2011-09-05 07:00:41 +08:00
|
|
|
var _ = require('underscore')
|
|
|
|
, Step = require('step')
|
2013-11-16 02:14:00 +08:00
|
|
|
, cartoData = require('cartodb-redis')(global.environment.redis)
|
2012-09-24 23:57:39 +08:00
|
|
|
, Cache = require('./cache_validator')
|
|
|
|
, mapnik = require('mapnik')
|
2013-03-13 23:45:15 +08:00
|
|
|
, crypto = require('crypto')
|
|
|
|
, request = require('request')
|
2013-03-23 01:55:59 +08:00
|
|
|
, LZMA = require('lzma/lzma_worker.js').LZMA
|
2012-09-24 23:57:39 +08:00
|
|
|
;
|
2011-09-05 07:00:41 +08:00
|
|
|
|
2013-08-21 16:11:30 +08:00
|
|
|
// This is for backward compatibility with 1.3.3
|
2013-09-12 22:19:01 +08:00
|
|
|
if ( _.isUndefined(global.environment.sqlapi.domain) ) {
|
2014-01-30 23:09:13 +08:00
|
|
|
// Only use "host" as "domain" if it contains alphanumeric characters
|
|
|
|
var host = global.environment.sqlapi.host;
|
|
|
|
if ( host && host.match(/[a-zA-Z]/) ) {
|
|
|
|
global.environment.sqlapi.domain = host;
|
|
|
|
}
|
2013-09-12 21:36:50 +08:00
|
|
|
}
|
2013-08-21 16:11:30 +08:00
|
|
|
|
2011-09-05 07:00:41 +08:00
|
|
|
module.exports = function(){
|
2013-02-25 23:53:57 +08:00
|
|
|
|
|
|
|
var rendererConfig = _.defaults(global.environment.renderer || {}, {
|
2013-06-28 23:58:11 +08:00
|
|
|
cache_ttl: 60000, // milliseconds
|
2013-02-25 23:53:57 +08:00
|
|
|
metatile: 4,
|
|
|
|
bufferSize: 64
|
|
|
|
});
|
|
|
|
|
2011-09-05 07:00:41 +08:00
|
|
|
var me = {
|
2014-02-05 22:14:47 +08:00
|
|
|
// This is for inline maps and table maps
|
|
|
|
base_url: global.environment.base_url_legacy || '/tiles/:table',
|
|
|
|
|
2014-02-05 02:04:59 +08:00
|
|
|
/// @deprecated with Windshaft-0.17.0
|
2014-02-05 22:14:47 +08:00
|
|
|
///base_url_notable: '/tiles',
|
|
|
|
|
|
|
|
// This is for Detached maps
|
|
|
|
//
|
2014-02-05 02:04:59 +08:00
|
|
|
// "maps" is the official, while
|
|
|
|
// "tiles/layergroup" is for backward compatibility up to 1.6.x
|
2014-02-05 22:14:47 +08:00
|
|
|
//
|
|
|
|
base_url_mapconfig: global.environment.base_url_detached || '(?:/maps|/tiles/layergroup)',
|
|
|
|
|
2012-09-20 00:52:13 +08:00
|
|
|
grainstore: {
|
2014-02-04 23:26:03 +08:00
|
|
|
map: {
|
|
|
|
// TODO: allow to specify in configuration
|
|
|
|
srid: 3857
|
|
|
|
},
|
2012-09-20 00:52:13 +08:00
|
|
|
datasource: global.environment.postgres,
|
2012-09-24 23:57:39 +08:00
|
|
|
cachedir: global.environment.millstone.cache_basedir,
|
2013-06-26 22:26:02 +08:00
|
|
|
mapnik_version: global.environment.mapnik_version || mapnik.versions.mapnik,
|
2014-02-13 22:44:54 +08:00
|
|
|
default_layergroup_ttl: global.environment.mapConfigTTL || 7200,
|
|
|
|
gc_prob: 0.01 // @deprecated since Windshaft-1.8.0
|
2012-09-20 00:52:13 +08:00
|
|
|
},
|
2013-02-25 23:53:57 +08:00
|
|
|
mapnik: {
|
|
|
|
metatile: rendererConfig.metatile,
|
|
|
|
bufferSize: rendererConfig.bufferSize
|
|
|
|
},
|
2014-02-12 22:27:42 +08:00
|
|
|
statsd: global.environment.statsd,
|
2013-02-25 23:53:57 +08:00
|
|
|
renderCache: {
|
|
|
|
ttl: rendererConfig.cache_ttl
|
|
|
|
},
|
2011-09-20 09:27:23 +08:00
|
|
|
redis: global.environment.redis,
|
2011-10-13 21:22:54 +08:00
|
|
|
enable_cors: global.environment.enable_cors,
|
2012-05-02 02:00:14 +08:00
|
|
|
varnish_host: global.environment.varnish.host,
|
|
|
|
varnish_port: global.environment.varnish.port,
|
2014-02-12 22:34:19 +08:00
|
|
|
varnish_secret: global.environment.varnish.secret,
|
2012-05-03 02:32:54 +08:00
|
|
|
cache_enabled: global.environment.cache_enabled,
|
2013-07-16 21:59:34 +08:00
|
|
|
log_format: global.environment.log_format,
|
|
|
|
useProfiler: global.environment.useProfiler
|
2012-05-03 02:32:54 +08:00
|
|
|
};
|
2014-03-04 22:36:08 +08:00
|
|
|
|
|
|
|
// Do not send unwatch on release
|
|
|
|
// See http://github.com/CartoDB/Windshaft-cartodb/issues/161
|
|
|
|
me.redis.unwatchOnRelease = false;
|
2012-05-03 02:32:54 +08:00
|
|
|
|
2012-10-09 17:45:57 +08:00
|
|
|
// Be nice and warn if configured mapnik version
|
|
|
|
// is != instaled mapnik version
|
|
|
|
if ( mapnik.versions.mapnik != me.grainstore.mapnik_version ) {
|
|
|
|
console.warn("WARNING: detected mapnik version ("
|
|
|
|
+ mapnik.versions.mapnik + ") != configured mapnik version ("
|
|
|
|
+ me.grainstore.mapnik_version + ")");
|
|
|
|
}
|
|
|
|
|
2013-03-13 23:45:15 +08:00
|
|
|
/* This whole block is about generating X-Cache-Channel { */
|
|
|
|
|
|
|
|
// TODO: review lifetime of elements of this cache
|
|
|
|
// NOTE: by-token indices should only be dropped when
|
|
|
|
// the corresponding layegroup is dropped, because
|
|
|
|
// we have no SQL after layer creation.
