Raul Ochoa
415d0c42d5
jshint
2015-03-23 17:56:18 +01:00
Raul Ochoa
c19f652ff3
Remove some old accepted query params
2015-03-23 17:54:37 +01:00
Raul Ochoa
f5f7be627f
Move userByReq to its own model
2015-03-23 17:35:09 +01:00
Raul Ochoa
23f5be6c33
Remove config and sql api backend
2015-03-23 15:00:33 +01:00
Raul Ochoa
5f6185dd51
Merge branch 'master' into 257-remove-old-api
...
Conflicts:
lib/cartodb/cartodb_windshaft.js
lib/cartodb/server_options.js
package.json
2015-03-23 12:24:10 +01:00
Raul Ochoa
9ba53dc4cf
Adds user param to params whitelist and uses localhost user for tests
2015-03-20 00:30:56 +01:00
javi
c1c6d493b7
allow urls like /u/:user/
2015-03-18 15:54:05 +01:00
Raul Ochoa
b6d3785599
Fix Max cyclomatic complexity value
2015-03-16 00:36:38 +01:00
Raul Ochoa
645a2cd442
120 chars lines
2015-03-16 00:27:14 +01:00
Raul Ochoa
8c09dfd230
No capitalize step
2015-03-16 00:21:55 +01:00
Raul Ochoa
336491b54c
Remove unused vars
2015-03-16 00:16:36 +01:00
Raul Ochoa
d7f5c40645
Triple ===
2015-03-16 00:00:02 +01:00
Raul Ochoa
bd1c24ee1c
jshint: Remove Confusing use of '!'
2015-03-15 23:52:46 +01:00
Raul Ochoa
d03a2c64a6
jshint: fix Missing semicolon
2015-03-15 23:46:59 +01:00
Raul Ochoa
fda8afdaf2
jshint: fix Bad line breaking
2015-03-15 23:44:45 +01:00
Raul Ochoa
71efe2109c
Merge branch 'master' into 257-remove-old-api
...
Conflicts:
lib/cartodb/cartodb_windshaft.js
package.json
2015-02-18 14:51:21 +01:00
Raul Ochoa
d311dd4245
Use PgConnection to set db auth
...
No need to use request context anymore
X-Cache-Channel will be set now even for private tables: fixes #253
2015-02-16 11:57:53 +01:00
Raul Ochoa
b25bb03cdf
Merge branch 'master' into private-cdb_tablemetadata
...
Conflicts:
lib/cartodb/server_options.js
test/support/sql/windshaft.test.sql
2015-02-16 11:41:45 +01:00
Raul Ochoa
59dfd11e5b
Remove geom_type retrieval
2015-02-10 16:57:43 +01:00
Raul Ochoa
a4eade31a2
Removes map_metadata endpoint
2015-02-10 00:08:08 +01:00
Raul Ochoa
ba0f394a48
Remove infowindow endpoint
2015-02-10 00:03:44 +01:00
Raul Ochoa
75c4153f9b
No need to retrieve api key externally, QueryTablesApi takes care
2015-02-09 19:41:38 +01:00
Raul Ochoa
90b22b2718
QueryTables and last updated_at retrieved with user
...
Move setDBAuth and setDBConn to PgConnection entity
- It uses cartodb-redis to retrieve datasource configuration
Start using it in ServerOptions, TemplateMaps and QueryTablesApi
QueryTablesApi don't receive anymore the connection/credentials
- It will always use an authenticated query to retrieve last update
- That will allow to query affected private tables last update
2015-02-09 14:46:52 +01:00
Raul Ochoa
6bd967e9fb
Merge branch 'master' into medusa-improvements
...
Conflicts:
lib/cartodb/server_options.js
2015-02-06 12:01:28 +01:00
Raul Ochoa
d065ace036
Remove per table flush cache endpoint
2015-02-05 17:05:50 +01:00
Raul Ochoa
c17af23a40
A non empty datasource from MapConfigNamedLayersAdapter.getLayers
...
means the affected tables can have private tables involved.
That implies QueryTablesApi will need the proper user to use
CDB_QueryTables. So we store it in a request context to use it in
the afterLayergroupCreate call.
Tiles for these layergroups will fail to add a X-Cache-Channel
header because it won't be possible to use the proper user within
those tiles. Ok, they will fail if they are not requested through
the same tiler instance because if they are they most likely will
reuse the in memory cache.
