Windshaft-cartodb/lib/cartodb/controllers/named_maps_admin.js

const { templateName } = require('../backends/template_maps');
const cors = require('../middleware/cors');
const userMiddleware = require('../middleware/user');
const localsMiddleware = require('../middleware/context/locals');
const apikeyCredentialsMiddleware = require('../middleware/context/apikey-credentials');

const apikeyMiddleware = [
    localsMiddleware,
    apikeyCredentialsMiddleware(),
];

/**
 * @param {AuthApi} authApi
 * @param {PgConnection} pgConnection
 * @param {TemplateMaps} templateMaps
 * @constructor
 */
function NamedMapsAdminController(authApi, templateMaps) {
    this.authApi = authApi;
    this.templateMaps = templateMaps;
}

module.exports = NamedMapsAdminController;

NamedMapsAdminController.prototype.register = function (app) {
    const { base_url_templated } = app;

    app.post(
        `${base_url_templated}/`,
        cors(),
        userMiddleware,
        apikeyMiddleware,
        this.checkContentType('POST', 'POST TEMPLATE'),
        this.authorizedByAPIKey('create', 'POST TEMPLATE'),
        this.create()
    );

    app.put(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware,
        apikeyMiddleware,
        this.checkContentType('PUT', 'PUT TEMPLATE'),
        this.authorizedByAPIKey('update', 'PUT TEMPLATE'),
        this.update()
    );

    app.get(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware,
        apikeyMiddleware,
        this.authorizedByAPIKey('get', 'GET TEMPLATE'),
        this.retrieve()
    );

    app.delete(
        `${base_url_templated}/:template_id`,
        cors(),
        userMiddleware,
        apikeyMiddleware,
        this.authorizedByAPIKey('delete', 'DELETE TEMPLATE'),
        this.destroy()
    );

    app.get(
        `${base_url_templated}/`,
        cors(),
        userMiddleware,
        apikeyMiddleware,
        this.authorizedByAPIKey('list', 'GET TEMPLATE LIST'),
        this.list()
    );

    app.options(
        `${base_url_templated}/:template_id`,
        cors('Content-Type')
    );
};

NamedMapsAdminController.prototype.authorizedByAPIKey = function (action, label) {
    return function authorizedByAPIKeyMiddleware (req, res, next) {
        const { user } = res.locals;
        this.authApi.authorizedByAPIKey(user, res, (err, authenticated) => {
            if (err) {
                return next(err);
            }

            if (!authenticated) {
                const error = new Error(`Only authenticated user can ${action} templated maps`);
                error.http_status = 403;
                error.label = label;
                return next(error);
            }

            next();
        });
    }.bind(this);
};

NamedMapsAdminController.prototype.checkContentType = function (action, label) {
    return function checkContentTypeMiddleware (req, res, next) {
        if (!req.is('application/json')) {
            const error = new Error(`template ${action} data must be of type application/json`);
            error.label = label;
            return next(error);
        }
        next();
    };
};

NamedMapsAdminController.prototype.create = function () {
    return function createTemplateMiddleware (req, res, next) {
        const { user } = res.locals;
        const template = req.body;

        this.templateMaps.addTemplate(user, template, (err, templateId) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_id: templateId });
        });
    }.bind(this);
};

NamedMapsAdminController.prototype.update = function () {
    return function updateTemplateMiddleware (req, res, next) {
        const { user } = res.locals;
        const template = req.body;
        const templateId = templateName(req.params.template_id);

        this.templateMaps.updTemplate(user, templateId, template, (err) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_id: templateId });
        });
    }.bind(this);
};

NamedMapsAdminController.prototype.retrieve =  function () {
    return function retrieveTemplateMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.get_template');

        const { user } = res.locals;
        const templateId = templateName(req.params.template_id);

        this.templateMaps.getTemplate(user, templateId, (err, template) => {
            if (err) {
                return next(err);
            }

            if (!template) {
                const error = new Error(`Cannot find template '${templateId}' of user '${user}'`);
                error.http_status = 404;
                return next(error);
            }
            // auth_id was added by ourselves,
            // so we remove it before returning to the user
            delete template.auth_id;

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template });
        });
    }.bind(this);
};

NamedMapsAdminController.prototype.destroy = function () {
    return function destroyTemplateMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.delete_template');

        const { user } = res.locals;
        const templateId = templateName(req.params.template_id);

        this.templateMaps.delTemplate(user, templateId, (err/* , tpl_val */) => {
            if (err) {
                return next(err);
            }

            res.status(204);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]('');
        });
    }.bind(this);
};

