Release 1.5.1

Closes #93

An example unused CartoCSS directive is
"point-transform" without "point-file"
or "point-url". Unused means it has no effect.

It used to be accepted but regressed in release 1.5.0

.gitignore

@@ -1,4 +1,5 @@
 node_modules*
+config.status*
 config/environments/*.js
 .idea
 tools/munin/windshaft.conf

.travis.yml

@@ -0,0 +1,19 @@
+before_install:
+  - sudo apt-add-repository --yes ppa:mapnik/v2.1.0
+  - sudo apt-get update -q
+  - sudo apt-get install -q libmapnik-dev
+  - createdb template_postgis
+  - psql -c "CREATE EXTENSION postgis" template_postgis
+
+env:
+  - NPROCS=1 JOBS=1
+
+language: node_js
+node_js:
+  - "0.8"
+
+notifications:
+  irc:
+    channels:
+      - "irc.freenode.org#cartodb"
+    use_notice: true

HOWTO_RELEASE

@@ -0,0 +1,11 @@
+1. Ensure proper version in package.json 
+2. Ensure NEWS section exists for the new version, review it, add release date
+3. Drop npm-shrinkwrap.json
+4. Run npm install
+5. Test (make check or npm test), fix if broken before proceeding
+6. Run npm shrinkwrap
+7. Commit package.json, npm-shrinwrap.json, NEWS
+8. Tag Major.Minor.Patch
+9. Announce
+10. Stub NEWS/package for next version
+

Makefile

@@ -6,12 +6,17 @@ all:
 clean:
 	rm -rf node_modules/*
 
-config/environments/test.js: config/environments/test.js.example Makefile
+distclean: clean
+	rm config.status*
+
+config.status--test:
 	./configure --environment=test
 
+config/environments/test.js: config.status--test
+	./config.status--test 
+
 check-local: config/environments/test.js
 	./run_tests.sh ${RUNTESTFLAGS} \
-    test/unit/cartodb/redis_pool.test.js \
     test/unit/cartodb/req2params.test.js \
     test/acceptance/cache_validator.js \
     test/acceptance/server.js \

NEWS.md

@@ -1,3 +1,62 @@
+1.5.1 -- 2013-11-28
+-------------------
+
+Bug fixes:
+
+* Survive presence of malformed CartoCSS in redis (#94)
+* Accept useless point-transform:scale directives (#93)
+
+1.5.0 -- 2013-11-19
+-------------------
+
+NOTE: new configuration directives `postgres_auth_pass` and
+      `postgres.password` added; see config/environments/*.example
+      for documentation.
+
+Improvements:
+
+* Add support for configuring database connection passwords
+* Optionally read user-specific database_host and database_password
+  from redis as per CartoDB-2.5.0 model (#88, #89)
+* Do not force ending dot in SQL-API hostname, for easier testing
+
+Bug fixes:
+
+* Return CORS headers when creating layergroups via GET (windshaft/#92)
+* Fix http status on database authentication error (windshaft/#94)
+* Fix text-face-name error at layergroup creation (windshaft/#93)
+
+Other changes:
+
+* CartoDB redis interaction delegated to "cartodb-redis" module
+
+
+1.4.1 -- 2013-11-08
+-------------------
+
+* Fix support for exponential notation in CartoCSS filter values (#87)
+
+1.4.0 -- 2013-10-31
+-------------------
+
+* Add Support for Mapnik-2.2.0 (#78)
+
+1.3.6 -- 2013-10-11
+-------------------
+
+* Restore support for node-0.8.9 accidentally dropped by 1.3.5
+  NOTE: needs removing node_modules/windshaft and re-running npm install
+
+1.3.5 -- 2013-10-03
+-------------------
+
+* Fixing apostrophes in CartoCSS
+* Fix "sql/table must contain zoom variable" error when using
+  "[ zoom > 3]" CartoCSS snippets (note the space)
+* Fix backward compatibility handling of sqlapi.host configuration (#82)
+* Fix error for invalid text-name in CartoCSS (#81)
+* Do not let anonymous requests use authorized renderer caches 
+
 1.3.4
 ------
 