See https://github.com/CartoDB/Windshaft-cartodb/issues/253
2015-02-04 19:31:20 +01:00
Raul Ochoa
2c7bc6adde
Datasource to give per-layer authentication in named layers
...
Make beforeLayergroupCreate to return a datasource with different
authentication for the different layers.
- Named layers will get access to private tables in case it's needed
Changes in MapConfigNamedLayersAdapter:
- It will retrieve the dbAuth params only if named layers are present so
there is no extra overhead for normal layers
- Rename queue function signature from `callback` to `done` so it is easier
to follow the code
Add several tests to validate `named` layers authentication
2015-02-04 11:30:36 +01:00
Raul Ochoa
d0ef87b0cf
Add a before layergroup creation action to allow first level named
...
maps layer type to be extended as other layers
2015-01-30 15:31:49 +01:00
Raul Ochoa
e28fe1fdc0
Initialize template maps in server options
2015-01-30 15:30:13 +01:00
Raul Ochoa
aecb07b008
Create redis pool in server options when not supplied
2015-01-30 15:28:55 +01:00
Raul Ochoa
6e70518146
Split between old cache_enabled and new purge_enabled configuration
2015-01-23 17:46:16 +01:00
Raul Ochoa
885accdadf
Adds varnish http port to the default configurations
2015-01-23 16:36:45 +01:00
Raul Ochoa
20eb92a3b1
Remove signedmaps and locks functionality as it is no longer needed
2015-01-22 19:28:59 +01:00
Raul Ochoa
e8ab3a48c6
Removes TemplateMaps dependency on SignedMaps
...
- Token validation is done against the template
- Template is always extended with default values for auth and placeholders
- MapConfig is extended, in order to validate auth_toknes, with template info:
- template name
- template auth
- No more locks to create, update or delete templates
- Trusting in redis' hash semantics
- Some tradeoffs:
* A client having more templates than allowed by a race condition
between limit (HLEN) check and creation (HSET)
* Updating a template could happen while the deleting it, resulting in
in a new template
* Templates already instantiated will be accessible thrught their
layergroup so it is possible to continue requesting tiles/grids/etc.
- Authorization is now handled by template maps
2015-01-22 15:40:40 +01:00
Raul Ochoa
caa05e779a
Add scale_factor param as valid one
2015-01-14 18:11:13 +01:00
Raul Ochoa
48d60821a7
Exposes http renderer config
2014-12-01 18:43:40 +01:00
Raul Ochoa
c88330f5f2
Allow a different cache-control max-age for layergroup responses
2014-10-24 16:05:41 +02:00
Raul Ochoa
cf5e34eae6
Upgrades Windshaft to start reporting redis/renderers/mapnik pool metrics
2014-10-15 16:45:49 +02:00
Raul Ochoa
9f5faf7cf8
Server options to instantiate cartodb-redis with redis configuration if pool is not provided
2014-10-14 21:19:44 +02:00
Raul Ochoa
7009eb20f8
Check style fixes
2014-09-24 11:42:53 +02:00
Raul Ochoa
24cbd192aa
Share one redis-mpool across the application
2014-09-24 11:42:36 +02:00
Raul Ochoa
9496d83d1c
Adds poolSize configuration for mapnik
2014-09-18 19:06:45 +02:00
Raul Ochoa
2b2020b43b
Removes getTableGeometryType metric
2014-08-25 19:09:54 +02:00
Raul Ochoa
a3a5964926
Upgrades dependencies
2014-08-14 19:54:45 +02:00
Raul Ochoa
6a8cff6fcd
Merge branch 'remove-mapnik-dependency'
...
Conflicts:
NEWS.md
2014-08-14 19:26:52 +02:00
Raul Ochoa
23a7684208
Removes mapnik dependency as it now relies on Windshaft to check mapnik version
2014-08-14 18:27:54 +02:00
Raul Ochoa
e7ab71c606
Merge branch 'master' into CDB-3686
2014-08-11 12:19:11 +02:00
Raul Ochoa
2ed656ca0d
Upgrades windshaft (and grainstore) to be able to specify the tile
...
format, see: https://github.com/mapnik/mapnik/wiki/OutputFormats
2014-08-07 01:57:21 +02:00
Raul Ochoa
5cf79c82bb
Configurable QueryTablesAPI to call directly postgresql using cartodb-psql
...
or to keep using a request to the SQL API
2014-08-06 21:48:08 +02:00
Raul Ochoa
3af45e1a32
Moves calls to SQL API to its own entity.