|
|
|
|
me.channelCache = {};
|
|
|
|
|
2013-03-14 01:41:37 +08:00
|
|
|
// Run a query through the SQL api
|
|
|
|
me.sqlQuery = function (username, api_key, sql, callback) {
|
2013-03-13 23:45:15 +08:00
|
|
|
var api = global.environment.sqlapi;
|
|
|
|
|
|
|
|
// build up api string
|
2014-01-30 23:09:13 +08:00
|
|
|
var sqlapihostname = username;
|
|
|
|
if ( api.domain ) sqlapihostname += '.' + api.domain;
|
|
|
|
|
|
|
|
var sqlapi = api.protocol + '://';
|
|
|
|
if ( api.host && api.host != api.domain ) sqlapi += api.host;
|
|
|
|
else sqlapi += sqlapihostname;
|
|
|
|
sqlapi += ':' + api.port + '/api/' + api.version + '/sql';
|
2013-03-13 23:45:15 +08:00
|
|
|
|
2013-03-14 01:41:37 +08:00
|
|
|
var qs = { q: sql }
|
2013-03-13 23:45:15 +08:00
|
|
|
|
|
|
|
// add api_key if given
|
2013-03-14 01:41:37 +08:00
|
|
|
if (_.isString(api_key) && api_key != '') { qs.api_key = api_key; }
|
2013-03-13 23:45:15 +08:00
|
|
|
|
|
|
|
// call sql api
|
2014-01-17 00:20:30 +08:00
|
|
|
//
|
|
|
|
// NOTE: using POST to avoid size limits:
|
2014-02-17 18:10:08 +08:00
|
|
|
// See http://github.com/CartoDB/Windshaft-cartodb/issues/111
|
2014-01-17 00:20:30 +08:00
|
|
|
//
|
2014-02-17 18:10:08 +08:00
|
|
|
// NOTE: uses "host" header to allow IP based specification
|
2014-01-17 00:20:30 +08:00
|
|
|
// of sqlapi address (and avoid a DNS lookup)
|
|
|
|
//
|
2014-02-18 01:03:11 +08:00
|
|
|
// NOTE: allows for keeping up to "maxConnections" concurrent
|
|
|
|
// sockets opened per SQL-API host.
|
|
|
|
// See http://nodejs.org/api/http.html#http_agent_maxsockets
|
|
|
|
//
|
|
|
|
var maxSockets = global.environment.maxConnections || 128;
|
2014-02-20 17:17:48 +08:00
|
|
|
var maxGetLen = api.max_get_sql_length || 2048;
|
2014-02-27 17:26:42 +08:00
|
|
|
var maxSQLTime = api.timeout || 100; // 1/10 of a second by default
|
2014-02-20 17:17:48 +08:00
|
|
|
var reqSpec = {
|
|
|
|
url:sqlapi,
|
|
|
|
json:true,
|
|
|
|
headers:{host: sqlapihostname}
|
|
|
|
// http://nodejs.org/api/http.html#http_agent_maxsockets
|
|
|
|
,pool:{maxSockets:maxSockets}
|
2014-02-27 17:26:42 +08:00
|
|
|
// timeout in milliseconds
|
|
|
|
,timeout:maxSQLTime
|
2014-02-20 17:17:48 +08:00
|
|
|
}
|
|
|
|
if ( sql.length > maxGetLen ) {
|
|
|
|
reqSpec.method = 'POST';
|
|
|
|
reqSpec.body = qs;
|
|
|
|
} else {
|
|
|
|
reqSpec.method = 'GET';
|
|
|
|
reqSpec.qs = qs;
|
|
|
|
}
|
|
|
|
request(reqSpec, function(err, res, body) {
|
2013-03-13 23:45:15 +08:00
|
|
|
if (err){
|
2013-12-18 19:59:26 +08:00
|
|
|
console.log('ERROR connecting to SQL API on ' + sqlapi + ': ' + err);
|
2013-03-14 01:41:37 +08:00
|
|
|
callback(err);
|
2013-03-13 23:45:15 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (res.statusCode != 200) {
|
|
|
|
var msg = res.body.error ? res.body.error : res.body;
|
2013-06-11 16:26:35 +08:00
|
|
|
callback(new Error(msg));
|
|
|
|
console.log('unexpected response status (' + res.statusCode + ') for sql query: ' + sql + ': ' + msg);
|
2013-03-13 23:45:15 +08:00
|
|
|
return;
|
2013-09-12 21:36:50 +08:00
|
|
|
}
|
2013-03-14 01:41:37 +08:00
|
|
|
callback(null, body.rows);
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
2013-05-30 22:48:40 +08:00
|
|
|
//
|
|
|
|
// Invoke callback with number of milliseconds since
|
|
|
|
// last update in any of the given tables
|
|
|
|
//
|
2013-03-14 01:41:37 +08:00
|
|
|
me.findLastUpdated = function (username, api_key, tableNames, callback) {
|
2013-03-21 18:39:55 +08:00
|
|
|
var sql = 'SELECT EXTRACT(EPOCH FROM max(updated_at)) as max FROM CDB_TableMetadata m WHERE m.tabname::name = any (\'{'
|
|
|
|
+ tableNames.join(',') + '}\')';
|
2013-03-14 01:41:37 +08:00
|
|
|
|
|
|
|
// call sql api
|
|
|
|
me.sqlQuery(username, api_key, sql, function(err, rows){
|
|
|
|
if (err){
|
|
|
|
var msg = err.message ? err.message : err;
|
|
|
|
callback(new Error('could not find last updated timestamp: ' + msg));
|
|
|
|
return;
|
|
|
|
}
|
2013-03-21 18:39:55 +08:00
|
|
|
// when the table has not updated_at means it hasn't been changed so a default last_updated is set
|
|
|
|
var last_updated = 0;
|
|
|
|
if(rows.length !== 0) {
|
|
|
|
last_updated = rows[0].max || 0;
|
|
|
|
}
|
2013-05-30 22:48:40 +08:00
|
|
|
callback(null, last_updated*1000);
|
2013-03-14 01:41:37 +08:00
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
me.affectedTables = function (username, api_key, sql, callback) {
|
|
|
|
|
2013-04-23 23:12:10 +08:00
|
|
|
// Replace mapnik tokens
|
|
|
|
sql = sql.replace(RegExp('!bbox!', 'g'), 'ST_MakeEnvelope(0,0,0,0)')
|
|
|
|
.replace(RegExp('!pixel_width!', 'g'), '1')
|
|
|
|
.replace(RegExp('!pixel_height!', 'g'), '1')
|
|
|
|
;
|
|
|
|
|
|
|
|
// Pass to CDB_QueryTables
|
|
|
|
sql = 'SELECT CDB_QueryTables($windshaft$' + sql + '$windshaft$)';
|
2013-03-14 01:41:37 +08:00
|
|
|
|
|
|
|
// call sql api
|
|
|
|
me.sqlQuery(username, api_key, sql, function(err, rows){
|
|
|
|
if (err){
|
|
|
|
var msg = err.message ? err.message : err;
|
|
|
|
callback(new Error('could not fetch source tables: ' + msg));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
var qtables = rows[0].cdb_querytables;
|
2013-03-13 23:45:15 +08:00