README.md

@@ -1,7 +1,7 @@
 Windshaft-CartoDB
 ==================
 
-NOTE: requires node-0.8.x
+[![Build Status](https://travis-ci.org/CartoDB/Windshaft-cartodb.png)](http://travis-ci.org/CartoDB/Windshaft-cartodb)
 
 This is the CartoDB map tiler. It extends Windshaft with some extra
 functionality and custom filters for authentication
@@ -18,7 +18,7 @@ Requirements
 ------------
 
  [core]
- - node-0.6.x+
+ - node-0.8.x+
  - PostgreSQL-8.3+
  - PostGIS-1.5.0+
  - Redis 2.2.0+ (http://www.redis.io)

app.js

@@ -25,10 +25,6 @@ global.settings     = require(__dirname + '/config/settings');
 global.environment  = require(__dirname + '/config/environments/' + ENV);
 _.extend(global.settings, global.environment);
 
-// Include cart_data.js only _after_ the "global" variable is set
-// See https://github.com/Vizzuality/Windshaft-cartodb/issues/28
-var cartoData = require('./lib/cartodb/carto_data');
-
 var Windshaft = require('windshaft');
 var serverOptions = require('./lib/cartodb/server_options');
 

config/environments/development.js.example

@@ -10,12 +10,18 @@ var config = {
     ,enable_cors: true
     ,cache_enabled: false
     ,log_format: '[:date] :req[X-Real-IP] :method :req[Host]:url :status :response-time ms -> :res[Content-Type] (:res[X-Tiler-Profiler])'
+    // Templated database username for authorized user
+    // Supported labels: 'user_id' (read from redis)
     ,postgres_auth_user: 'development_cartodb_user_<%= user_id %>'
+    // Templated database password for authorized user
+    // Supported labels: 'user_id', 'user_password' (both read from redis)
+    ,postgres_auth_pass: '<%= user_password %>'
     ,postgres: {
         // Parameters to pass to datasource plugin of mapnik
         // See http://github.com/mapnik/mapnik/wiki/PostGIS
         type: "postgis",
         user: "publicuser",
+        password: "public",
         host: '127.0.0.1',
         port: 5432,
         extent: "-20037508.3,-20037508.3,20037508.3,20037508.3",

config/environments/production.js.example

@@ -10,11 +10,17 @@ var config = {
     ,enable_cors: true
     ,cache_enabled: true
     ,log_format: '[:date] :req[X-Real-IP] :method :req[Host]:url :status :response-time ms -> :res[Content-Type] (:res[X-Tiler-Profiler])'
+    // Templated database username for authorized user
+    // Supported labels: 'user_id' (read from redis)
     ,postgres_auth_user: 'cartodb_user_<%= user_id %>'
+    // Templated database password for authorized user
+    // Supported labels: 'user_id', 'user_password' (both read from redis)
+    ,postgres_auth_pass: '<%= user_password %>'
     ,postgres: {
         // Parameters to pass to datasource plugin of mapnik
         // See http://github.com/mapnik/mapnik/wiki/PostGIS
         user: "publicuser",
+        password: "public",
         host: '127.0.0.1',
         port: 6432,
         extent: "-20037508.3,-20037508.3,20037508.3,20037508.3",

config/environments/staging.js.example

@@ -10,11 +10,17 @@ var config = {
     ,enable_cors: true
     ,cache_enabled: true
     ,log_format: '[:date] :req[X-Real-IP] :method :req[Host]:url :status :response-time ms (:res[X-Tiler-Profiler]) -> :res[Content-Type]'
+    // Templated database username for authorized user
+    // Supported labels: 'user_id' (read from redis)
     ,postgres_auth_user: 'cartodb_staging_user_<%= user_id %>'
+    // Templated database password for authorized user
+    // Supported labels: 'user_id', 'user_password' (both read from redis)
+    ,postgres_auth_pass: '<%= user_password %>'
     ,postgres: {
         // Parameters to pass to datasource plugin of mapnik
         // See http://github.com/mapnik/mapnik/wiki/PostGIS
         user: "publicuser",
+        password: "public",
         host: '127.0.0.1',
         port: 6432,
         extent: "-20037508.3,-20037508.3,20037508.3,20037508.3",