...
Groups affected tables and last updated time for affected tables into one request.
2014-07-30 13:46:46 +02:00
Raul Ochoa
75088c89d3
Style fixes
2014-07-30 13:45:53 +02:00
Raul Ochoa
f756b9d77f
Removes search_path param
2014-07-04 12:18:35 +02:00
Raul Ochoa
bfdcee3772
Retrieving db public user from redis. It uses a new multiget method from cartodb-redis
2014-07-03 21:39:47 +02:00
Raul Ochoa
470aea22d9
Sets full search_path
2014-07-03 10:24:37 +02:00
javi
3806ad8843
Merge remote-tracking branch 'origin/CDB-2891-search_path' into multiuser
2014-06-27 09:10:39 +02:00
Raul Ochoa
037ce2dc12
CDB-2891 Exposes username as search_path in params
2014-06-27 00:48:48 +01:00
javi
338c0bcdbe
use regclass instead table name to look for last_updated in CDB_tablemetadata
2014-06-26 15:00:55 +02:00
Raul Ochoa
5e73b12cf5
CDB-3256 adds headers based on affected tables when creating a layergroup via HTTP GET
2014-06-24 12:16:30 +02:00
Sandro Santilli
882ec65ba0
Use signer's map_key when contacting sql-api
...
Includes testcase.
Fixes #188
2014-04-08 09:44:49 +02:00
javi
5bfc360856
added serverMetadata option for layer group, close #182 CDB-1940
2014-03-06 15:19:12 +01:00
Sandro Santilli
ffda103d61
Do not UNWATCH on every redis client release
...
Closes #161
2014-03-04 15:36:08 +01:00
Sandro Santilli
ecc9ea1226
Use 403 for forbidden, not 401
...
Includes upgrade of windshaft to 0.19.3
Includes upgrade of redis-mpool to 0.0.4
2014-03-04 15:32:31 +01:00
Sandro Santilli
30eb939dc7
Fix error message on missing requested signature
...
We don't really distinguish between missing or non-authorizing
signature. And that's fine. See #170
2014-03-03 18:14:17 +01:00
Sandro Santilli
40a254922a
Raise 403 forbidden on missing requested signature
...
Closes #170
Includes testcase
2014-03-03 18:06:39 +01:00
Sandro Santilli
ddd2628c19
Fix database connection settings on template instanciation
...
Closes #174
Enhances testsuite to ensure test.js settings are read
2014-02-28 15:56:31 +01:00
Sandro Santilli
f46dc90035
Forbid using map signatures of foreign users
...
Closes #173
Includes testcase
2014-02-28 13:24:38 +01:00
Sandro Santilli
55f333c0b7
Call userByReq() only once in req2params
2014-02-27 16:40:59 +01:00
Sandro Santilli
f24e4f8a0a
Really skip CDB_TableMetadata lookup for sql affected by no tables
...
Closes #169
2014-02-27 15:34:09 +01:00
Sandro Santilli
36632c762e
Do not query CDB_TableMetadata for queries affected by no tables
...
Closes #16
2014-02-27 12:32:34 +01:00
Sandro Santilli
f284362988
Reduce sql-api communication timeout, and allow overriding it
...
Introduces new sqlapi.timeout directive, defaults to 100 ms
Includes testcase.
Closes #167
2014-02-27 10:33:32 +01:00
Sandro Santilli
09ea924eb2
Allow using GET with sql-api for queries shorter than configured len
...
Introduces new sqlapi.max_get_sql_length directive, defaults to 2048.
Closes #155
Includes testcases.
2014-02-20 10:17:48 +01:00
Sandro Santilli
c8a042abdd
Expand "addCacheChannel" stats
2014-02-19 18:10:33 +01:00
Sandro Santilli
6c6f3d02f6
Always generate X-Cache-Channel for token-based tile responses
...
Closes #152
2014-02-19 10:09:54 +01:00
Sandro Santilli
36a135f02b
Refactor addCacheChannel using Step
2014-02-19 07:19:41 +01:00
Sandro Santilli
1c3734fde7
Make server_option a callable function, to reduce globals
...
