Permissions check and client templates

client/renderer/templates/20_public_functions.erb

@@ -9,13 +9,17 @@ RETURNS <%= return_type %> AS $$
 DECLARE
   <%= return_declaration if not multi_row %>
   <%= user_org_declaration %>
+  <% unless superuser_function? -%>
+  appname TEXT;
+  apikey_permissions JSON;
+  <% end %>
 BEGIN
   IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN
     RAISE EXCEPTION 'The api_key must be provided';
   END IF;
   <% unless superuser_function? -%>
-  <% if requires_permission %>
   SELECT u, o, a, p INTO username, orgname, appname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, a text, p json);
+  <% if requires_permission %>
   IF NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN
     RAISE EXCEPTION '<%= permission_error %>';
   END IF;

client/sql/15_config_management.sql

@@ -1,6 +1,8 @@
 CREATE TYPE cdb_dataservices_client._entity_config AS (
     username text,
-    organization_name text
+    organization_name text,
+    application_name text,
+    apikey_permissions json
 );
 
 --
@@ -13,10 +15,13 @@ CREATE OR REPLACE FUNCTION cdb_dataservices_client._cdb_entity_config()
 RETURNS record AS $$
 DECLARE
     result cdb_dataservices_client._entity_config;
+    apikey_config json;
     is_organization boolean;
     username text;
     organization_name text;
 BEGIN
+    SELECT cartodb.cdb_conf_getconf('api_keys_'||session_user) INTO apikey_config;
+
     SELECT cartodb.cdb_conf_getconf('user_config')->'is_organization' INTO is_organization;
     IF is_organization IS NULL THEN
         RAISE EXCEPTION 'User must have user configuration in the config table';
@@ -32,6 +37,8 @@ BEGIN
     END IF;
     result.username = username;
     result.organization_name = organization_name;
+    result.application_name = apikey_config->'application';
+    result.apikey_permissions = apikey_config->'permissions';
     RETURN result;
 END;
 $$ LANGUAGE 'plpgsql' SECURITY DEFINER STABLE PARALLEL SAFE;