cartodb4/Windshaft-cartodb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

let select apikey type in setDBAuth: regular, default, master

Browse Source
This commit is contained in:
Eneko Lakasta 2018-02-08 11:29:17 +01:00
parent d9a34f3384
commit 6ebf51ce45
5 changed files with 32 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
lib/cartodb/api/auth_api.js
View File

@ -101,8 +101,7 @@ AuthApi.prototype.authorize = function(req, res, callback) {
} }
if (isAuthorizedByApikey) { if (isAuthorizedByApikey) {
const asMaster = false; return this.pgConnection.setDBAuth(user, res.locals, 'regular', function (err) {
return this.pgConnection.setDBAuth(user, res.locals, asMaster, function (err) {
req.profiler.done('setDBAuth'); req.profiler.done('setDBAuth');
if (err) { if (err) {
@ -119,8 +118,7 @@ AuthApi.prototype.authorize = function(req, res, callback) {
} }
if (isAuthorizedBySigner) { if (isAuthorizedBySigner) {
const asMaster = true; return this.pgConnection.setDBAuth(user, res.locals, 'master', function (err) {
return this.pgConnection.setDBAuth(user, res.locals, asMaster, function (err) {
req.profiler.done('setDBAuth'); req.profiler.done('setDBAuth');
if (err) { if (err) {
@ -131,10 +129,17 @@ AuthApi.prototype.authorize = function(req, res, callback) {
}); });
} }
// if no signer name was given, let dbparams and // if no signer name was given, use default api key
// PostgreSQL do the rest.
if (!res.locals.signer) { if (!res.locals.signer) {
return callback(null, true); // authorized so far return this.pgConnection.setDBAuth(user, res.locals, 'default', function (err) {
req.profiler.done('setDBAuth');
if (err) {
return callback(err);
}
callback(null, true);
});
} }
// if signer name was given, return no authorization // if signer name was given, return no authorization

22
lib/cartodb/backends/pg_connection.js
View File

@ -20,8 +20,8 @@ module.exports = PgConnection;
// //
// @param callback function(err) // @param callback function(err)
// //
PgConnection.prototype.setDBAuth = function(username, params, asMaster, callback) { PgConnection.prototype.setDBAuth = function(username, params, apikeyType, callback) {
if (asMaster) { if (apikeyType === 'master') {
this.metadataBackend.getMasterApikey(username, (err, apikey) => { this.metadataBackend.getMasterApikey(username, (err, apikey) => {
if (err) { if (err) {
return callback(err); return callback(err);
@ -32,7 +32,7 @@ PgConnection.prototype.setDBAuth = function(username, params, asMaster, callback
return callback(); return callback();
}); });
} else { } else if (apikeyType === 'regular') {
this.metadataBackend.getApikey(username, params.api_key || params.map_key, (err, apikey) => { this.metadataBackend.getApikey(username, params.api_key || params.map_key, (err, apikey) => {
if (err) { if (err) {
return callback(err); return callback(err);
@ -43,6 +43,19 @@ PgConnection.prototype.setDBAuth = function(username, params, asMaster, callback
return callback(); return callback();
}); });
} else if (apikeyType === 'default') {
this.metadataBackend.getApikey(username, 'default_public', (err, apikey) => {
if (err) {
return callback(err);
}
params.dbuser = apikey.databaseRole;
params.dbpassword = apikey.databasePassword;
return callback();
});
} else {
return callback(new Error(`Invalid Apikey type: ${apikeyType}, valid ones: master, regular, default`));
} }
}; };
@ -97,8 +110,7 @@ PgConnection.prototype.getConnection = function(username, callback) {
require('debug')('cachechan')("getConn1"); require('debug')('cachechan')("getConn1");
step( step(
function setAuth() { function setAuth() {
const asMaster = true; self.setDBAuth(username, params, 'master', this);
self.setDBAuth(username, params, asMaster, this);
}, },
function setConn(err) { function setConn(err) {
assert.ifError(err); assert.ifError(err);

3
lib/cartodb/backends/pg_query_runner.js
View File

@ -22,8 +22,7 @@ PgQueryRunner.prototype.run = function(username, query, callback) {
step( step(
function setAuth() { function setAuth() {
const asMaster = true; self.pgConnection.setDBAuth(username, params, 'master', this);
self.pgConnection.setDBAuth(username, params, asMaster, this);
}, },
function setConn(err) { function setConn(err) {
assert.ifError(err); assert.ifError(err);

4
lib/cartodb/models/mapconfig/adapter/mapconfig-named-layers-adapter.js
View File

@ -108,9 +108,7 @@ MapConfigNamedLayersAdapter.prototype.getMapConfig = function (user, requestMapC
var dbAuth = {}; var dbAuth = {};
if (_.some(layers, isNamedTypeLayer)) { if (_.some(layers, isNamedTypeLayer)) {
// Lazy load dbAuth this.pgConnection.setDBAuth(user, dbAuth, 'master', function(err) {
const asMaster = true;
this.pgConnection.setDBAuth(user, dbAuth, asMaster, function(err) {
if (err) { if (err) {
return callback(err); return callback(err);
} }

3
lib/cartodb/models/mapconfig/provider/named-map-provider.js
View File

@ -235,8 +235,7 @@ NamedMapMapConfigProvider.prototype.setDBParams = function(cdbuser, params, call
var self = this; var self = this;
step( step(
function setAuth() { function setAuth() {
const asMaster = true; self.pgConnection.setDBAuth(cdbuser, params, 'master', this);
self.pgConnection.setDBAuth(cdbuser, params, asMaster, this);
}, },
function setConn(err) { function setConn(err) {
assert.ifError(err); assert.ifError(err);