Updates acceptance test for #152 to not mess wit internals
2014-02-19 06:45:29 +01:00
Sandro Santilli
3c09be64ce
Add pending test for X-Cache-Channel on tiler restart ( #152 )
2014-02-18 18:33:00 +01:00
Sandro Santilli
c14378ca5d
Avoid checking for table privacy when not using table maps
...
See #147
2014-02-17 18:20:18 +01:00
Sandro Santilli
26b9c8123d
Set maxSocket to allow more than 5 concurrent connections to sql-api
2014-02-17 18:03:11 +01:00
Sandro Santilli
1f2e4edd35
Comments cleanup
2014-02-17 11:10:08 +01:00
Sandro Santilli
def474c611
Skip getting geometry type if request has no table
2014-02-14 12:26:34 +01:00
Sandro Santilli
c1b2d16119
rename tablePrivacy_getUserDBName profile label
2014-02-14 11:47:43 +01:00
Sandro Santilli
678d653ee9
Allow configuring TTL of mapConfigs via "mapConfigTTL"
2014-02-13 15:44:54 +01:00
Sandro Santilli
b673cb2a1f
Add more detailed profile info about the "authorize" step
...
Closes #142
2014-02-13 10:25:28 +01:00
Sandro Santilli
e88e49001a
Do not retrive user's api key if no api key was provided
...
Reduces redis interaction, see #142
2014-02-13 10:16:11 +01:00
Sandro Santilli
bf45bbea56
Do not send multiple equal commands to Varnish on connect
...
Closes #135
Also accept varnish "secret" in config
2014-02-12 16:14:27 +01:00
javi
01feeae6f4
include state configuration for windshaft fixes #139
2014-02-12 15:27:42 +01:00
Sandro Santilli
a948038ff4
Disable debug logging unless "debug" config param evaluates to true
...
Closes #137
2014-02-11 16:34:43 +01:00
Sandro Santilli
8c013ed2d1
Rename Step function in setDBConn
2014-02-11 13:42:44 +01:00
Sandro Santilli
7a749631e8
Fix profiler labels
2014-02-11 13:40:17 +01:00
Sandro Santilli
747f4803ba
Include hash of template in the maptoken returned from instanciation
...
Doing so basically removes the need to include the template identifier
in the surrogate keys of the responses for resources fetched via
the instance whenever template is updated. See #105
2014-02-10 15:30:35 +01:00
Sandro Santilli
fe6e915c0d
Always set database access parameters from req2params
...
Fixes privileged database access from unauthorized users while
fetching torque tiles or feature attributes (unreleased feature).
Closes #132 .
Includes testcase, which closes #119
2014-02-07 18:08:41 +01:00
Sandro Santilli
9018e39762
Make endpoints configurable
...
Closes #127
Uses /api/v1/maps* in the production and staging example configs,
keeps /maps* for development and test (they are examples...)
2014-02-05 15:14:47 +01:00
Sandro Santilli
a964ed5fe6
Implement Unified Map API
...
Closes #126
2014-02-04 19:04:59 +01:00
Sandro Santilli
b862904506
Be explicit about the map output srid configuration
2014-02-04 16:26:26 +01:00
Sandro Santilli
978ea9cd04
Fix sqlapi request header to be "Host", not "Hostname"
...
Closes (better) #117 -- automated test included
2014-01-30 16:46:26 +01:00
Sandro Santilli
ca4f3d2025
Re-introduce sqlapi.host directive, allowing DNS lookups drop
...
For backward compatibility, sqlapi.host is only used if domain
is also defined and has a different value (empty string allowed).
Closes #117
2014-01-30 16:12:37 +01:00
Sandro Santilli
1f0faba71c
Stop processing XML on renderer creation
...
Not needed anymore since 1.6.1 introduced on-demand XML generation.
2014-01-30 11:14:52 +01:00
javi
92ca447c06
fixed #91
2014-01-28 12:05:01 +01:00
Sandro Santilli
5772c81590
Fix support for long (>64k chars) queries in layergroup creation
...
Closes #111 . Includes testcase.
2014-01-16 17:20:30 +01:00
Sandro Santilli
4ee4492490
Yet another username extraction fix. Thanks again @demimismo.
...
Closes #100 (yet again)
2014-01-09 16:46:47 +01:00