cartodb4/dataservices-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Expose client-side rate limit configuration interface

Browse Source 
The client functions to make configuration changes are not publicly available
(require a super user) and they have username, orgname parameters like the
server-sixe functions
This commit is contained in:
Javier Goizueta 2017-03-22 16:31:45 +01:00
parent ef09840525
commit 7101c8d8e8
6 changed files with 108 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
client/renderer/interface.yaml
View File

@ -421,3 +421,29 @@
params: params:
- { name: service, type: TEXT } - { name: service, type: TEXT }
- { name: input_size, type: NUMERIC } - { name: input_size, type: NUMERIC }
- name: cdb_service_get_rate_limit
return_type: json
params:
- { name: service, type: "text" }
- name: cdb_service_set_user_rate_limit
private: true
return_type: void
params:
- { name: service, type: "text" }
- { name: rate_limit, type: json }
- name: cdb_service_set_org_rate_limit
private: true
return_type: void
params:
- { name: service, type: "text" }
- { name: rate_limit, type: json }
- name: cdb_service_set_server_rate_limit
private: true
return_type: void
params:
- { name: service, type: "text" }
- { name: rate_limit, type: json }

70
client/renderer/sql-template-renderer
View File

@ -17,7 +17,7 @@ class SqlTemplateRenderer
end end
def render def render
ERB.new(@template).result(binding) ERB.new(@template, nil, '-').result(binding)
end end
def name def name
@ -44,16 +44,29 @@ class SqlTemplateRenderer
@function_signature['geocoder_config_key'] @function_signature['geocoder_config_key']
end end
def params def parameters_info(with_credentials)
@function_signature['params'].reject(&:empty?).map { |p| "#{p['name']}"} parameters = []
if with_credentials
parameters << { 'name' => 'username', 'type' => 'text' }
parameters << { 'name' => 'orgname', 'type' => 'text' }
end
parameters + @function_signature['params'].reject(&:empty?)
end end
def params_with_type def credentials_declaration()
@function_signature['params'].reject(&:empty?).map { |p| "#{p['name']} #{p['type']}" } "username text;\n orgname text;" if public_function?
end end
def params_with_type_and_default def params(with_credentials = !public_function?)
parameters = @function_signature['params'].reject(&:empty?).map do |p| parameters_info(with_credentials).map { |p| p['name'].to_s }
end
def params_with_type(with_credentials = !public_function?)
parameters_info(with_credentials).map { |p| "#{p['name']} #{p['type']}" }
end
def params_with_type_and_default(with_credentials = !public_function?)
parameters = parameters_info(with_credentials).map do |p|
if not p['default'].nil? if not p['default'].nil?
"#{p['name']} #{p['type']} DEFAULT #{p['default']}" "#{p['name']} #{p['type']} DEFAULT #{p['default']}"
else else
@ -62,6 +75,49 @@ class SqlTemplateRenderer
end end
return parameters return parameters
end end
def public_function?
!@function_signature['private']
end
def void_return_type?
return_type.downcase == 'void'
end
def return_declaration
"ret #{return_type};" unless void_return_type? || multi_row
end
def return_statement(&block)
if block
erbout = block.binding.eval('_erbout')
if multi_row
erbout << 'RETURN QUERY SELECT * FROM '
elsif multi_field
erbout << 'SELECT * FROM '
elsif void_return_type?
erbout << 'PERFORM '
else
erbout << 'SELECT '
end
yield
if multi_row || void_return_type?
erbout << ';'
else
erbout << ' INTO ret;'
end
if !multi_row && !void_return_type?
erbout << ' RETURN ret;'
end
else
if !multi_row && !void_return_type?
' RETURN ret;'
end
end
end
end end

17
client/renderer/templates/20_public_functions.erb
View File

@ -7,9 +7,8 @@
CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %> (<%= params_with_type_and_default.join(' ,') %>) CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %> (<%= params_with_type_and_default.join(' ,') %>)
RETURNS <%= return_type %> AS $$ RETURNS <%= return_type %> AS $$
DECLARE DECLARE
<% if not multi_row %>ret <%= return_type %>;<% end %> <%= return_declaration if not multi_row %>
username text; <%= credentials_declaration %>
orgname text;
BEGIN BEGIN
IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN
RAISE EXCEPTION 'The api_key must be provided'; RAISE EXCEPTION 'The api_key must be provided';
@ -19,15 +18,7 @@ BEGIN
IF username IS NULL OR username = '' OR username = '""' THEN IF username IS NULL OR username = '' OR username = '""' THEN
RAISE EXCEPTION 'Username is a mandatory argument, check it out'; RAISE EXCEPTION 'Username is a mandatory argument, check it out';
END IF; END IF;
<% if multi_row %>
RETURN QUERY <% return_statement do %><%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= params(true).join(', ') %>)<% end %>
SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>);
<% elsif multi_field %>
SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>) INTO ret;
RETURN ret;
<% else %>
SELECT <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>) INTO ret;
RETURN ret;
<% end %>
END; END;
$$ LANGUAGE 'plpgsql' SECURITY DEFINER; $$ LANGUAGE 'plpgsql' SECURITY DEFINER;

