Windshaft-cartodb/lib/cartodb/controllers/named_maps_admin.js

const { templateName } = require('../backends/template_maps');
const cors = require('../middleware/cors');
const userMiddleware = require('../middleware/user');
const localsMiddleware = require('../middleware/context/locals');
const credentialsMiddleware = require('../middleware/context/credentials');

/**
 * @param {AuthApi} authApi
 * @param {PgConnection} pgConnection
 * @param {TemplateMaps} templateMaps
 * @constructor
 */
function NamedMapsAdminController(authApi, templateMaps) {
    this.authApi = authApi;
    this.templateMaps = templateMaps;
}

module.exports = NamedMapsAdminController;

NamedMapsAdminController.prototype.register = function (app) {
    const { base_url_templated } = app;

    app.post(
        `${base_url_templated}/`,
        cors(),
        userMiddleware(),
        localsMiddleware(),
        credentialsMiddleware(),
        checkContentType('POST', 'POST TEMPLATE'),
        authorizedByAPIKey(this.authApi, 'create', 'POST TEMPLATE'),
        createTemplate(this.templateMaps)
    );

    app.put(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware(),
        localsMiddleware(),
        credentialsMiddleware(),
        checkContentType('PUT', 'PUT TEMPLATE'),
        authorizedByAPIKey(this.authApi, 'update', 'PUT TEMPLATE'),
        updateTemplate(this.templateMaps)
    );

    app.get(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware(),
        localsMiddleware(),
        credentialsMiddleware(),
        authorizedByAPIKey(this.authApi, 'get', 'GET TEMPLATE'),
        retrieveTemplate(this.templateMaps)
    );

    app.delete(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware(),
        localsMiddleware(),
        credentialsMiddleware(),
        authorizedByAPIKey(this.authApi, 'delete', 'DELETE TEMPLATE'),
        destroyTemplate(this.templateMaps)
    );

    app.get(
        `${base_url_templated}/`,
        cors(),
        userMiddleware(),
        localsMiddleware(),
        credentialsMiddleware(),
        authorizedByAPIKey(this.authApi, 'list', 'GET TEMPLATE LIST'),
        listTemplates(this.templateMaps)
    );

    app.options(
        `${base_url_templated}/:template_id`,
        cors('Content-Type')
    );
};

function checkContentType (action, label) {
    return function checkContentTypeMiddleware (req, res, next) {
        if (!req.is('application/json')) {
            const error = new Error(`template ${action} data must be of type application/json`);
            error.label = label;
            return next(error);
        }
        next();
    };
}

function authorizedByAPIKey (authApi, action, label) {
    return function authorizedByAPIKeyMiddleware (req, res, next) {
        const { user } = res.locals;

        authApi.authorizedByAPIKey(user, res, (err, authenticated) => {
            if (err) {
                return next(err);
            }

            if (!authenticated) {
                const error = new Error(`Only authenticated user can ${action} templated maps`);
                error.http_status = 403;
                error.label = label;
                return next(error);
            }

            next();
        });
    };
}

function createTemplate (templateMaps) {
    return function createTemplateMiddleware (req, res, next) {
        const { user } = res.locals;
        const template = req.body;

        templateMaps.addTemplate(user, template, (err, templateId) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_id: templateId });
        });
    };
}

function updateTemplate (templateMaps) {
    return function updateTemplateMiddleware (req, res, next) {
        const { user } = res.locals;
        const template = req.body;
        const templateId = templateName(req.params.template_id);

        templateMaps.updTemplate(user, templateId, template, (err) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_id: templateId });
        });
    };
}

function retrieveTemplate (templateMaps) {
    return function retrieveTemplateMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.get_template');

        const { user } = res.locals;
        const templateId = templateName(req.params.template_id);

        templateMaps.getTemplate(user, templateId, (err, template) => {
            if (err) {
                return next(err);
            }

            if (!template) {
                const error = new Error(`Cannot find template '${templateId}' of user '${user}'`);
                error.http_status = 404;
                return next(error);
            }
            // auth_id was added by ourselves,
            // so we remove it before returning to the user
            delete template.auth_id;