config/environments/test.js.example

@@ -10,11 +10,17 @@ var config = {
     ,enable_cors: true
     ,cache_enabled: false
     ,log_format: '[:date] :req[X-Real-IP] :method :req[Host]:url :status :response-time ms -> :res[Content-Type] (:res[X-Tiler-Profiler])'
+    // Templated database username for authorized user
+    // Supported labels: 'user_id' (read from redis)
     ,postgres_auth_user: 'test_cartodb_user_<%= user_id %>'
+    // Templated database password for authorized user
+    // Supported labels: 'user_id', 'user_password' (both read from redis)
+    ,postgres_auth_pass: 'test_cartodb_user_<%= user_id %>_pass'
     ,postgres: {
         // Parameters to pass to datasource plugin of mapnik
         // See http://github.com/mapnik/mapnik/wiki/PostGIS
-        user: "publicuser",
+        user: "testpublicuser",
+        password: "public",
         host: '127.0.0.1',
         port: 5432,
         extent: "-20037508.3,-20037508.3,20037508.3,20037508.3",
@@ -35,7 +41,7 @@ var config = {
     }
     ,redis: {
         host: '127.0.0.1',
-        port: 6333,
+        port: 6335,
         // Max number of connections in each pool.
         // Users will be put on a queue when the limit is hit.
         // Set to maxConnection to have no possible queues.

configure

@@ -17,11 +17,15 @@
 # --strk(2012-07-23)
 #
 
-PGPORT=5432
-SQLAPI_PORT=8080
+ENVDIR=config/environments
+
+PGPORT=
+SQLAPI_PORT=
 MAPNIK_VERSION=
 ENVIRONMENT=development
 
+STATUS="$0 $*"
+
 usage() {
   echo "Usage: $0 [OPTION]"
   echo 
@@ -59,20 +63,30 @@ while test -n "$1"; do
   shift
 done
 
+ENVEX=./${ENVDIR}/${ENVIRONMENT}.js.example
+
+if [ -z "$PGPORT" ]; then
+  PGPORT=`node -e "console.log(require('${ENVEX}').postgres.port)"`
+fi
+if [ -z "$SQLAPI_PORT" ]; then
+  SQLAPI_PORT=`node -e "console.log(require('${ENVEX}').sqlapi.port)"`
+fi
+
 echo "PGPORT: $PGPORT"
 echo "SQLAPI_PORT: $SQLAPI_PORT"
 echo "MAPNIK_VERSION: $MAPNIK_VERSION"
 echo "ENVIRONMENT: $ENVIRONMENT"
 
-# TODO: allow specifying configuration settings !
-for f in config/environments/${ENVIRONMENT}.js.example; do
-  o=`dirname "$f"`/`basename "$f" .example`
-  echo "Writing $o"
+o=`dirname "${ENVEX}"`/`basename "${ENVEX}" .example`
+echo "Writing $o"
 
-  # See http://austinmatzko.com/2008/04/26/sed-multi-line-search-and-replace/
-  sed -n "1h;1!H;\${;g;s/\(,postgres: {[^}]*port: *'\?\)[^',]*\('\?,\)/\1$PGPORT\2/;p;}" < "$f" \
+# See http://austinmatzko.com/2008/04/26/sed-multi-line-search-and-replace/
+sed -n "1h;1!H;\${;g;s/\(,postgres: {[^}]*port: *'\?\)[^',]*\('\?,\)/\1$PGPORT\2/;p;}" < "${ENVEX}" \
   | sed "s/mapnik_version:.*/mapnik_version: '$MAPNIK_VERSION'/" \
   | sed -n "1h;1!H;\${;g;s/\(,sqlapi: {[^}]*port: *'\?\)[^',]*\('\?,\)/\1$SQLAPI_PORT\2/;p;}" \
   > "$o"
 
