cartodb4/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

get apikey token from request in named maps admin middleware

Browse Source
This commit is contained in:
Eneko Lakasta 2018-02-15 15:20:52 +01:00
parent 3e916c6054
commit 18dbeea003
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/cartodb/controllers/named_maps_admin.js
View File

@ -1,6 +1,13 @@
const { templateName } = require('../backends/template_maps');
const cors = require('../middleware/cors');
const userMiddleware = require('../middleware/user');
const localsMiddleware = require('../middleware/context/locals');
const apikeyTokenMiddleware = require('../middleware/context/apikey-token');
const apikeyMiddleware = [
localsMiddleware,
apikeyTokenMiddleware(),
];
/**
* @param {AuthApi} authApi
@ -22,6 +29,7 @@ NamedMapsAdminController.prototype.register = function (app) {
`${base_url_templated}/`,
cors(),
userMiddleware,
apikeyMiddleware,
this.checkContentType('POST', 'POST TEMPLATE'),
this.authorizedByAPIKey('create', 'POST TEMPLATE'),
this.create()
@ -31,6 +39,7 @@ NamedMapsAdminController.prototype.register = function (app) {
`${base_url_templated}/:template_id`,
cors(),
userMiddleware,
apikeyMiddleware,
this.checkContentType('PUT', 'PUT TEMPLATE'),
this.authorizedByAPIKey('update', 'PUT TEMPLATE'),
this.update()
@ -40,6 +49,7 @@ NamedMapsAdminController.prototype.register = function (app) {
`${base_url_templated}/:template_id`,
cors(),
userMiddleware,
apikeyMiddleware,
this.authorizedByAPIKey('get', 'GET TEMPLATE'),
this.retrieve()
);
@ -48,6 +58,7 @@ NamedMapsAdminController.prototype.register = function (app) {
`${base_url_templated}/:template_id`,
cors(),
userMiddleware,
apikeyMiddleware,
this.authorizedByAPIKey('delete', 'DELETE TEMPLATE'),
this.destroy()
);
@ -56,6 +67,7 @@ NamedMapsAdminController.prototype.register = function (app) {
`${base_url_templated}/`,
cors(),
userMiddleware,
apikeyMiddleware,
this.authorizedByAPIKey('list', 'GET TEMPLATE LIST'),
this.list()
);
@ -69,7 +81,6 @@ NamedMapsAdminController.prototype.register = function (app) {
NamedMapsAdminController.prototype.authorizedByAPIKey = function (action, label) {
return function authorizedByAPIKeyMiddleware (req, res, next) {
const { user } = res.locals;
this.authApi.authorizedByAPIKey(user, res, (err, authenticated) => {
if (err) {
return next(err);