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template });
        });
    };
}

function destroyTemplate (templateMaps) {
    return function destroyTemplateMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.delete_template');

        const { user } = res.locals;
        const templateId = templateName(req.params.template_id);

        templateMaps.delTemplate(user, templateId, (err/* , tpl_val */) => {
            if (err) {
                return next(err);
            }

            res.status(204);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]('');
        });
    };
}

function listTemplates (templateMaps) {
    return function listTemplatesMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.get_template_list');

        const { user } = res.locals;

        templateMaps.listTemplates(user, (err, templateIds) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_ids: templateIds });
        });
    };
}
Use const instead of var 2017-12-29 22:22:17 +08:00			`const { templateName } = require('../backends/template_maps');`
			`const cors = require('../middleware/cors');`
			`const userMiddleware = require('../middleware/user');`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`const localsMiddleware = require('../middleware/context/locals');`
Rename middleware 2018-03-01 02:20:51 +08:00			`const credentialsMiddleware = require('../middleware/context/credentials');`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`/**`
			`* @param {AuthApi} authApi`
BaseController to encapsulate req2params method All controllers now extending BaseController - Most of the acceptance ported tests will be broken 2015-09-16 22:18:26 +08:00			`* @param {PgConnection} pgConnection`
Remove app dependency from controllers 2015-10-01 00:00:54 +08:00			`* @param {TemplateMaps} templateMaps`
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`* @constructor`
			`*/`
Inject prepare context middleware to controllers 2017-09-26 01:40:27 +08:00			`function NamedMapsAdminController(authApi, templateMaps) {`
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`this.authApi = authApi;`
Remove app dependency from controllers 2015-10-01 00:00:54 +08:00			`this.templateMaps = templateMaps;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`}`

			`module.exports = NamedMapsAdminController;`

Back to use just one router 2017-10-05 18:12:21 +08:00			`NamedMapsAdminController.prototype.register = function (app) {`
Use original variable name 2017-12-29 23:24:19 +08:00			`const { base_url_templated } = app;`
Use template string 2017-12-29 23:19:00 +08:00
Back to use just one router 2017-10-05 18:12:21 +08:00			`app.post(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
Follow middleware pattern, should return a function as the actual middleware 2018-03-01 22:42:03 +08:00			`userMiddleware(),`
Follow middleware pattern, return a function as the actual middleware 2018-03-01 22:52:48 +08:00			`localsMiddleware(),`
Ungroup middlewares 2018-03-01 02:46:46 +08:00			`credentialsMiddleware(),`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`checkContentType('POST', 'POST TEMPLATE'),`
			`authorizedByAPIKey(this.authApi, 'create', 'POST TEMPLATE'),`
Improve naming 2018-03-13 20:21:40 +08:00			`createTemplate(this.templateMaps)`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.put(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
Follow middleware pattern, should return a function as the actual middleware 2018-03-01 22:42:03 +08:00			`userMiddleware(),`
Follow middleware pattern, return a function as the actual middleware 2018-03-01 22:52:48 +08:00			`localsMiddleware(),`
Ungroup middlewares 2018-03-01 02:46:46 +08:00			`credentialsMiddleware(),`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`checkContentType('PUT', 'PUT TEMPLATE'),`
			`authorizedByAPIKey(this.authApi, 'update', 'PUT TEMPLATE'),`
Improve naming 2018-03-13 20:21:40 +08:00			`updateTemplate(this.templateMaps)`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.get(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
Follow middleware pattern, should return a function as the actual middleware 2018-03-01 22:42:03 +08:00			`userMiddleware(),`
Follow middleware pattern, return a function as the actual middleware 2018-03-01 22:52:48 +08:00			`localsMiddleware(),`
Ungroup middlewares 2018-03-01 02:46:46 +08:00			`credentialsMiddleware(),`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`authorizedByAPIKey(this.authApi, 'get', 'GET TEMPLATE'),`
Improve naming 2018-03-13 20:21:40 +08:00			`retrieveTemplate(this.templateMaps)`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.delete(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
Follow middleware pattern, should return a function as the actual middleware 2018-03-01 22:42:03 +08:00			`userMiddleware(),`
Follow middleware pattern, return a function as the actual middleware 2018-03-01 22:52:48 +08:00			`localsMiddleware(),`
Ungroup middlewares 2018-03-01 02:46:46 +08:00			`credentialsMiddleware(),`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`authorizedByAPIKey(this.authApi, 'delete', 'DELETE TEMPLATE'),`
Improve naming 2018-03-13 20:21:40 +08:00			`destroyTemplate(this.templateMaps)`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00
Back to use just one router 2017-10-05 18:12:21 +08:00			`app.get(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/`,
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00			`cors(),`
Follow middleware pattern, should return a function as the actual middleware 2018-03-01 22:42:03 +08:00			`userMiddleware(),`
Follow middleware pattern, return a function as the actual middleware 2018-03-01 22:52:48 +08:00			`localsMiddleware(),`
Ungroup middlewares 2018-03-01 02:46:46 +08:00			`credentialsMiddleware(),`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`authorizedByAPIKey(this.authApi, 'list', 'GET TEMPLATE LIST'),`
Improve naming 2018-03-13 20:21:40 +08:00			`listTemplates(this.templateMaps)`
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00			`);`

