diff --git a/lib/cartodb/api/auth_api.js b/lib/cartodb/api/auth_api.js index ff42c9df..e2b3fe46 100644 --- a/lib/cartodb/api/auth_api.js +++ b/lib/cartodb/api/auth_api.js @@ -1,5 +1,3 @@ -var _ = require('underscore'); // AUTH_FALLBACK - /** * * @param {PgConnection} pgConnection @@ -77,11 +75,6 @@ AuthApi.prototype.authorizedByAPIKey = function(user, res, callback) { return callback(err); } - //Remove this block when Auth fallback is not used anymore - // AUTH_FALLBACK - apikey.databaseRole = composeUserDatabase(apikey); - apikey.databasePassword = composeDatabasePassword(apikey); - if ( !isValidApiKey(apikey)) { const error = new Error('Unauthorized'); error.type = 'auth'; @@ -113,38 +106,6 @@ AuthApi.prototype.authorizedByAPIKey = function(user, res, callback) { }); }; -//Remove this block when Auth fallback is not used anymore -// AUTH_FALLBACK -function composeUserDatabase (apikey) { - if (shouldComposeUserDatabase(apikey)) { - return _.template(global.environment.postgres_auth_user, apikey); - } - - return apikey.databaseRole; -} - -//Remove this block when Auth fallback is not used anymore -// AUTH_FALLBACK -function composeDatabasePassword (apikey) { - if (shouldComposeDatabasePassword(apikey)) { - return global.environment.postgres.password; - } - - return apikey.databasePassword; -} - -//Remove this block when Auth fallback is not used anymore -// AUTH_FALLBACK -function shouldComposeDatabasePassword (apikey) { - return !apikey.databasePassword && global.environment.postgres.password; -} - -//Remove this block when Auth fallback is not used anymore -// AUTH_FALLBACK -function shouldComposeUserDatabase(apikey) { - return !apikey.databaseRole && apikey.user_id && global.environment.postgres_auth_user; -} - function isNameNotFoundError (err) { return err.message && -1 !== err.message.indexOf('name not found'); } diff --git a/lib/cartodb/backends/pg_connection.js b/lib/cartodb/backends/pg_connection.js index f389c687..0a9b29bd 100644 --- a/lib/cartodb/backends/pg_connection.js +++ b/lib/cartodb/backends/pg_connection.js @@ -32,12 +32,6 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba params.dbuser = apikey.databaseRole; params.dbpassword = apikey.databasePassword; - //Remove this block when Auth fallback is not used anymore - // AUTH_FALLBACK - if (!params.dbuser && apikey.user_id && global.environment.postgres_auth_user) { - params.dbuser = _.template(global.environment.postgres_auth_user, apikey); - } - return callback(); }); } else if (apikeyType === 'regular') { //Actually it can be any type of api key @@ -52,20 +46,6 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba params.dbuser = apikey.databaseRole; params.dbpassword = apikey.databasePassword; - //Remove this block when Auth fallback is not used anymore - // AUTH_FALLBACK - // master apikey has been recreated from user's metadata - if (!params.dbuser && apikey.user_id && apikey.type === 'master' && global.environment.postgres_auth_user) { - params.dbuser = _.template(global.environment.postgres_auth_user, apikey); - } - - //Remove this block when Auth fallback is not used anymore - // AUTH_FALLBACK - // default apikey has been recreated from user's metadata - if (!params.dbpassword && global.environment.postgres.password) { - params.dbpassword = global.environment.postgres.password; - } - return callback(); }); } else if (apikeyType === 'default') { @@ -80,12 +60,6 @@ PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callba params.dbuser = apikey.databaseRole; params.dbpassword = apikey.databasePassword; - //Remove this block when Auth fallback is not used anymore - // AUTH_FALLBACK - if (!params.dbpassword && global.environment.postgres.password) { - params.dbpassword = global.environment.postgres.password; - } - return callback(); }); } else { diff --git a/lib/cartodb/controllers/named_maps_admin.js b/lib/cartodb/controllers/named_maps_admin.js index df3ac766..3305dd46 100644 --- a/lib/cartodb/controllers/named_maps_admin.js +++ b/lib/cartodb/controllers/named_maps_admin.js @@ -108,7 +108,7 @@ function authorizedByAPIKey ({ authApi, action, label }) { } if (!authenticated) { - const error = new Error(`Only authenticated user can ${action} templated maps`); + const error = new Error(`Only authenticated users can ${action} templated maps`); error.http_status = 403; error.label = label; return next(error); diff --git a/test/acceptance/auth/authorization-fallback.js b/test/acceptance/auth/authorization-basic-use-cases.js similarity index 70% rename from test/acceptance/auth/authorization-fallback.js rename to test/acceptance/auth/authorization-basic-use-cases.js index