-done
+STATUSFILE=config.status--${ENVIRONMENT}
+echo "Writing ${STATUSFILE}"
+echo ${STATUS} > ${STATUSFILE} && chmod +x ${STATUSFILE}
+

lib/cartodb/carto_data.js

@@ -1,279 +0,0 @@
-/**
- * User: simon
- * Date: 30/08/2011
- * Time: 21:10
- * Desc: CartoDB helper.
- *       Retrieves dbname (based on subdomain/username)
- *       and geometry type from the redis stores of cartodb
- */
-
-var strftime    = require('strftime');
-
-var   RedisPool = require("./redis_pool")
-    , _ = require('underscore')
-    , Step = require('step');
-
-module.exports = function() {
-    var redis_pool = new RedisPool(global.environment.redis);
-
-
-    var me = {
-        user_metadata_db: 5,
-        table_metadata_db: 0,
-        user_key:  "rails:users:<%= username %>",
-        table_key: "rails:<%= database_name %>:<%= table_name %>",
-        global_mapview_key: "user:<%= username %>:mapviews:global",
-        tagged_mapview_key: "user:<%= username %>:mapviews:stat_tag:<%= stat_tag %>"
-    };
-
-
-    /**
-     * Get the database name for this particular subdomain/username
-     *
-     * @param req - standard express req object. importantly contains host information
-     * @param callback - gets called with args(err, dbname) 
-     */
-    me.getDatabase = function(req, callback) {
-        // strip subdomain from header host
-        var username = req.headers.host.split('.')[0]
-        var redisKey = _.template(this.user_key, {username: username});
-
-        this.retrieve(this.user_metadata_db, redisKey, 'database_name', function(err, dbname) {
-          if ( err ) callback(err, null);
-          else if ( dbname === null ) {
-            callback(new Error("missing " + username + "'s dbname in redis (try CARTODB/script/restore_redis)"), null);
-          }
-          else callback(err, dbname);
-        });
-    };
-
-    me.userFromHostname = function(hostname) {
-        return hostname.split('.')[0];
-    }
-
-    /**
-     * Increment mapview count for a user
-     *
-     * @param username 
-     * @param stat_tag
-     * @param callback will be called with the new value
-     */
-    me.incMapviewCount = function(username, stat_tag, callback) {
-        var that = this;
-        var now = strftime("%Y%m%d", new Date());
-        var redisKey;
-        Step (
-          function incrementGlobal() {
-            redisKey = _.template(that.global_mapview_key, {username: username});
-            that.redisCmd(me.user_metadata_db, 'ZINCRBY', [redisKey, 1, now], this);
-          },
-          function incrementTag(err, val) {
-            if ( err ) throw err;
-            if ( _.isUndefined(stat_tag) ) return 1;
-            redisKey = _.template(that.tagged_mapview_key, {username: username, stat_tag: stat_tag});
-            that.redisCmd(me.user_metadata_db, 'ZINCRBY', [redisKey, 1, now], this);
-          },
-          function finish(err, val) {
-            if ( callback ) callback(err);
-          }
-        );
-    };
-
-
-    /**
-     * Get the user id for this particular subdomain/username
-     *
-     * @param req - standard express req object. importantly contains host information
-     * @param callback
-     */
-    me.getId= function(req, callback) {
-        // strip subdomain from header host
-        var username = req.headers.host.split('.')[0];
-        var redisKey = _.template(this.user_key, {username: username});
-
-        this.retrieve(this.user_metadata_db, redisKey, 'id', function(err, dbname) {
-          if ( err ) callback(err, null);
-          else if ( dbname === null ) {
-            callback(new Error("missing " + username + "'s dbuser in redis (try CARTODB/script/restore_redis)"), null);
-          }
-          else callback(err, dbname);
-        });
-    };
-
-    /**
-     * Check the user map key for this particular subdomain/username
-     *
-     * @param req - standard express req object. importantly contains host information
-     * @param callback
-     */
-    me.checkMapKey = function(req, callback) {
-        // strip subdomain from header host
-        var username = req.headers.host.split('.')[0];
-        var redisKey = "rails:users:" + username; 
-        this.retrieve(this.user_metadata_db, redisKey, "map_key", function(err, val) {
-            var valid = 0;
-            if ( val ) {
-              if ( val == req.query.map_key ) valid = 1;
-              else if ( val == req.query.api_key ) valid = 1;
-              // check also in request body 
-              else if ( req.body && req.body.map_key && val == req.body.map_key ) valid = 1;
-              else if ( req.body && req.body.api_key && val == req.body.api_key ) valid = 1;
-            }
-            callback(err, valid);
-        });
-    };
-
-    /**
-     * Get privacy for cartodb table
-     *
-     * @param req - standard req object. Importantly contains table and host information
-     * @param callback - is the table private or not?
-     */