Back to use just one router 2017-10-05 18:12:21 +08:00			`app.options(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors('Content-Type')`
			`);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`function checkContentType (action, label) {`
			`return function checkContentTypeMiddleware (req, res, next) {`
			`if (!req.is('application/json')) {`
			const error = new Error(`template ${action} data must be of type application/json`);
			`error.label = label;`
			`return next(error);`
			`}`
			`next();`
			`};`
			`}`

			`function authorizedByAPIKey (authApi, action, label) {`
Move to up intermediate middlewares 2017-12-29 22:19:52 +08:00			`return function authorizedByAPIKeyMiddleware (req, res, next) {`
			`const { user } = res.locals;`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00
			`authApi.authorizedByAPIKey(user, res, (err, authenticated) => {`
Move to up intermediate middlewares 2017-12-29 22:19:52 +08:00			`if (err) {`
			`return next(err);`
			`}`

			`if (!authenticated) {`
			const error = new Error(`Only authenticated user can ${action} templated maps`);
			`error.http_status = 403;`
			`error.label = label;`
			`return next(error);`
			`}`

			`next();`
			`});`
			`};`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`}`
Move to up intermediate middlewares 2017-12-29 22:19:52 +08:00
Improve naming 2018-03-13 20:21:40 +08:00			`function createTemplate (templateMaps) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`return function createTemplateMiddleware (req, res, next) {`
Use spread assignment 2017-12-30 01:34:54 +08:00			`const { user } = res.locals;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const template = req.body;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`templateMaps.addTemplate(user, template, (err, templateId) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_id: templateId });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`};`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Improve naming 2018-03-13 20:21:40 +08:00			`function updateTemplate (templateMaps) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`return function updateTemplateMiddleware (req, res, next) {`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const template = req.body;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const templateId = templateName(req.params.template_id);`
Now turbo-cartocss is also parsed in template modification. 2016-03-11 18:06:51 +08:00
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`templateMaps.updTemplate(user, templateId, template, (err) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_id: templateId });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`};`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Improve naming 2018-03-13 20:21:40 +08:00			`function retrieveTemplate (templateMaps) {`
Rename middleware function 2018-01-03 20:15:11 +08:00			`return function retrieveTemplateMiddleware (req, res, next) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`req.profiler.start('windshaft-cartodb.get_template');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Use spread assignment 2017-12-30 01:34:54 +08:00			`const { user } = res.locals;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const templateId = templateName(req.params.template_id);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`templateMaps.getTemplate(user, templateId, (err, template) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`if (!template) {`
Use spread assignment 2017-12-30 01:34:54 +08:00			const error = new Error(`Cannot find template '${templateId}' of user '${user}'`);
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`error.http_status = 404;`
			`return next(error);`
			`}`
			`// auth_id was added by ourselves,`
			`// so we remove it before returning to the user`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`delete template.auth_id;`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`};`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Improve naming 2018-03-13 20:21:40 +08:00			`function destroyTemplate (templateMaps) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`return function destroyTemplateMiddleware (req, res, next) {`
			`req.profiler.start('windshaft-cartodb.delete_template');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
			`const templateId = templateName(req.params.template_id);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`templateMaps.delTemplate(user, templateId, (err/* , tpl_val */) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(204);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
			`res[method]('');`
			`});`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`};`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Improve naming 2018-03-13 20:21:40 +08:00			`function listTemplates (templateMaps) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`return function listTemplatesMiddleware (req, res, next) {`
			`req.profiler.start('windshaft-cartodb.get_template_list');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`templateMaps.listTemplates(user, (err, templateIds) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_ids: templateIds });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
Extract middlewares form controller's context 2018-03-13 20:12:18 +08:00			`};`
			`}`