|
|
|
var tableNames = qtables.split(/^\{(.*)\}$/)[1];
|
2014-02-27 22:34:09 +08:00
|
|
|
tableNames = tableNames ? tableNames.split(',') : [];
|
2013-03-13 23:45:15 +08:00
|
|
|
callback(null, tableNames);
|
|
|
|
});
|
2013-03-14 01:41:37 +08:00
|
|
|
};
|
2013-03-13 23:45:15 +08:00
|
|
|
|
|
|
|
me.buildCacheChannel = function (dbName, tableNames){
|
2013-03-14 01:41:37 +08:00
|
|
|
return dbName + ':' + tableNames.join(',');
|
2013-03-13 23:45:15 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
me.generateMD5 = function(data){
|
|
|
|
var hash = crypto.createHash('md5');
|
|
|
|
hash.update(data);
|
|
|
|
return hash.digest('hex');
|
|
|
|
}
|
|
|
|
|
2014-02-19 17:08:25 +08:00
|
|
|
me.generateCacheChannel = function(app, req, callback){
|
2013-03-13 23:45:15 +08:00
|
|
|
|
2014-02-20 01:10:33 +08:00
|
|
|
// Build channelCache key
|
2014-02-19 14:19:41 +08:00
|
|
|
var dbName = req.params.dbname;
|
2013-03-13 23:45:15 +08:00
|
|
|
var cacheKey = [ dbName ];
|
|
|
|
if ( req.params.token ) cacheKey.push(req.params.token);
|
|
|
|
else if ( req.params.sql ) cacheKey.push( me.generateMD5(req.params.sql) );
|
|
|
|
cacheKey = cacheKey.join(':');
|
|
|
|
|
2014-02-19 14:19:41 +08:00
|
|
|
var that = this;
|
|
|
|
|
|
|
|
Step (
|
|
|
|
function checkCached() {
|
|
|
|
if ( me.channelCache.hasOwnProperty(cacheKey) ) {
|
|
|
|
callback(null, me.channelCache[cacheKey]);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
},
|
|
|
|
function extractSQL(err) {
|
|
|
|
if ( err ) throw err;
|
|
|
|
|
|
|
|
if ( req.params.token ) {
|
|
|
|
// TODO: cached cache channel for token-based access should
|
|
|
|
// be constructed at renderer cache creation time
|
|
|
|
// See http://github.com/CartoDB/Windshaft-cartodb/issues/152
|
2014-02-19 17:08:25 +08:00
|
|
|
if ( ! app.mapStore ) {
|
|
|
|
throw new Error('missing channel cache for token ' + req.params.token);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
var next = this;
|
|
|
|
var mapStore = app.mapStore;
|
|
|
|
Step(
|
|
|
|
function loadFromStore() {
|
|
|
|
mapStore.load(req.params.token, this);
|
|
|
|
},
|
|
|
|
function getSQL(err, mapConfig) {
|
2014-02-20 01:10:33 +08:00
|
|
|
if (req.profiler) req.profiler.done('mapStore_load');
|
2014-02-19 17:08:25 +08:00
|
|
|
if ( err ) throw err;
|
|
|
|
var sql = [];
|
|
|
|
_.each(mapConfig.obj().layers, function(lyr) {
|
|
|
|
sql.push(lyr.options.sql);
|
|
|
|
});
|
|
|
|
sql = sql.join(';');
|
|
|
|
return sql;
|
|
|
|
},
|
|
|
|
function finish(err, sql) {
|
|
|
|
next(err, sql);
|
|
|
|
}
|
|
|
|
);
|
2014-02-19 14:19:41 +08:00
|
|
|
return;
|
|
|
|
}
|
2014-02-19 17:08:25 +08:00
|
|
|
|
|
|
|
if ( ! req.params.sql ) {
|
2014-02-19 14:19:41 +08:00
|
|
|
return null; // no sql
|
|
|
|
}
|
|
|
|
|
|
|
|
// We have sql, and no token...
|
|
|
|
|
|
|
|
// strip out windshaft/mapnik inserted sql if present
|
|
|
|
var sql = req.params.sql.match(/^\((.*)\)\sas\scdbq$/);
|
|
|
|
sql = (sql != null) ? sql[1] : req.params.sql;
|
|
|
|
|
|
|
|
return sql;
|
|
|
|
},
|
|
|
|
function findAffectedTables(err, sql) {
|
|
|
|
if ( err ) throw err;
|
|
|
|
if ( ! sql ) {
|
|
|
|
if ( ! req.params.table ) {
|
|
|
|
throw new Error("this request doesn't need an X-Cache-Channel generated");
|
|
|
|
}
|
|
|
|
return [req.params.table];
|
|
|
|
}
|
2014-04-08 15:16:16 +08:00
|
|
|
var user, key;
|
|
|
|
var next = this;
|
|
|
|
Step (
|
|
|
|
function findUserKey() {
|
|
|
|
if ( req.params.hasOwnProperty('_authorizedBySigner') ) {
|
|
|
|
user = req.params._authorizedBySigner;
|
|
|
|
cartoData.getUserMapKey(user, this);
|
|
|
|
} else {
|
|
|
|
user = that.userByReq(req);
|
|
|
|
key = req.params.map_key || req.params.api_key;
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
},
|
|
|
|
function getAffected(err, data) {
|
|
|
|
if ( err ) throw err;
|
|
|
|
if ( data ) {
|
|
|
|
if ( req.profiler ) req.profiler.done('getSignerMapKey');
|
|
|
|
key = data;
|
|
|
|
}
|
|
|
|
me.affectedTables(user, key, sql, this); // in addCacheChannel
|
|
|
|
},
|
|
|
|
function finish(err, data) {
|
|
|
|
next(err,data);
|
|
|
|
}
|
|
|
|
);
|
2014-02-19 14:19:41 +08:00
|
|
|
},
|
|
|
|
function buildCacheChannel(err, tableNames) {
|
|
|
|
if ( err ) throw err;
|
2014-02-20 01:10:33 +08:00
|
|
|
if (req.profiler && ! req.params.table ) {
|
|
|
|
req.profiler.done('affectedTables');
|
|
|
|
}
|
2014-02-19 14:19:41 +08:00
|
|
|
|
|
|
|
var dbName = req.params.dbname;
|
2013-03-13 23:45:15 +08:00
|
|
|
var cacheChannel = me.buildCacheChannel(dbName,tableNames);
|
2014-02-19 01:33:00 +08:00
|
|
|
// store for caching from me.generateCacheChannel
|
2014-02-19 14:19:41 +08:00
|
|
|
// (not worth when table was specified in params)
|
|
|
|
if ( ! req.params.table ) {
|
|
|
|
me.channelCache[cacheKey] = cacheChannel;
|
|
|
|
}
|
|
|
|
return cacheChannel;
|
|
|
|
},
|
|
|
|
function finish(err, cacheChannel) {
|
|
|
|
callback(err, cacheChannel);
|
|
|
|
}
|
|
|
|
);
|
2013-03-13 23:45:15 +08:00
|
|
|
};
|
|
|
|
|
2012-09-25 00:57:48 +08:00
|
|
|
// Set the cache chanel info to invalidate the cache on the frontend server
|
|
|
|
//
|
|
|
|
// @param req The request object.
