From d9e6aeb2543c94e01ef2dd82c0921f35ab36fbf5 Mon Sep 17 00:00:00 2001
From: Sandro Santilli <strk@keybit.net>
Date: Mon, 22 Oct 2012 15:30:16 +0200
Subject: [PATCH] Fix crash on unknown user. Closes #55.

---
 NEWS.md                   |  1 +
 lib/cartodb/carto_data.js |  2 +-
 test/acceptance/server.js | 70 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 72 insertions(+), 1 deletion(-)

diff --git a/NEWS.md b/NEWS.md
index 2821ad66..7525f350 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,5 +1,6 @@
 1.1.0 (DD/MM/YY)
 -----
+* Fix crash on unknown user (#55)
 * Add /version entry point
 * CartoCSS versioning
  * Include style_version in GET /style response
diff --git a/lib/cartodb/carto_data.js b/lib/cartodb/carto_data.js
index 87a8bf8c..5ad4723c 100644
--- a/lib/cartodb/carto_data.js
+++ b/lib/cartodb/carto_data.js
@@ -126,7 +126,7 @@ module.exports = function() {
                 that.retrieve(that.table_metadata_db, redisKey, 'privacy', this);
             },
             function(err, data){
-                if (err) throw err;
+                //if (err) throw err;
                 callback(err, data);
              }
         );
diff --git a/test/acceptance/server.js b/test/acceptance/server.js
index 7dad73d6..eb5dd025 100644
--- a/test/acceptance/server.js
+++ b/test/acceptance/server.js
@@ -101,6 +101,23 @@ suite('server', function() {
         });
     });
 
+    // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55
+    test("get'ing style of private table should fail on unknown username",
+    function(done) {
+        assert.response(server, {
+            headers: {host: 'unknown_user'},
+            url: '/tiles/test_table_private_1/style',
+            method: 'GET'
+        },{
+        }, function(res) {
+          // FIXME: should be 401 Unauthorized
+          assert.equal(res.statusCode, 500, res.body);
+          assert.deepEqual(JSON.parse(res.body),
+            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+          done();
+        });
+    });
+
     test("get'ing style of private table should succeed when authenticated",
     function(done) {
         assert.response(server, {
@@ -401,6 +418,23 @@ suite('server', function() {
         });
     });
 
+    // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55
+    test("get'ing infowindow of private table should fail on unknown username",
+    function(done) {
+        assert.response(server, {
+            headers: {host: 'unknown_user'},
+            url: '/tiles/test_table_private_1/infowindow',
+            method: 'GET'
+        },{
+        }, function(res) {
+          // FIXME: should be 401 Unauthorized
+          assert.equal(res.statusCode, 500, res.body);
+          assert.deepEqual(JSON.parse(res.body),
+            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+          done();
+        });
+    });
+
     test("get'ing infowindow of private table should succeed when authenticated",
     function(done) {
         assert.response(server, {
@@ -467,6 +501,23 @@ suite('server', function() {
         });
     });
 
+    // See http://github.com/Vizzuality/Windshaft-cartodb/issues/55
+    test("get'ing grid of private table should fail on unknown username",
+    function(done) {
+        assert.response(server, {
+            headers: {host: 'unknown_user'},
+            url: '/tiles/test_table_private_1/6/31/24.grid.json',
+            method: 'GET'
+        },{
+        }, function(res) {
+          // FIXME: should be 401 Unauthorized
+          assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
+          assert.deepEqual(JSON.parse(res.body),
+            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+          done();
+        });
+    });
+
     test("get'ing the grid of a private table should succeed when authenticated",
     function(done) {
         assert.response(server, {
@@ -566,6 +617,25 @@ suite('server', function() {
         });
     });
 
+    test("get'ing a tile with data from private table should fail on unknown username", function(done){
+        var sql = querystring.stringify({
+          sql: "SELECT * FROM test_table_private_1",
+          cache_buster:2 // this is to avoid getting the cached response
+        });
+        assert.response(server, {
+            headers: {host: 'unknown_user'},
+            url: '/tiles/gadm4/6/31/24.png?' + sql,
+            method: 'GET'
+        },{
+        }, function(res) {
+          // FIXME: should be 401 Unauthorized
+          assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
+          assert.deepEqual(JSON.parse(res.body),
+            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+          done();
+        });
+    });
+
     test("get'ing a tile with data from private table should fail when unauthenticated (uses old redis key)", function(done){
         var sql = querystring.stringify({
           sql: "SELECT * FROM test_table_private_1",