NamedMapsAdminController.prototype.list = function () {
    return function listTemplatesMiddleware (req, res, next) {
        req.profiler.start('windshaft-cartodb.get_template_list');

        const { user } = res.locals;

        this.templateMaps.listTemplates(user, (err, templateIds) => {
            if (err) {
                return next(err);
            }

            res.status(200);

            const method = req.query.callback ? 'jsonp' : 'json';
            res[method]({ template_ids: templateIds });
        });
    }.bind(this);
};
Use const instead of var 2017-12-29 22:22:17 +08:00			`const { templateName } = require('../backends/template_maps');`
			`const cors = require('../middleware/cors');`
			`const userMiddleware = require('../middleware/user');`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`const localsMiddleware = require('../middleware/context/locals');`
get and check api key credentials from api key: username and token 2018-02-16 00:49:47 +08:00			`const apikeyCredentialsMiddleware = require('../middleware/context/apikey-credentials');`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00
			`const apikeyMiddleware = [`
			`localsMiddleware,`
get and check api key credentials from api key: username and token 2018-02-16 00:49:47 +08:00			`apikeyCredentialsMiddleware(),`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`];`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`/**`
			`* @param {AuthApi} authApi`
BaseController to encapsulate req2params method All controllers now extending BaseController - Most of the acceptance ported tests will be broken 2015-09-16 22:18:26 +08:00			`* @param {PgConnection} pgConnection`
Remove app dependency from controllers 2015-10-01 00:00:54 +08:00			`* @param {TemplateMaps} templateMaps`
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`* @constructor`
			`*/`
Inject prepare context middleware to controllers 2017-09-26 01:40:27 +08:00			`function NamedMapsAdminController(authApi, templateMaps) {`
Authentication/Authorization moves to its own entity 2015-07-13 21:05:03 +08:00			`this.authApi = authApi;`
Remove app dependency from controllers 2015-10-01 00:00:54 +08:00			`this.templateMaps = templateMaps;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`}`

			`module.exports = NamedMapsAdminController;`

Back to use just one router 2017-10-05 18:12:21 +08:00			`NamedMapsAdminController.prototype.register = function (app) {`
Use original variable name 2017-12-29 23:24:19 +08:00			`const { base_url_templated } = app;`
Use template string 2017-12-29 23:19:00 +08:00
Back to use just one router 2017-10-05 18:12:21 +08:00			`app.post(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
			`userMiddleware,`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`apikeyMiddleware,`
keep error label 2017-12-29 20:05:01 +08:00			`this.checkContentType('POST', 'POST TEMPLATE'),`
			`this.authorizedByAPIKey('create', 'POST TEMPLATE'),`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`this.create()`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.put(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
			`userMiddleware,`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`apikeyMiddleware,`
keep error label 2017-12-29 20:05:01 +08:00			`this.checkContentType('PUT', 'PUT TEMPLATE'),`
			`this.authorizedByAPIKey('update', 'PUT TEMPLATE'),`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`this.update()`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.get(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
			`userMiddleware,`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`apikeyMiddleware,`
keep error label 2017-12-29 20:05:01 +08:00			`this.authorizedByAPIKey('get', 'GET TEMPLATE'),`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`this.retrieve()`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`

			`app.delete(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors(),`
			`userMiddleware,`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`apikeyMiddleware,`
keep error label 2017-12-29 20:05:01 +08:00			`this.authorizedByAPIKey('delete', 'DELETE TEMPLATE'),`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`this.destroy()`
Back to use just one router 2017-10-05 18:12:21 +08:00			`);`
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00
Back to use just one router 2017-10-05 18:12:21 +08:00			`app.get(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/`,
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00			`cors(),`
Back to use just one router 2017-10-05 18:12:21 +08:00			`userMiddleware,`
get apikey token from request in named maps admin middleware 2018-02-15 22:20:52 +08:00			`apikeyMiddleware,`
keep error label 2017-12-29 20:05:01 +08:00			`this.authorizedByAPIKey('list', 'GET TEMPLATE LIST'),`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`this.list()`
Use express router to group controllers' enpoints and reuse common middleware for named maps admin controller 2017-09-22 22:45:34 +08:00			`);`