|
|
|
|
// The function will have no effect unless req.res exists.
|
|
|
|
// It is expected that req.params contains 'table' and 'dbname'
|
|
|
|
//
|
|
|
|
// @param cb function(err, channel) will be called when ready.
|
|
|
|
// the channel parameter will be null if nothing was added
|
|
|
|
//
|
2014-02-19 17:08:25 +08:00
|
|
|
me.addCacheChannel = function(app, req, cb) {
|
2012-09-25 00:57:48 +08:00
|
|
|
// skip non-GET requests, or requests for which there's no response
|
|
|
|
if ( req.method != 'GET' || ! req.res ) { cb(null, null); return; }
|
2014-02-20 01:10:33 +08:00
|
|
|
if (req.profiler) req.profiler.start('addCacheChannel');
|
2012-09-25 00:57:48 +08:00
|
|
|
var res = req.res;
|
2013-03-13 17:36:28 +08:00
|
|
|
var cache_policy = req.query.cache_policy;
|
2013-07-08 18:13:45 +08:00
|
|
|
if ( req.params.token ) cache_policy = 'persist';
|
2013-03-13 17:36:28 +08:00
|
|
|
if ( cache_policy == 'persist' ) {
|
|
|
|
res.header('Cache-Control', 'public,max-age=31536000'); // 1 year
|
|
|
|
} else {
|
|
|
|
var ttl = global.environment.varnish.ttl || 86400;
|
|
|
|
res.header('Cache-Control', 'no-cache,max-age='+ttl+',must-revalidate, public');
|
|
|
|
}
|
2013-03-13 23:45:15 +08:00
|
|
|
|
2013-07-15 19:14:06 +08:00
|
|
|
// Set Last-Modified header
|
2013-07-15 19:48:06 +08:00
|
|
|
var lastUpdated;
|
|
|
|
if ( req.params.cache_buster ) {
|
|
|
|
// Assuming cache_buster is a timestamp
|
|
|
|
// FIXME: store lastModified in the cache channel instead
|
|
|
|
lastUpdated = new Date(parseInt(req.params.cache_buster));
|
|
|
|
} else {
|
|
|
|
lastUpdated = new Date();
|
|
|
|
}
|
|
|
|
res.header('Last-Modified', lastUpdated.toUTCString());
|
2013-07-15 18:02:54 +08:00
|
|
|
|
2014-02-19 17:08:25 +08:00
|
|
|
me.generateCacheChannel(app, req, function(err, channel){
|
2014-02-20 01:10:33 +08:00
|
|
|
if (req.profiler) req.profiler.done('generateCacheChannel');
|
|
|
|
if (req.profiler) req.profiler.end();
|
2013-03-13 17:36:28 +08:00
|
|
|
if ( ! err ) {
|
|
|
|
res.header('X-Cache-Channel', channel);
|
2013-09-12 21:36:50 +08:00
|
|
|
cb(null, channel);
|
2012-10-24 15:40:05 +08:00
|
|
|
} else {
|
2013-03-13 17:36:28 +08:00
|
|
|
console.log('ERROR generating cache channel: ' + ( err.message ? err.message : err ));
|
|
|
|
// TODO: evaluate if we should bubble up the error instead
|
|
|
|
cb(null, 'ERROR');
|
2012-10-24 15:40:05 +08:00
|
|
|
}
|
2012-09-25 00:57:48 +08:00
|
|
|
});
|
2013-03-13 23:45:15 +08:00
|
|
|
};
|
|
|
|
|
2013-04-02 19:30:49 +08:00
|
|
|
me.afterLayergroupCreate = function(req, mapconfig, response, callback) {
|
2013-03-13 23:45:15 +08:00
|
|
|
var token = response.layergroupid;
|
|
|
|
|
2013-12-17 00:34:58 +08:00
|
|
|
var username = this.userByReq(req);
|
2013-04-12 23:28:34 +08:00
|
|
|
|
|
|
|
var tasksleft = 2; // redis key and affectedTables
|
|
|
|
var errors = [];
|
|
|
|
|
|
|
|
var done = function(err) {
|
|
|
|
if ( err ) {
|
|
|
|
errors.push('' + err);
|
|
|
|
}
|
|
|
|
if ( ! --tasksleft ) {
|
|
|
|
err = errors.length ? new Error(errors.join('\n')) : null;
|
|
|
|
callback(err);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-03-06 22:19:12 +08:00
|
|
|
// include in layergroup response the variables in serverMedata
|
|
|
|
// those variables are useful to send to the client information
|
|
|
|
// about how to reach this server or information about it
|
|
|
|
var serverMetadata = global.environment.serverMetadata;
|
|
|
|
if (serverMetadata) {
|
|
|
|
_.extend(response, serverMetadata);
|
|
|
|
}
|
|
|
|
|
2013-04-12 23:28:34 +08:00
|
|
|
// Don't wait for the mapview count increment to
|
|
|
|
// take place before proceeding. Error will be logged
|
|
|
|
// asyncronously
|
2013-06-04 19:29:36 +08:00
|
|
|
cartoData.incMapviewCount(username, mapconfig.stat_tag, function(err) {
|
2013-09-19 21:34:03 +08:00
|
|
|
if (req.profiler) req.profiler.done('incMapviewCount');
|
2013-04-12 23:28:34 +08:00
|
|
|
if ( err ) console.log("ERROR: failed to increment mapview count for user '" + username + "': " + err);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
|
2013-03-13 23:45:15 +08:00
|
|
|
var sql = [];
|
|
|
|
_.each(mapconfig.layers, function(lyr) {
|
|
|
|
sql.push(lyr.options.sql);
|
|
|
|
});
|
|
|
|
sql = sql.join(';');
|
|
|
|
|
|
|
|
var dbName = req.params.dbname;
|
2014-01-09 23:46:47 +08:00
|
|
|
var usr = this.userByReq(req);
|
2014-01-28 19:05:01 +08:00
|
|
|
var key = req.params.map_key || req.params.api_key;
|
2013-03-13 23:45:15 +08:00
|
|
|
|
|
|
|
var cacheKey = dbName + ':' + token;
|
2014-02-27 19:32:34 +08:00
|
|
|
var tabNames;
|
2013-03-13 23:45:15 +08:00
|
|
|
|
2014-02-27 19:32:34 +08:00
|
|
|
Step(
|
|
|
|
function getTables() {
|
2014-04-08 15:16:16 +08:00
|
|
|
me.affectedTables(usr, key, sql, this); // in afterLayergroupCreate
|
2014-02-27 19:32:34 +08:00
|
|
|
},
|
|
|
|
function getLastupdated(err, tableNames) {
|
2013-09-19 21:34:03 +08:00
|
|
|
if (req.profiler) req.profiler.done('affectedTables');
|
2014-02-27 19:32:34 +08:00
|
|
|
if ( err ) throw err;
|
2013-03-13 23:45:15 +08:00
|
|
|
var cacheChannel = me.buildCacheChannel(dbName,tableNames);
|
2014-02-19 01:33:00 +08:00
|
|
|
// store for caching from me.afterLayergroupCreate
|
|
|
|
me.channelCache[cacheKey] = cacheChannel;
|
2014-06-24 18:16:30 +08:00
|
|
|
if (req.res && req.method == 'GET') {
|
|
|
|
var res = req.res;
|
|
|
|
if ( req.query && req.query.cache_policy == 'persist' ) {
|
|
|
|
res.header('Cache-Control', 'public,max-age=31536000'); // 1 year
|
|
|
|
} else {
|
|
|
|
var ttl = global.environment.varnish.ttl || 86400;
|
|
|
|
