Use signer's map_key when contacting sql-api

Includes testcase. Fixes #188
2014-04-08 09:16:16 +02:00 · 2014-04-08 09:16:16 +02:00 · 882ec65ba0
commit 882ec65ba0
parent bbd4db6ddb
2 changed files with 55 additions and 5 deletions
--- a/lib/cartodb/server_options.js
+++ b/lib/cartodb/server_options.js
@ -285,8 +285,31 @@ module.exports = function(){
            }
            return [req.params.table];
          }
-          var username   = that.userByReq(req);
-          me.affectedTables(username, req.params.map_key, sql, this);
+          var user, key;
+          var next = this;
+          Step (
+            function findUserKey() {
+              if ( req.params.hasOwnProperty('_authorizedBySigner') ) {
+                user = req.params._authorizedBySigner;
+                cartoData.getUserMapKey(user, this);
+              } else {
+                user = that.userByReq(req);
+                key = req.params.map_key || req.params.api_key;
+                return null;
+              }
+            },
+            function getAffected(err, data) {
+              if ( err ) throw err;
+              if ( data ) {
+                if ( req.profiler ) req.profiler.done('getSignerMapKey');
+                key = data;
+              }
+              me.affectedTables(user, key, sql, this); // in addCacheChannel
+            },
+            function finish(err, data) {
+              next(err,data);
+            }
+          );
        },
        function buildCacheChannel(err, tableNames) {
          if ( err ) throw err;
@ -407,7 +430,7 @@ module.exports = function(){

        Step(
          function getTables() {
-            me.affectedTables(usr, key, sql, this);
+            me.affectedTables(usr, key, sql, this); // in afterLayergroupCreate
          },
          function getLastupdated(err, tableNames) {
            if (req.profiler) req.profiler.done('affectedTables');
@ -671,6 +694,7 @@ module.exports = function(){
                }

                // Authorized by "signed_by" !
+                _.extend(req.params, { _authorizedBySigner: signed_by });
                that.setDBAuth(signed_by, req.params, function(err) {
                  if (req.profiler) req.profiler.done('setDBAuth');
                  callback(err, true); // authorized (or error)
--- a/test/acceptance/templates.js
+++ b/test/acceptance/templates.js
@ -20,7 +20,8 @@ var helper = require(__dirname + '/../support/test_helper');
 var windshaft_fixtures = __dirname + '/../../node_modules/windshaft/test/fixtures';

 var CartodbWindshaft = require(__dirname + '/../../lib/cartodb/cartodb_windshaft');
-var serverOptions = require(__dirname + '/../../lib/cartodb/server_options')();
+var ServerOptions = require(__dirname + '/../../lib/cartodb/server_options');
+var serverOptions = ServerOptions();
 var server = new CartodbWindshaft(serverOptions);
 server.setMaxListeners(0);

@ -1167,12 +1168,37 @@ suite('template_api', function() {
          assert.response(server, get_request, {},
            function(res) { next(null, res); });
        },
-        function checkTile(err, res) {
+        function checkTile_fetchOnRestart(err, res) {
          if ( err ) throw err;
          assert.equal(res.statusCode, 200, 
            'Unexpected error for authorized instance: '
            + res.statusCode + ' -- ' + res.body);
          assert.equal(res.headers['content-type'], "application/json; charset=utf-8");
+          var cc = res.headers['x-cache-channel'];
+          assert.ok(cc);
+          assert.ok(cc.match, /ciao/, cc);
+          // hack simulating restart...
+          serverOptions = ServerOptions(); // need to clean channel cache
+          server = new CartodbWindshaft(serverOptions);
+          var get_request = {
+              url: '/tiles/layergroup/' + layergroupid + ':cb1/0/0/0/1.json.torque?auth_token=valid1',
+              method: 'GET',
+              headers: {host: 'localhost' },
+              encoding: 'binary'
+          }
+          var next = this;
+          assert.response(server, get_request, {},
+            function(res) { next(null, res); });
+        },
+        function checkCacheChannel(err, res) {
+          if ( err ) throw err;
+          assert.equal(res.statusCode, 200, 
+            'Unexpected error for authorized instance: '
+            + res.statusCode + ' -- ' + res.body);
+          assert.equal(res.headers['content-type'], "application/json; charset=utf-8");
+          var cc = res.headers['x-cache-channel'];
+          assert.ok(cc, "Missing X-Cache-Channel on fetch-after-restart");
+          assert.ok(cc.match, /ciao/, cc);
          return null;
        },
        function deleteTemplate(err)