dataservices-api/client/renderer/templates/20_public_functions.erb

--
-- Public dataservices API function
--
-- These are the only ones with permissions to publicuser role
-- and should also be the only ones with SECURITY DEFINER

CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %> (<%= params_with_type_and_default.join(' ,') %>)
RETURNS <%= return_type %> AS $$
DECLARE
  <%= return_declaration if not multi_row %>
  <%= user_org_declaration %>
  <% unless superuser_function? -%>apikey_permissions json;<% end %>
BEGIN
  <% unless requires_permission %>IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN
    RAISE EXCEPTION 'The api_key must be provided';
  END IF;<% end %>
  <% unless superuser_function? -%>SELECT u, o, p INTO username, orgname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, p json);
  <% if requires_permission %>IF apikey_permissions IS NULL OR NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN
    RAISE EXCEPTION '<%= permission_error %>' USING ERRCODE = '01007';
  END IF;<% end %>
  <% else %>SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text, p json);<% end %>
  -- JSON value stored "" is taken as literal
  IF username IS NULL OR username = '' OR username = '""' THEN
    RAISE EXCEPTION 'Username is a mandatory argument, check it out';
  END IF;

  <% return_statement do %><%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= params(_with_user_org=true).join(', ') %>)<% end %>
END;
$$ LANGUAGE 'plpgsql' SECURITY DEFINER STABLE PARALLEL UNSAFE;
Add code generator for public API function definitions and their plproxied counterparts 2015-11-17 23:28:33 +08:00			`--`
Client data observatory functions 2016-04-19 21:16:10 +08:00			`-- Public dataservices API function`
Add code generator for public API function definitions and their plproxied counterparts 2015-11-17 23:28:33 +08:00			`--`
			`-- These are the only ones with permissions to publicuser role`
			`-- and should also be the only ones with SECURITY DEFINER`

Remove the no_params from client generator #302 2016-11-24 20:27:32 +08:00			`CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %> (<%= params_with_type_and_default.join(' ,') %>)`
Adapt to yaml (WIP) 2015-11-19 01:38:06 +08:00			`RETURNS <%= return_type %> AS $$`
Add code generator for public API function definitions and their plproxied counterparts 2015-11-17 23:28:33 +08:00			`DECLARE`
Expose client-side rate limit configuration interface The client functions to make configuration changes are not publicly available (require a super user) and they have username, orgname parameters like the server-sixe functions 2017-03-22 23:31:45 +08:00			`<%= return_declaration if not multi_row %>`
Rename some template functions internal terms * credentials => user_org * private => superuser 2017-03-28 16:37:21 +08:00			`<%= user_org_declaration %>`
CR suggestions (remove appname) 2018-09-10 18:54:37 +08:00			`<% unless superuser_function? -%>apikey_permissions json;<% end %>`
Add code generator for public API function definitions and their plproxied counterparts 2015-11-17 23:28:33 +08:00			`BEGIN`
Managing public api key permissions 2018-09-11 17:07:59 +08:00			`<% unless requires_permission %>IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN`
Changed api key verifying to client instead of server 2015-11-24 19:25:43 +08:00			`RAISE EXCEPTION 'The api_key must be provided';`
Managing public api key permissions 2018-09-11 17:07:59 +08:00			`END IF;<% end %>`
CR suggestions (remove appname) 2018-09-10 18:54:37 +08:00			`<% unless superuser_function? -%>SELECT u, o, p INTO username, orgname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, p json);`
Fixed permission check 2018-09-06 21:40:41 +08:00			`<% if requires_permission %>IF apikey_permissions IS NULL OR NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN`
Using ERRCODE 2018-09-10 22:54:25 +08:00			`RAISE EXCEPTION '<%= permission_error %>' USING ERRCODE = '01007';`
Changed error message 2018-09-10 22:45:31 +08:00			`END IF;<% end %>`
			`<% else %>SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text, p json);<% end %>`
Added orgname to the arguments we pass to the server 2015-12-03 18:03:10 +08:00			`-- JSON value stored "" is taken as literal`
			`IF username IS NULL OR username = '' OR username = '""' THEN`
Check for empty username 2015-12-03 02:12:11 +08:00			`RAISE EXCEPTION 'Username is a mandatory argument, check it out';`
			`END IF;`
Expose client-side rate limit configuration interface The client functions to make configuration changes are not publicly available (require a super user) and they have username, orgname parameters like the server-sixe functions 2017-03-22 23:31:45 +08:00
Rename some template functions internal terms * credentials => user_org * private => superuser 2017-03-28 16:37:21 +08:00			`<% return_statement do %><%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= params(_with_user_org=true).join(', ') %>)<% end %>`
Add code generator for public API function definitions and their plproxied counterparts 2015-11-17 23:28:33 +08:00			`END;`
Categorize renderer template functions 2017-11-07 18:45:07 +08:00			`$$ LANGUAGE 'plpgsql' SECURITY DEFINER STABLE PARALLEL UNSAFE;`