res.header('Cache-Control', 'public,max-age='+ttl+',must-revalidate');
|
|
|
|
}
|
|
|
|
res.header('Last-Modified', (new Date()).toUTCString());
|
|
|
|
res.header('X-Cache-Channel', cacheChannel);
|
|
|
|
}
|
2013-03-14 01:41:37 +08:00
|
|
|
// find last updated
|
2014-02-27 19:32:34 +08:00
|
|
|
if ( ! tableNames.length ) return 0; // skip for no affected tables
|
|
|
|
tabNames = tableNames;
|
|
|
|
me.findLastUpdated(usr, key, tableNames, this);
|
|
|
|
},
|
|
|
|
function(err, lastUpdated) {
|
|
|
|
if ( err ) throw err;
|
|
|
|
if (req.profiler && tabNames) req.profiler.done('findLastUpdated');
|
|
|
|
response.layergroupid = response.layergroupid + ':' + lastUpdated; // use epoch
|
|
|
|
response.last_updated = new Date(lastUpdated).toISOString();
|
|
|
|
return null;
|
|
|
|
},
|
|
|
|
function finish(err) {
|
|
|
|
done(err);
|
|
|
|
}
|
|
|
|
);
|
2013-03-13 23:45:15 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
/* X-Cache-Channel generation } */
|
2012-09-25 00:57:48 +08:00
|
|
|
|
2013-12-17 01:24:35 +08:00
|
|
|
me.re_userFromHost = new RegExp(
|
|
|
|
global.environment.user_from_host ||
|
|
|
|
'^([^\\.]+)\\.' // would extract "strk" from "strk.cartodb.com"
|
|
|
|
);
|
|
|
|
|
2013-12-17 00:34:58 +08:00
|
|
|
me.userByReq = function(req) {
|
2013-12-17 01:24:35 +08:00
|
|
|
var host = req.headers.host;
|
|
|
|
var mat = host.match(this.re_userFromHost);
|
|
|
|
if ( ! mat ) {
|
|
|
|
console.error("ERROR: user pattern '" + this.re_userFromHost
|
|
|
|
+ "' does not match hostname '" + host + "'");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
// console.log("Matches: "); console.dir(mat);
|
|
|
|
if ( ! mat.length === 2 ) {
|
|
|
|
console.error("ERROR: pattern '" + this.re_userFromHost
|
|
|
|
+ "' gave unexpected matches against '" + host + "': " + mat);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
return mat[1];
|
2013-12-06 20:32:37 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// Set db authentication parameters to those of the given username
|
|
|
|
//
|
|
|
|
// @param username the cartodb username, mapped to a database username
|
|
|
|
// via CartodbRedis metadata records
|
|
|
|
//
|
|
|
|
// @param params the parameters to set auth options into
|
|
|
|
// added params are: "dbuser" and "dbpassword"
|
|
|
|
//
|
|
|
|
// @param callback function(err)
|
|
|
|
//
|
|
|
|
me.setDBAuth = function(username, params, callback) {
|
|
|
|
|
|
|
|
var user_params = {};
|
|
|
|
var auth_user = global.environment.postgres_auth_user;
|
|
|
|
var auth_pass = global.environment.postgres_auth_pass;
|
|
|
|
Step(
|
|
|
|
function getId() {
|
|
|
|
cartoData.getUserId(username, this);
|
|
|
|
},
|
|
|
|
function(err, user_id) {
|
|
|
|
if (err) throw err;
|
|
|
|
user_params['user_id'] = user_id;
|
|
|
|
var dbuser = _.template(auth_user, user_params);
|
|
|
|
_.extend(params, {dbuser:dbuser});
|
|
|
|
|
|
|
|
// skip looking up user_password if postgres_auth_pass
|
|
|
|
// doesn't contain the "user_password" label
|
|
|
|
if (!auth_pass || ! auth_pass.match(/\buser_password\b/) ) return null;
|
|
|
|
|
|
|
|
cartoData.getUserDBPass(username, this);
|
|
|
|
},
|
|
|
|
function(err, user_password) {
|
|
|
|
if (err) throw err;
|
|
|
|
user_params['user_password'] = user_password;
|
|
|
|
if ( auth_pass ) {
|
|
|
|
var dbpass = _.template(auth_pass, user_params);
|
|
|
|
_.extend(params, {dbpassword:dbpass});
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
},
|
|
|
|
function finish(err) {
|
|
|
|
callback(err);
|
|
|
|
}
|
|
|
|
);
|
2013-12-18 00:35:12 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
// Set db connection parameters to those for the given username
|
|
|
|
//
|
|
|
|
// @param dbowner cartodb username of database owner,
|
|
|
|
// mapped to a database username
|
|
|
|
// via CartodbRedis metadata records
|
|
|
|
//
|
|
|
|
// @param params the parameters to set connection options into
|
|
|
|
// added params are: "dbname", "dbhost"
|
|
|
|
//
|
|
|
|
// @param callback function(err)
|
|
|
|
//
|
|
|
|
me.setDBConn = function(dbowner, params, callback) {
|
2014-02-28 22:55:29 +08:00
|
|
|
// Add default database connection parameters
|
|
|
|
// if none given
|
|
|
|
_.defaults(params, {
|
|
|
|
dbuser: global.environment.postgres.user,
|
|
|
|
dbpassword: global.environment.postgres.password,
|
|
|
|
dbhost: global.environment.postgres.host,
|
|
|
|
dbport: global.environment.postgres.port
|
|
|
|
});
|
2013-12-18 00:35:12 +08:00
|
|
|
Step(
|
|
|
|
function getDatabaseHost(){
|
|
|
|
cartoData.getUserDBHost(dbowner, this);
|
|
|
|
},
|
|
|
|
function getDatabase(err, data){
|
|
|
|
if(err) throw err;
|
|
|
|
if ( data ) _.extend(params, {dbhost:data});
|
|
|
|
cartoData.getUserDBName(dbowner, this);
|
|
|
|
},
|
2014-02-11 20:42:44 +08:00
|
|
|
function extendParams(err, data){
|
2013-12-18 00:35:12 +08:00
|
|
|
if (err) throw err;
|
|
|
|
if ( data ) _.extend(params, {dbname:data});
|
|
|
|
return null;
|
|
|
|
},
|
|
|
|
function finish(err) {
|
|
|
|
callback(err);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
// Check if a request is authorized by a signer
|
|
|
|
//
|
|
|
|
// Any existing signature for the given request will verified
|
|
|
|
// for authorization to this specific request (may require auth_token)
|
|
|
|
// See https://github.com/CartoDB/Windshaft-cartodb/wiki/Signed-maps
|
|
|
|
//
|
|
|
|
// @param req express request object
|
|
|
|
// @param callback function(err, signed_by) signed_by will be
|
|
|
|
// null if the request is not signed by anyone
|
|
|
|
// or will be a string cartodb username otherwise.
