-- -- Public dataservices API function -- -- These are the only ones with permissions to publicuser role -- and should also be the only ones with SECURITY DEFINER CREATE OR REPLACE FUNCTION <%= DATASERVICES_CLIENT_SCHEMA %>.<%= name %> (<%= params_with_type_and_default %>) RETURNS <%= return_type %> AS $$ DECLARE <% if not multi_row %>ret <%= return_type %>;<% end %> username text; orgname text; BEGIN IF session_user = 'publicuser' OR session_user ~ 'cartodb_publicuser_*' THEN RAISE EXCEPTION 'The api_key must be provided'; END IF; SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text); -- JSON value stored "" is taken as literal IF username IS NULL OR username = '' OR username = '""' THEN RAISE EXCEPTION 'Username is a mandatory argument, check it out'; END IF; <% if multi_row %> RETURN QUERY SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(username, orgname, <%= params %>); <% elsif multi_field %> SELECT * FROM <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(username, orgname, <%= params %>) INTO ret; RETURN ret; <% else %> SELECT <%= DATASERVICES_CLIENT_SCHEMA %>._<%= name %>(username, orgname, <%= params %>) INTO ret; RETURN ret; <% end %> END; $$ LANGUAGE 'plpgsql' SECURITY DEFINER;