bbc16140..3bdfd0bf 100644 --- a/test/acceptance/auth/authorization-fallback.js +++ b/test/acceptance/auth/authorization-basic-use-cases.js @@ -1,6 +1,3 @@ -//Remove this file when Auth fallback is not used anymore -// AUTH_FALLBACK - const assert = require('../../support/assert'); const testHelper = require('../../support/test_helper'); const CartodbWindshaft = require('../../../lib/cartodb/server'); @@ -44,7 +41,7 @@ var pointSqlMaster = "select * from test_table_private_1"; var pointSqlPublic = "select * from test_table"; var keysToDelete; -describe('authorization fallback', function () { +describe.only('Basic authorization use cases', function () { var server; before(function () { @@ -63,7 +60,7 @@ describe('authorization fallback', function () { var layergroup = singleLayergroupConfig(pointSqlMaster, '#layer { marker-fill:red; }'); assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth', '4444'), + createRequest(layergroup, 'localhost', '1234'), { status: 200 }, @@ -75,7 +72,7 @@ describe('authorization fallback', function () { assert.equal(res.headers['x-layergroup-id'], parsed.layergroupid); keysToDelete['map_cfg|' + LayergroupToken.parse(parsed.layergroupid).token] = 0; - keysToDelete['user:user_previous_to_project_auth:mapviews:global'] = 5; + keysToDelete['user:localhost:mapviews:global'] = 5; done(); } @@ -87,7 +84,7 @@ describe('authorization fallback', function () { var layergroup = singleLayergroupConfig(pointSqlPublic, '#layer { marker-fill:red; }'); assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth', 'default_public'), + createRequest(layergroup, 'localhost', 'default_public'), { status: 200 }, @@ -99,7 +96,7 @@ describe('authorization fallback', function () { assert.equal(res.headers['x-layergroup-id'], parsed.layergroupid); keysToDelete['map_cfg|' + LayergroupToken.parse(parsed.layergroupid).token] = 0; - keysToDelete['user:user_previous_to_project_auth:mapviews:global'] = 5; + keysToDelete['user:localhost:mapviews:global'] = 5; done(); } @@ -110,7 +107,7 @@ describe('authorization fallback', function () { var layergroup = singleLayergroupConfig(pointSqlPublic, '#layer { marker-fill:red; }'); assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth'), + createRequest(layergroup, 'localhost'), { status: 200 }, @@ -122,31 +119,27 @@ describe('authorization fallback', function () { assert.equal(res.headers['x-layergroup-id'], parsed.layergroupid); keysToDelete['map_cfg|' + LayergroupToken.parse(parsed.layergroupid).token] = 0; - keysToDelete['user:user_previous_to_project_auth:mapviews:global'] = 5; + keysToDelete['user:localhost:mapviews:global'] = 5; done(); } ); }); - it("succeed with non-existent api key - defaults to default", function (done) { + it("fail with non-existent api key", function (done) { var layergroup = singleLayergroupConfig(pointSqlPublic, '#layer { marker-fill:red; }'); assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth', 'THIS-API-KEY-DOESNT-EXIST'), + createRequest(layergroup, 'localhost', 'THIS-API-KEY-DOESNT-EXIST'), { - status: 200 + status: 401 }, function (res, err) { assert.ifError(err); - var parsed = JSON.parse(res.body); - assert.ok(parsed.layergroupid); - assert.equal(res.headers['x-layergroup-id'], parsed.layergroupid); - - keysToDelete['map_cfg|' + LayergroupToken.parse(parsed.layergroupid).token] = 0; - keysToDelete['user:user_previous_to_project_auth:mapviews:global'] = 5; - + assert.ok(parsed.hasOwnProperty('errors')); + assert.equal(parsed.errors.length, 1); + assert.ok(parsed.errors[0].match(/Unauthorized/)); done(); } ); @@ -156,23 +149,7 @@ describe('authorization fallback', function () { var layergroup = singleLayergroupConfig(pointSqlMaster, '#layer { marker-fill:red; }'); assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth', 'default_public'), - { - status: 403 - }, - function (res, err) { - assert.ifError(err); - - done(); - } - ); - }); - - it("fail with non-existent api key - defaults to default", function (done) { - var layergroup = singleLayergroupConfig(pointSqlMaster, '#layer { marker-fill:red; }'); - - assert.response(server, - createRequest(layergroup, 'user_previous_to_project_auth', 'THIS-API-KEY-DOESNT-EXIST'), + createRequest(layergroup, 'localhost', 'default_public'), { status: 403 }, diff --git a/test/support/prepare_db.sh b/test/support/prepare_db.sh index f2121147..7df3f3b0 100755 --- a/test/support/prepare_db.sh +++ b/test/support/prepare_db.sh @@ -132,18 +132,6 @@ HMSET rails:users:cartodb250user id ${TESTUSERID} \ EOF -# Remove this block when Auth fallback is not used anymore -# AUTH_FALLBACK - # A user to test auth fallback to no api keys mode - cat <