|
|
|
|
//
|
|
|
|
me.authorizedBySigner = function(req, callback)
|
|
|
|
{
|
|
|
|
if ( ! req.params.token || ! req.params.signer ) {
|
|
|
|
//console.log("No signature provided"); // debugging
|
|
|
|
callback(null, null); // no signer requested
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
var signer = req.params.signer;
|
|
|
|
var layergroup_id = req.params.token;
|
|
|
|
var auth_token = req.params.auth_token;
|
|
|
|
|
2014-02-11 23:34:43 +08:00
|
|
|
//console.log("Checking authorization from signer " + signer + " for resource " + layergroup_id + " with auth_token " + auth_token);
|
2013-12-18 00:35:12 +08:00
|
|
|
|
|
|
|
me.signedMaps.isAuthorized(signer, layergroup_id, auth_token,
|
|
|
|
function(err, authorized) {
|
|
|
|
callback(err, authorized ? signer : null);
|
|
|
|
});
|
|
|
|
};
|
2013-12-06 20:32:37 +08:00
|
|
|
|
2013-12-17 18:43:56 +08:00
|
|
|
// Check if a request is authorized by api_key
|
|
|
|
//
|
|
|
|
// @param req express request object
|
|
|
|
// @param callback function(err, authorized)
|
2014-02-13 17:16:11 +08:00
|
|
|
// NOTE: authorized is expected to be 0 or 1 (integer)
|
2013-12-17 18:43:56 +08:00
|
|
|
//
|
|
|
|
me.authorizedByAPIKey = function(req, callback)
|
|
|
|
{
|
2014-02-13 17:16:11 +08:00
|
|
|
var givenKey = req.query.api_key || req.query.map_key;
|
|
|
|
if ( ! givenKey && req.body ) {
|
|
|
|
// check also in request body
|
|
|
|
givenKey = req.body.api_key || req.body.map_key;
|
|
|
|
}
|
|
|
|
if ( ! givenKey ) {
|
|
|
|
callback(null, 0); // no api key, no authorization...
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
//console.log("given ApiKey: " + givenKey);
|
2013-12-17 18:43:56 +08:00
|
|
|
var user = me.userByReq(req);
|
|
|
|
Step(
|
|
|
|
function (){
|
|
|
|
cartoData.getUserMapKey(user, this);
|
|
|
|
},
|
|
|
|
function checkApiKey(err, val){
|
|
|
|
if (err) throw err;
|
2014-02-13 17:16:11 +08:00
|
|
|
return ( val && givenKey == val ) ? 1 : 0;
|
2013-12-17 18:43:56 +08:00
|
|
|
},
|
|
|
|
function finish(err, authorized) {
|
|
|
|
callback(err, authorized);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
2013-11-16 02:14:00 +08:00
|
|
|
/**
|
2013-12-06 20:32:37 +08:00
|
|
|
* Check access authorization
|
2013-11-16 02:14:00 +08:00
|
|
|
*
|
|
|
|
* @param req - standard req object. Importantly contains table and host information
|
2013-12-06 20:32:37 +08:00
|
|
|
* @param callback function(err, allowed) is access allowed not?
|
2013-11-16 02:14:00 +08:00
|
|
|
*/
|
2013-12-06 20:32:37 +08:00
|
|
|
me.authorize = function(req, callback) {
|
2013-11-16 02:14:00 +08:00
|
|
|
var that = this;
|
2013-12-17 00:34:58 +08:00
|
|
|
var user = me.userByReq(req);
|
2013-11-16 02:14:00 +08:00
|
|
|
|
|
|
|
Step(
|
2013-12-17 17:56:12 +08:00
|
|
|
function (){
|
2013-12-17 18:43:56 +08:00
|
|
|
that.authorizedByAPIKey(req, this);
|
2013-11-16 02:14:00 +08:00
|
|
|
},
|
2013-12-17 18:43:56 +08:00
|
|
|
function checkApiKey(err, authorized){
|
2014-02-13 17:25:28 +08:00
|
|
|
if (req.profiler) req.profiler.done('authorizedByAPIKey');
|
2013-11-16 02:14:00 +08:00
|
|
|
if (err) throw err;
|
|
|
|
|
2013-12-06 20:32:37 +08:00
|
|
|
// if not authorized by api_key, continue
|
2013-12-18 00:35:12 +08:00
|
|
|
if (authorized !== 1) {
|
|
|
|
// not authorized by api_key,
|
|
|
|
// check if authorized by signer
|
|
|
|
that.authorizedBySigner(req, this);
|
|
|
|
return;
|
|
|
|
}
|
2013-12-06 20:32:37 +08:00
|
|
|
|
2014-02-08 01:00:13 +08:00
|
|
|
_.extend(req.params, { _authorizedByApiKey: true });
|
|
|
|
|
2013-12-17 00:34:58 +08:00
|
|
|
// authorized by api key, login as the given username and stop
|
|
|
|
that.setDBAuth(user, req.params, function(err) {
|
2013-12-06 20:32:37 +08:00
|
|
|
callback(err, true); // authorized (or error)
|
|
|
|
});
|
|
|
|
},
|
2013-12-18 00:35:12 +08:00
|
|
|
function checkSignAuthorized(err, signed_by){
|
|
|
|
if (err) throw err;
|
2014-02-13 17:25:28 +08:00
|
|
|
if (req.profiler) {
|
|
|
|
if ( req.params._authorizedByApiKey ) {
|
|
|
|
req.profiler.done('setDBAuth');
|
|
|
|
} else {
|
|
|
|
req.profiler.done('authorizedBySigner');
|
|
|
|
}
|
|
|
|
}
|
2013-12-18 00:35:12 +08:00
|
|
|
|
|
|
|
if ( ! signed_by ) {
|
2014-03-04 01:06:39 +08:00
|
|
|
// request not authorized by signer.
|
|
|
|
|
|
|
|
// if table was given, continue to check table privacy
|
2014-02-18 01:20:18 +08:00
|
|
|
if ( req.params.table ) return null;
|
2014-03-04 01:06:39 +08:00
|
|
|
|
|
|
|
// if no signer name was given, let dbparams and
|
|
|
|
// PostgreSQL do the rest.
|
|
|
|
//
|
|
|
|
if ( ! req.params.signer ) {
|
|
|
|
callback(null, true); // authorized so far
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// if signer name was given, return no authorization
|
2014-03-04 01:13:06 +08:00
|
|
|
callback(null, false);
|
2014-02-18 01:20:18 +08:00
|
|
|
return;
|
2013-12-18 00:35:12 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// Authorized by "signed_by" !