36
client/renderer/templates/25_exception_safe_private_functions.erb
View File

@ -5,9 +5,8 @@
CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>_exception_safe (<%= params_with_type_and_default.join(' ,') %>) CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>_exception_safe (<%= params_with_type_and_default.join(' ,') %>)
RETURNS <%= return_type %> AS $$ RETURNS <%= return_type %> AS $$
DECLARE DECLARE
<% if not multi_row %>ret <%= return_type %>;<% end %> <%= return_declaration %>
username text; <%= credentials_declaration %>
orgname text;
_returned_sqlstate TEXT; _returned_sqlstate TEXT;
_message_text TEXT; _message_text TEXT;
_pg_exception_context TEXT; _pg_exception_context TEXT;
@ -21,41 +20,16 @@ BEGIN
RAISE EXCEPTION 'Username is a mandatory argument, check it out'; RAISE EXCEPTION 'Username is a mandatory argument, check it out';
END IF; END IF;
<% if multi_row %>
BEGIN BEGIN
RETURN QUERY <% return_statement do %><%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= params(true).join(', ') %>)<% end %>
SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>);
EXCEPTION EXCEPTION
WHEN OTHERS THEN WHEN OTHERS THEN
GET STACKED DIAGNOSTICS _returned_sqlstate = RETURNED_SQLSTATE, GET STACKED DIAGNOSTICS _returned_sqlstate = RETURNED_SQLSTATE,
_message_text = MESSAGE_TEXT, _message_text = MESSAGE_TEXT,
_pg_exception_context = PG_EXCEPTION_CONTEXT; _pg_exception_context = PG_EXCEPTION_CONTEXT;
RAISE WARNING USING ERRCODE = _returned_sqlstate, MESSAGE = _message_text, DETAIL = _pg_exception_context; RAISE WARNING USING ERRCODE = _returned_sqlstate, MESSAGE = _message_text, DETAIL = _pg_exception_context;
<%= return_statement %>
END; END;
<% elsif multi_field %>
BEGIN
SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>) INTO ret;
RETURN ret;
EXCEPTION
WHEN OTHERS THEN
GET STACKED DIAGNOSTICS _returned_sqlstate = RETURNED_SQLSTATE,
_message_text = MESSAGE_TEXT,
_pg_exception_context = PG_EXCEPTION_CONTEXT;
RAISE WARNING USING ERRCODE = _returned_sqlstate, MESSAGE = _message_text, DETAIL = _pg_exception_context;
RETURN ret;
END;
<% else %>
BEGIN
SELECT <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(<%= ['username', 'orgname'].concat(params).join(', ') %>) INTO ret;
RETURN ret;
EXCEPTION
WHEN OTHERS THEN
GET STACKED DIAGNOSTICS _returned_sqlstate = RETURNED_SQLSTATE,
_message_text = MESSAGE_TEXT,
_pg_exception_context = PG_EXCEPTION_CONTEXT;
RAISE WARNING USING ERRCODE = _returned_sqlstate, MESSAGE = _message_text, DETAIL = _pg_exception_context;
RETURN ret;
END;
<% end %>
END; END;
$$ LANGUAGE 'plpgsql' SECURITY DEFINER; $$ LANGUAGE 'plpgsql' SECURITY DEFINER;

6
client/renderer/templates/30_plproxy_functions.erb
View File

@ -1,9 +1,9 @@
CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %> (<%= ['username text', 'organization_name text'].concat(params_with_type_and_default).join(', ') %>) CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %> (<%= params_with_type_and_default(true).join(', ') %>)
RETURNS <%= return_type %> AS $$ RETURNS <%= return_type %> AS $$
CONNECT <%= DATASERVICES_CLIENT_SCHEMA %>._server_conn_str(); CONNECT <%= DATASERVICES_CLIENT_SCHEMA %>._server_conn_str();
<% if multi_field %> <% if multi_field %>
SELECT * FROM <%= DATASERVICES_SERVER_SCHEMA %>.<%= name %> (<%= ['username', 'organization_name'].concat(params).join(', ') %>); SELECT * FROM <%= DATASERVICES_SERVER_SCHEMA %>.<%= name %> (<%= params(true).join(', ') %>);
<% else %> <% else %>
SELECT <%= DATASERVICES_SERVER_SCHEMA %>.<%= name %> (<%= ['username', 'organization_name'].concat(params).join(', ') %>); SELECT <%= DATASERVICES_SERVER_SCHEMA %>.<%= name %> (<%= params(true).join(', ') %>);
<% end %> <% end %>
$$ LANGUAGE plproxy; $$ LANGUAGE plproxy;

2
client/renderer/templates/90_grant_execute.erb
View File

@ -1,2 +1,4 @@
<% if public_function? %>
GRANT EXECUTE ON FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %>(<%= params_with_type.join(', ') %>) TO publicuser; GRANT EXECUTE ON FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %>(<%= params_with_type.join(', ') %>) TO publicuser;
GRANT EXECUTE ON FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>_exception_safe(<%= params_with_type.join(', ') %> ) TO publicuser; GRANT EXECUTE ON FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>_exception_safe(<%= params_with_type.join(', ') %> ) TO publicuser;
<% end %>