Windshaft-cartodb/test/acceptance/named-maps-authentication-test.js

273 lines
8.6 KiB
JavaScript

'use strict';
var testHelper = require('../support/test-helper');
var RedisPool = require('redis-mpool');
var querystring = require('querystring');
var assert = require('../support/assert');
const mapnik = require('@carto/mapnik');
const createServer = require('../../lib/server');
var serverOptions = require('../../lib/server-options');
var TemplateMaps = require('../../lib/backends/template-maps');
var NamedMapsCacheEntry = require('../../lib/cache/model/named-maps-entry');
describe('named maps authentication', function () {
var server;
before(function () {
server = createServer(serverOptions);
});
// configure redis pool instance to use in tests
var redisPool = new RedisPool(global.environment.redis);
var templateMaps = new TemplateMaps(redisPool, {
max_user_templates: global.environment.maxUserTemplates
});
var wadusLayer = {
type: 'cartodb',
options: {
sql: 'select 1 cartodb_id, null::geometry the_geom_webmercator',
cartocss: '#layer { marker-fill: <%= color %>; }',
cartocss_version: '2.3.0'
}
};
var username = 'localhost';
var templateName = 'valid_template';
var template = {
version: '0.0.1',
name: templateName,
auth: {
method: 'open'
},
placeholders: {
color: {
type: 'css_color',
default: '#cc3300'
}
},
layergroup: {
layers: [
wadusLayer
]
}
};
var tokenAuthTemplateName = 'auth_valid_template';
var tokenAuthTemplate = {
version: '0.0.1',
name: tokenAuthTemplateName,
auth: {
method: 'token',
valid_tokens: ['valid1', 'valid2']
},
placeholders: {
color: {
type: 'css_color',
default: '#cc3300'
}
},
layergroup: {
layers: [
wadusLayer
]
}
};
var namedMapLayer = {
type: 'named',
options: {
name: templateName,
config: {},
auth_tokens: []
}
};
var nestedNamedMapTemplateName = 'nested_template';
var nestedNamedMapTemplate = {
version: '0.0.1',
name: nestedNamedMapTemplateName,
auth: {
method: 'open'
},
layergroup: {
layers: [
namedMapLayer
]
}
};
beforeEach(function (done) {
templateMaps.addTemplate(username, nestedNamedMapTemplate, function (err) {
if (err) {
return done(err);
}
templateMaps.addTemplate(username, tokenAuthTemplate, function (err) {
if (err) {
return done(err);
}
templateMaps.addTemplate(username, template, function (err) {
return done(err);
});
});
});
});
afterEach(function (done) {
templateMaps.delTemplate(username, nestedNamedMapTemplateName, function (err) {
if (err) {
return done(err);
}
templateMaps.delTemplate(username, tokenAuthTemplateName, function (err) {
if (err) {
return done(err);
}
templateMaps.delTemplate(username, templateName, function (err) {
return done(err);
});
});
});
});
function getNamedTile (name, z, x, y, options, callback) {
var url = '/api/v1/map/named/' + name + '/all/' + [z, x, y].join('/') + '.png';
if (options.params) {
url = url + '?' + querystring.stringify(options.params);
}
var requestOptions = {
url: url,
method: 'GET',
headers: {
host: username
},
encoding: 'binary'
};
var statusCode = options.status || 200;
var expectedResponse = {
status: statusCode,
headers: {
'Content-Type': statusCode === 200 ? 'image/png' : 'application/json; charset=utf-8'
}
};
assert.response(server,
requestOptions,
expectedResponse,
function (res, err) {
var img;
if (!err && res.headers['content-type'] === 'image/png') {
img = mapnik.Image.fromBytes(Buffer.from(res.body, 'binary'));
}
return callback(err, res, img);
}
);
}
describe('tiles', function () {
it('should return a 404 error for nonexistent template name', function (done) {
var nonexistentName = 'nonexistent';
getNamedTile(nonexistentName, 0, 0, 0, { status: 404 }, function (err, res) {
assert.ok(!err);
assert.deepStrictEqual(
JSON.parse(res.body).errors,
["Template '" + nonexistentName + "' of user '" + username + "' not found"]
);
done();
});
});
it('should return 403 if not properly authorized', function (done) {
getNamedTile(tokenAuthTemplateName, 0, 0, 0, { status: 403 }, function (err, res) {
assert.ok(!err);
assert.deepStrictEqual(JSON.parse(res.body).errors, ['Unauthorized template instantiation']);
done();
});
});
it('should return 200 if properly authorized', function (done) {
getNamedTile(tokenAuthTemplateName, 0, 0, 0, { params: { auth_token: 'valid1' } }, function (err, res, img) {
assert.strictEqual(img.width(), 256);
assert.strictEqual(img.height(), 256);
assert.ok(!err);
testHelper.checkSurrogateKey(res, new NamedMapsCacheEntry(username, tokenAuthTemplateName).key());
done();
});
});
});
function getStaticMap (name, options, callback) {
var url = '/api/v1/map/static/named/' + name + '/640/480.png';
if (options.params) {
url = url + '?' + querystring.stringify(options.params);
}
var requestOptions = {
url: url,
method: 'GET',
headers: {
host: username
},
encoding: 'binary'
};
var statusCode = options.status || 200;
var expectedResponse = {
status: statusCode,
headers: {
'Content-Type': statusCode === 200 ? 'image/png' : 'application/json; charset=utf-8'
}
};
assert.response(server,
requestOptions,
expectedResponse,
function (res, err) {
var img;
if (!err && res.headers['content-type'] === 'image/png') {
img = mapnik.Image.fromBytes(Buffer.from(res.body, 'binary'));
}
return callback(err, res, img);
}
);
}
describe('static maps', function () {
it('should return a 404 error for nonexistent template name', function (done) {
var nonexistentName = 'nonexistent';
getStaticMap(nonexistentName, { status: 404 }, function (err, res) {
assert.ok(!err);
assert.deepStrictEqual(
JSON.parse(res.body).errors,
["Template '" + nonexistentName + "' of user '" + username + "' not found"]
);
done();
});
});
it('should return 403 if not properly authorized', function (done) {
getStaticMap(tokenAuthTemplateName, { status: 403 }, function (err, res) {
assert.ok(!err);
assert.deepStrictEqual(JSON.parse(res.body).errors, ['Unauthorized template instantiation']);
done();
});
});
it('should return 200 if properly authorized', function (done) {
getStaticMap(tokenAuthTemplateName, { params: { auth_token: 'valid1' } }, function (err, res, img) {
assert.ok(!err);
assert.strictEqual(img.width(), 640);
assert.strictEqual(img.height(), 480);
testHelper.checkSurrogateKey(res, new NamedMapsCacheEntry(username, tokenAuthTemplateName).key());
testHelper.deleteRedisKeys({ 'user:localhost:mapviews:global': 5 }, done);
});
});
});
});