|
2014-04-08 15:16:16 +08:00
|
|
|
_.extend(req.params, { _authorizedBySigner: signed_by });
|
2013-12-18 00:35:12 +08:00
|
|
|
that.setDBAuth(signed_by, req.params, function(err) {
|
2014-02-13 17:25:28 +08:00
|
|
|
if (req.profiler) req.profiler.done('setDBAuth');
|
2013-12-18 00:35:12 +08:00
|
|
|
callback(err, true); // authorized (or error)
|
|
|
|
});
|
|
|
|
},
|
2013-12-06 20:32:37 +08:00
|
|
|
function getDatabase(err){
|
2013-11-16 02:14:00 +08:00
|
|
|
if (err) throw err;
|
2013-12-06 20:32:37 +08:00
|
|
|
// NOTE: only used to get to table privacy
|
2013-12-17 00:34:58 +08:00
|
|
|
cartoData.getUserDBName(user, this);
|
2013-11-16 02:14:00 +08:00
|
|
|
},
|
2013-12-06 20:32:37 +08:00
|
|
|
function getPrivacy(err, dbname){
|
2013-11-16 02:14:00 +08:00
|
|
|
if (err) throw err;
|
2014-02-14 18:47:43 +08:00
|
|
|
if (req.profiler) req.profiler.done('tablePrivacy_getUserDBName');
|
2013-12-06 20:32:37 +08:00
|
|
|
cartoData.getTablePrivacy(dbname, req.params.table, this);
|
2013-11-16 02:14:00 +08:00
|
|
|
},
|
2013-12-06 20:32:37 +08:00
|
|
|
function(err, privacy){
|
2014-02-13 17:25:28 +08:00
|
|
|
if (req.profiler) req.profiler.done('getTablePrivacy');
|
2014-03-04 01:06:39 +08:00
|
|
|
callback(err, privacy !== "0");
|
2013-11-16 02:14:00 +08:00
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
/**
|
|
|
|
* Whitelist input and get database name & default geometry type from
|
|
|
|
* subdomain/user metadata held in CartoDB Redis
|
|
|
|
* @param req - standard express request obj. Should have host & table
|
|
|
|
* @param callback
|
|
|
|
*/
|
|
|
|
me.req2params = function(req, callback){
|
|
|
|
|
2013-03-23 01:55:59 +08:00
|
|
|
if ( req.query.lzma ) {
|
|
|
|
|
|
|
|
// TODO: check ?
|
|
|
|
//console.log("type of req.query.lzma is " + typeof(req.query.lzma));
|
|
|
|
|
2013-04-19 22:16:20 +08:00
|
|
|
// Decode (from base64)
|
2013-04-24 21:10:58 +08:00
|
|
|
var lzma = (new Buffer(req.query.lzma, 'base64').toString('binary')).split('').map(function(c) { return c.charCodeAt(0) - 128 })
|
2013-03-23 01:55:59 +08:00
|
|
|
|
|
|
|
// Decompress
|
|
|
|
LZMA.decompress(
|
|
|
|
lzma,
|
|
|
|
function(result) {
|
2013-07-16 21:59:34 +08:00
|
|
|
if (req.profiler) req.profiler.done('LZMA decompress');
|
2013-03-23 01:55:59 +08:00
|
|
|
try {
|
2013-04-24 21:10:58 +08:00
|
|
|
delete req.query.lzma
|
|
|
|
_.extend(req.query, JSON.parse(result))
|
2013-03-23 01:55:59 +08:00
|
|
|
me.req2params(req, callback);
|
2013-09-12 21:36:50 +08:00
|
|
|
} catch (err) {
|
2013-03-23 01:55:59 +08:00
|
|
|
callback(new Error('Error parsing lzma as JSON: ' + err));
|
|
|
|
}
|
|
|
|
},
|
|
|
|
function(percent) { // progress
|
|
|
|
//console.log("LZMA decompression " + percent + "%");
|
|
|
|
}
|
|
|
|
);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
// Whitelist query parameters and attach format
|
2013-12-18 00:35:12 +08:00
|
|
|
var good_query = ['sql', 'geom_type', 'cache_buster', 'cache_policy', 'callback', 'interactivity', 'map_key', 'api_key', 'auth_token', 'style', 'style_version', 'style_convert', 'config' ];
|
2012-05-03 02:32:54 +08:00
|
|
|
var bad_query = _.difference(_.keys(req.query), good_query);
|
|
|
|
|
|
|
|
_.each(bad_query, function(key){ delete req.query[key]; });
|
|
|
|
req.params = _.extend({}, req.params); // shuffle things as request is a strange array/object
|
|
|
|
|
2014-02-27 23:40:59 +08:00
|
|
|
var user = me.userByReq(req);
|
|
|
|
|
2013-04-04 19:15:50 +08:00
|
|
|
if ( req.params.token ) {
|
|
|
|
//console.log("Request parameters include token " + req.params.token);
|
|
|
|
var tksplit = req.params.token.split(':');
|
|
|
|
req.params.token = tksplit[0];
|
|
|
|
if ( tksplit.length > 1 ) req.params.cache_buster= tksplit[1];
|
2013-12-06 20:32:37 +08:00
|
|
|
tksplit = req.params.token.split('@');
|
|
|
|
if ( tksplit.length > 1 ) {
|
2014-02-10 22:30:35 +08:00
|
|
|
req.params.signer = tksplit.shift();
|
2014-02-27 23:40:59 +08:00
|
|
|
if ( ! req.params.signer ) req.params.signer = user;
|
2014-02-28 20:24:38 +08:00
|
|
|
else if ( req.params.signer != user ) {
|
|
|
|
var err = new Error('Cannot use map signature of user "' + req.params.signer + '" on database of user "' + user + '"')
|
|
|
|
err.http_status = 403;
|
|
|
|
callback(err);
|
|
|
|
return;
|
|
|
|
}
|
2014-02-10 22:30:35 +08:00
|
|
|
if ( tksplit.length > 1 ) {
|
|
|
|
var template_hash = tksplit.shift(); // unused
|
|
|
|
}
|
|
|
|
req.params.token = tksplit.shift();
|
2013-12-18 00:35:12 +08:00
|
|
|
//console.log("Request for token " + req.params.token + " with signature from " + req.params.signer);
|
2013-12-06 20:32:37 +08:00
|
|
|
}
|
2013-04-04 19:15:50 +08:00
|
|
|
}
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
// bring all query values onto req.params object
|
|
|
|
_.extend(req.params, req.query);
|
|
|
|
|
|
|
|
// for cartodb, ensure interactivity is cartodb_id or user specified
|
2013-04-06 00:11:36 +08:00
|
|
|
req.params.interactivity = req.params.interactivity || 'cartodb_id';
|
2012-05-03 02:32:54 +08:00
|
|
|
|
2012-09-25 00:57:48 +08:00
|
|
|
var that = this;
|
|
|
|
|
2013-07-16 21:59:34 +08:00
|
|
|
if (req.profiler) req.profiler.done('req2params.setup');
