost.lan" with "localhost"
Fixes starving on DNS lookup in absence of an /etc/hosts entry.
Closes #36
2012-10-05 15:44:04 +02:00
Sandro Santilli
1c9f63c901 Add XML processor to change database user when authenticated 2012-09-03 14:54:23 +02:00
Sandro Santilli
0c8da93f0c Give more info about failing tests 2012-08-02 10:55:47 +02:00
Sandro Santilli
de275bfc50 Delegate user permission to PostgreSQL (closes #18)
If the request is authenticated (with map_key) then we log as the
database owner, otherwise we log as the default user.
The default user is now "publicuser" by default.

Raises dependency on Windshaft to 0.4.9+, to get the grainstore
version allowing override of database username.

Add test for req2params function, particularly authentication,
Add test for authenticated / unauthenticated access
2012-07-18 11:09:17 +02:00
Sandro Santilli
411332a28a Run tests with "make check" (#21) 2012-07-09 18:56:09 +02:00
Sandro Santilli
2b24e46f6c Port tests to mocha (closes #20) 2012-07-09 16:49:31 +02:00
Simon Tokumine
ef15f4b48b migrated to node-varnish, fixed tests, refactor 2011-12-12 18:02:10 +00:00
javi
f0b8c29b03 added ttl 2011-10-21 16:33:35 +02:00
Simon Tokumine
431fb56ad2 windshaft for cartodb 2011-09-05 00:00:41 +01:00