Back to use just one router 2017-10-05 18:12:21 +08:00			`app.options(`
Use original variable name 2017-12-29 23:24:19 +08:00			`${base_url_templated}/:template_id`,
Back to use just one router 2017-10-05 18:12:21 +08:00			`cors('Content-Type')`
			`);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Move to up intermediate middlewares 2017-12-29 22:19:52 +08:00			`NamedMapsAdminController.prototype.authorizedByAPIKey = function (action, label) {`
			`return function authorizedByAPIKeyMiddleware (req, res, next) {`
			`const { user } = res.locals;`
add middleware for apikeyToken 2018-02-15 19:50:42 +08:00			`this.authApi.authorizedByAPIKey(user, res, (err, authenticated) => {`
Move to up intermediate middlewares 2017-12-29 22:19:52 +08:00			`if (err) {`
			`return next(err);`
			`}`

			`if (!authenticated) {`
			const error = new Error(`Only authenticated user can ${action} templated maps`);
			`error.http_status = 403;`
			`error.label = label;`
			`return next(error);`
			`}`

			`next();`
			`});`
			`}.bind(this);`
			`};`

			`NamedMapsAdminController.prototype.checkContentType = function (action, label) {`
			`return function checkContentTypeMiddleware (req, res, next) {`
			`if (!req.is('application/json')) {`
			const error = new Error(`template ${action} data must be of type application/json`);
			`error.label = label;`
			`return next(error);`
			`}`
			`next();`
			`};`
			`};`

Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`NamedMapsAdminController.prototype.create = function () {`
			`return function createTemplateMiddleware (req, res, next) {`
Use spread assignment 2017-12-30 01:34:54 +08:00			`const { user } = res.locals;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const template = req.body;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Use spread assignment 2017-12-30 01:34:54 +08:00			`this.templateMaps.addTemplate(user, template, (err, templateId) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_id: templateId });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
			`}.bind(this);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`NamedMapsAdminController.prototype.update = function () {`
			`return function updateTemplateMiddleware (req, res, next) {`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const template = req.body;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const templateId = templateName(req.params.template_id);`
Now turbo-cartocss is also parsed in template modification. 2016-03-11 18:06:51 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`this.templateMaps.updTemplate(user, templateId, template, (err) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_id: templateId });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
			`}.bind(this);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`NamedMapsAdminController.prototype.retrieve = function () {`
Rename middleware function 2018-01-03 20:15:11 +08:00			`return function retrieveTemplateMiddleware (req, res, next) {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`req.profiler.start('windshaft-cartodb.get_template');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Use spread assignment 2017-12-30 01:34:54 +08:00			`const { user } = res.locals;`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const templateId = templateName(req.params.template_id);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Use spread assignment 2017-12-30 01:34:54 +08:00			`this.templateMaps.getTemplate(user, templateId, (err, template) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`if (!template) {`
Use spread assignment 2017-12-30 01:34:54 +08:00			const error = new Error(`Cannot find template '${templateId}' of user '${user}'`);
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`error.http_status = 404;`
			`return next(error);`
			`}`
			`// auth_id was added by ourselves,`
			`// so we remove it before returning to the user`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`delete template.auth_id;`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
			`}.bind(this);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`NamedMapsAdminController.prototype.destroy = function () {`
			`return function destroyTemplateMiddleware (req, res, next) {`
			`req.profiler.start('windshaft-cartodb.delete_template');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
			`const templateId = templateName(req.params.template_id);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`this.templateMaps.delTemplate(user, templateId, (err/* , tpl_val */) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(204);`
Remove step and assert dependencies 2017-12-29 22:17:29 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
			`res[method]('');`
			`});`
			`}.bind(this);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`

Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`NamedMapsAdminController.prototype.list = function () {`
			`return function listTemplatesMiddleware (req, res, next) {`
			`req.profiler.start('windshaft-cartodb.get_template_list');`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`const { user } = res.locals;`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`this.templateMaps.listTemplates(user, (err, templateIds) => {`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`if (err) {`
			`return next(err);`
			`}`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`res.status(200);`
Remove finish function and respond in the main middleware 2017-12-29 22:04:44 +08:00
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`const method = req.query.callback ? 'jsonp' : 'json';`
Avoid snake_case notation 2017-12-29 23:30:42 +08:00			`res[method]({ template_ids: templateIds });`
Now main middlewares return a named function with the right context bound 2017-12-29 23:15:48 +08:00			`});`
			`}.bind(this);`
Split named maps administration from instantiation/usage 2015-07-08 19:11:57 +08:00			`};`