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
Step(
|
|
|
|
function getPrivacy(){
|
2013-11-16 02:14:00 +08:00
|
|
|
me.authorize(req, this);
|
2012-05-03 02:32:54 +08:00
|
|
|
},
|
2014-03-04 01:06:39 +08:00
|
|
|
function gatekeep(err, authorized){
|
2013-12-06 20:32:37 +08:00
|
|
|
if (req.profiler) req.profiler.done('authorize');
|
2012-05-03 02:32:54 +08:00
|
|
|
if(err) throw err;
|
2014-03-04 00:18:06 +08:00
|
|
|
if(!authorized) {
|
|
|
|
err = new Error("Sorry, you are unauthorized (permission denied)");
|
|
|
|
err.http_status = 403;
|
|
|
|
throw err;
|
|
|
|
}
|
2014-03-04 01:06:39 +08:00
|
|
|
return null;
|
2012-05-03 02:32:54 +08:00
|
|
|
},
|
2014-03-04 01:06:39 +08:00
|
|
|
function getDatabase(err){
|
2012-05-03 02:32:54 +08:00
|
|
|
if(err) throw err;
|
2013-12-18 00:35:12 +08:00
|
|
|
that.setDBConn(user, req.params, this);
|
2012-05-03 02:32:54 +08:00
|
|
|
},
|
2013-12-18 00:35:12 +08:00
|
|
|
function getGeometryType(err){
|
2014-02-11 20:40:17 +08:00
|
|
|
if (req.profiler) req.profiler.done('setDBConn');
|
2012-05-03 02:32:54 +08:00
|
|
|
if (err) throw err;
|
2014-02-14 19:26:34 +08:00
|
|
|
if ( ! req.params.table ) return null;
|
2013-12-18 00:35:12 +08:00
|
|
|
cartoData.getTableGeometryType(req.params.dbname, req.params.table, this);
|
2012-05-03 02:32:54 +08:00
|
|
|
},
|
|
|
|
function finishSetup(err, data){
|
2014-02-11 20:40:17 +08:00
|
|
|
if (req.profiler) req.profiler.done('cartoData.getTableGeometryType');
|
2012-09-25 00:57:48 +08:00
|
|
|
if ( err ) { callback(err, req); return; }
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
if (!_.isNull(data))
|
|
|
|
_.extend(req.params, {geom_type: data});
|
|
|
|
|
2014-02-08 01:00:13 +08:00
|
|
|
// Add default database connection parameters
|
|
|
|
// if none given
|
|
|
|
_.defaults(req.params, {
|
|
|
|
dbuser: global.environment.postgres.user,
|
|
|
|
dbpassword: global.environment.postgres.password,
|
|
|
|
dbhost: global.environment.postgres.host,
|
|
|
|
dbport: global.environment.postgres.port
|
|
|
|
});
|
|
|
|
|
2014-02-19 17:08:25 +08:00
|
|
|
callback(null, req);
|
2012-05-03 02:32:54 +08:00
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Little helper method to get the current list of infowindow variables and return to client
|
|
|
|
* @param req
|
|
|
|
* @param callback
|
|
|
|
*/
|
|
|
|
me.getInfowindow = function(req, callback){
|
|
|
|
var that = this;
|
2013-12-17 17:56:12 +08:00
|
|
|
var user = me.userByReq(req);
|
2012-05-03 02:32:54 +08:00
|
|
|
|
|
|
|
Step(
|
|
|
|
function(){
|
2013-12-17 17:56:12 +08:00
|
|
|
// TODO: if this step really needed ?
|
2012-05-03 02:32:54 +08:00
|
|
|
that.req2params(req, this);
|
|
|
|
},
|
2013-12-17 17:56:12 +08:00
|
|
|
function getDatabase(err){
|
|
|
|
if (err) throw err;
|
|
|
|
cartoData.getUserDBName(user, this);
|
|
|
|
},
|
|
|
|
function getInfowindow(err, dbname){
|
|
|
|
if (err) throw err;
|
|
|
|
cartoData.getTableInfowindow(dbname, req.params.table, this);
|
|
|
|
},
|
2012-05-03 02:32:54 +08:00
|
|
|
function(err, data){
|
2013-12-17 17:56:12 +08:00
|
|
|
callback(err, data);
|
2012-05-03 02:32:54 +08:00
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
2013-12-17 00:17:55 +08:00
|
|
|
/**
|
|
|
|
* Little helper method to get map metadata and return to client
|
|
|
|
* @param req
|
|
|
|
* @param callback
|
|
|
|
*/
|
|
|
|
me.getMapMetadata = function(req, callback){
|
|
|
|
var that = this;
|
2013-12-17 17:56:12 +08:00
|
|
|
var user = me.userByReq(req);
|
2013-12-17 00:17:55 +08:00
|
|
|
|
|
|
|
Step(
|
|
|
|
function(){
|
2013-12-17 17:56:12 +08:00
|
|
|
// TODO: if this step really needed ?
|
2013-12-17 00:17:55 +08:00
|
|
|
that.req2params(req, this);
|
|
|
|
},
|
2013-12-17 17:56:12 +08:00
|
|
|
function getDatabase(err){
|
|
|
|
if (err) throw err;
|
|
|
|
cartoData.getUserDBName(user, this);
|
|
|
|
},
|
|
|
|
function getMapMetadata(err, dbname){
|
|
|
|
if (err) throw err;
|
|
|
|
cartoData.getTableMapMetadata(dbname, req.params.table, this);
|
|
|
|
},
|
2013-12-17 00:17:55 +08:00
|
|
|
function(err, data){
|
2013-12-17 17:56:12 +08:00
|
|
|
callback(err, data);
|
2013-12-17 00:17:55 +08:00
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
2012-05-03 02:32:54 +08:00
|
|
|
/**
|
|
|
|
* Helper to clear out tile cache on request
|
|
|
|
* @param req
|
|
|
|
* @param callback
|
|
|
|
*/
|
|
|
|
me.flushCache = function(req, Cache, callback){
|
|
|
|
var that = this;
|
|
|
|
|
|
|
|
Step(
|
2013-03-16 02:25:13 +08:00
|
|
|
function getParams(){
|
|
|
|
// this is mostly to compute req.params.dbname
|
2012-05-03 02:32:54 +08:00
|
|
|
that.req2params(req, this);
|
|
|
|
},
|
2013-03-16 02:25:13 +08:00
|
|
|
function flushInternalCache(err){
|
|
|
|
// TODO: implement this, see
|
|
|
|
// http://github.com/Vizzuality/Windshaft-cartodb/issues/73
|
|
|
|
return true;
|
|
|
|
},
|
|
|
|
function flushVarnishCache(err){
|
|
|
|
if (err) { callback(err); return; }
|
2012-10-05 22:55:58 +08:00
|
|
|
if(Cache) {
|
|
|
|
Cache.invalidate_db(req.params.dbname, req.params.table);
|
|
|
|
}
|
2012-05-03 02:32:54 +08:00
|
|
|
callback(null, true);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
};
|
|
|
|
|
|
|
|
return me;
|
2014-02-19 13:45:29 +08:00
|
|
|
};
|