Permissions check and client templates
This commit is contained in:
parent
48d82e025a
commit
652242a8f8
@ -1,33 +1,51 @@
|
||||
---
|
||||
- name: cdb_geocode_admin0_polygon
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: country_name, type: text }
|
||||
|
||||
- name: cdb_geocode_admin1_polygon
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: admin1_name, type: text }
|
||||
|
||||
- name: cdb_geocode_admin1_polygon
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: admin1_name, type: text }
|
||||
- { name: country_name, type: text }
|
||||
|
||||
- name: cdb_geocode_namedplace_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: city_name, type: text}
|
||||
|
||||
- name: cdb_geocode_namedplace_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: city_name, type: text}
|
||||
- { name: country_name, type: text}
|
||||
|
||||
- name: cdb_geocode_namedplace_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: city_name, type: text}
|
||||
- { name: admin1_name, type: text}
|
||||
@ -35,35 +53,53 @@
|
||||
|
||||
- name: cdb_geocode_postalcode_polygon
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: postal_code, type: text}
|
||||
- { name: country_name, type: text}
|
||||
|
||||
- name: cdb_geocode_postalcode_polygon
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: postal_code, type: double precision}
|
||||
- { name: country_name, type: text}
|
||||
|
||||
- name: cdb_geocode_postalcode_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: postal_code, type: text}
|
||||
- { name: country_name, type: text}
|
||||
|
||||
- name: cdb_geocode_postalcode_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: postal_code, type: double precision}
|
||||
- { name: country_name, type: text}
|
||||
|
||||
- name: cdb_geocode_ipaddress_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: ip_address, type: text}
|
||||
|
||||
- name: cdb_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -74,11 +110,17 @@
|
||||
return_type: SETOF cdb_dataservices_client.geocoding
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searches, type: jsonb } # Array of JSON objects with id, address, city, state and country fields
|
||||
|
||||
- name: cdb_here_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -87,6 +129,9 @@
|
||||
|
||||
- name: cdb_google_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -95,6 +140,9 @@
|
||||
|
||||
- name: cdb_mapbox_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -103,6 +151,9 @@
|
||||
|
||||
- name: cdb_tomtom_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -111,6 +162,9 @@
|
||||
|
||||
- name: cdb_mapzen_geocode_street_point
|
||||
return_type: Geometry
|
||||
requires_permission: true
|
||||
permission_name: geocoding
|
||||
permission_error: Geocoding is not allowed
|
||||
params:
|
||||
- { name: searchtext, type: text}
|
||||
- { name: city, type: text, default: 'NULL'}
|
||||
@ -121,6 +175,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -131,6 +188,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -141,6 +201,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -151,6 +214,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -161,6 +227,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -171,6 +240,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -181,6 +253,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -191,6 +266,9 @@
|
||||
return_type: SETOF cdb_dataservices_client.isoline
|
||||
multi_row: true
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: isolines
|
||||
permission_error: Isolines are not allowed
|
||||
params:
|
||||
- { name: source, type: "geometry(Geometry, 4326)" }
|
||||
- { name: mode, type: text }
|
||||
@ -200,6 +278,9 @@
|
||||
- name: cdb_route_point_to_point
|
||||
return_type: cdb_dataservices_client.simple_route
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: routing
|
||||
permission_error: Routing is not allowed
|
||||
params:
|
||||
- { name: origin, type: "geometry(Point, 4326)" }
|
||||
- { name: destination, type: "geometry(Point, 4326)" }
|
||||
@ -210,6 +291,9 @@
|
||||
- name: cdb_route_with_waypoints
|
||||
return_type: cdb_dataservices_client.simple_route
|
||||
multi_field: true
|
||||
requires_permission: true
|
||||
permission_name: routing
|
||||
permission_error: Routing is not allowed
|
||||
params:
|
||||
- { name: waypoints, type: "geometry(Point, 4326)[]" }
|
||||
- { name: mode, type: text }
|
||||
|
@ -28,6 +28,18 @@ class SqlTemplateRenderer
|
||||
@function_signature['return_type']
|
||||
end
|
||||
|
||||
def requires_permission
|
||||
@function_signature['requires_permission']
|
||||
end
|
||||
|
||||
def permission_name
|
||||
@function_signature['permission_name']
|
||||
end
|
||||
|
||||
def permission_error
|
||||
@function_signature['permission_error']
|
||||
end
|
||||
|
||||
def multi_field
|
||||
@function_signature['multi_field']
|
||||
end
|
||||
|
@ -13,7 +13,15 @@ BEGIN
|
||||
IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN
|
||||
RAISE EXCEPTION 'The api_key must be provided';
|
||||
END IF;
|
||||
<% unless superuser_function? -%>SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text);<% end %>
|
||||
<% unless superuser_function? -%>
|
||||
<% if requires_permission %>
|
||||
SELECT u, o, a, p INTO username, orgname, appname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, a text, p json);
|
||||
IF NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN
|
||||
RAISE EXCEPTION '<%= permission_error %>';
|
||||
END IF;
|
||||
<% else %>
|
||||
SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text);
|
||||
<% end %><% end %>
|
||||
-- JSON value stored "" is taken as literal
|
||||
IF username IS NULL OR username = '' OR username = '""' THEN
|
||||
RAISE EXCEPTION 'Username is a mandatory argument, check it out';
|
||||
|
Loading…
Reference in New Issue
Block a user