-    me.authorize= function(req, callback) {
-        var that = this;
-
-        Step(
-            function(){
-                that.checkMapKey(req, this);
-            },
-            function checkIfInternal(err, check_result){
-                if (err) throw err;
-                if (check_result === 1) {
-                    // authorized by key, login as db owner 
-                    that.getId(req, function(err, user_id) {
-                        if (err) throw err;
-                        var dbuser = _.template(global.settings.postgres_auth_user, {user_id: user_id});
-                        _.extend(req, {dbuser:dbuser});
-                        callback(err, true); 
-                    });
-                } else {
-                    return true; // continue to check if the table is public/private
-                }
-            }
-            ,function (err, data){
-                if (err) throw err;
-                that.getDatabase(req, this);
-            },
-            function(err, data){
-                if (err) throw err;
-                var redisKey = _.template(that.table_key, {database_name: data, table_name: req.params.table});
-
-                that.retrieve(that.table_metadata_db, redisKey, 'privacy', this);
-            },
-            function(err, data){
-                callback(err, data);
-             }
-        );
-    };
-
-
-    /**
-     * Get the geometry type for this particular table;
-     * @param req - standard req object. Importantly contains table and host information
-     * @param callback
-     */
-    me.getGeometryType = function(req, callback){
-        var that = this;
-
-        Step(
-            function(){
-                that.getDatabase(req, this)
-            },
-            function(err, data){
-                if (err) throw err;
-                var redisKey = _.template(that.table_key, {database_name: data, table_name: req.params.table});
-
-                that.retrieve(that.table_metadata_db, redisKey, 'the_geom_type', this);
-            },
-            function(err, data){
-                callback(err, data);
-            }
-        );
-    };
-
-
-    me.getInfowindow = function(req, callback){
-        var that = this;
-
-        Step(
-            function(){
-                that.getDatabase(req, this);
-            },
-            function(err, data) {
-                if (err) throw err;
-                var redisKey = _.template(that.table_key, {database_name: data, table_name: req.params.table});
-                that.retrieve(that.table_metadata_db, redisKey, 'infowindow', this);
-            },
-            function(err, data){
-                callback(err, data);
-            }
-        );
-    };
-
-
-    me.getMapMetadata = function(req, callback){
-        var that = this;
-
-        Step(
-            function(){
-                that.getDatabase(req, this);
-            },
-            function(err, data) {
-                if (err) throw err;
-                var redisKey = _.template(that.table_key, {database_name: data, table_name: req.params.table});
-
-                that.retrieve(that.table_metadata_db, redisKey, 'map_metadata', this);
-            },
-            function(err, data){
-                callback(err, data);
-            }
-        );
-    };
-
-    // Redis Hash lookup
-    // @param callback will be invoked with args (err, reply)
-    //                 note that reply is null when the key is missing
-    me.retrieve = function(db, redisKey, hashKey, callback) {
-        this.redisCmd(db,'HGET',[redisKey, hashKey], callback);
-    };
-
-    // Redis Set member check
-    me.inSet = function(db, setKey, member, callback) {
-        this.redisCmd(db,'SISMEMBER',[setKey, member], callback);
-    };
-
-    // Redis INCREMENT 
-    me.increment = function(db, key, callback) {
-        this.redisCmd(db,'INCR', key, callback);
-    };
-
-    /**
-     * Use Redis
-     *
-     * @param db - redis database number
-     * @param redisFunc - the redis function to execute
-     * @param redisArgs - the arguments for the redis function in an array
-     * @param callback - function to pass results too.
-     */
-    me.redisCmd = function(db, redisFunc, redisArgs, callback) {
-        var redisClient;
-
-        Step(
-            function getRedisClient() {
-                redis_pool.acquire(db, this);
-            },
-            function executeQuery(err, data) {
-                if ( err ) throw err;
-                redisClient = data;
-                redisArgs.push(this);
-                redisClient[redisFunc.toUpperCase()].apply(redisClient, redisArgs);
-            },
-            function releaseRedisClient(err, data) {
-                if ( ! _.isUndefined(redisClient) ) redis_pool.release(db, redisClient);
-                callback(err, data);
-            }
-        );
-    };
-
-    return me;
-}();

lib/cartodb/cartodb_windshaft.js

@@ -17,7 +17,7 @@ var CartodbWindshaft = function(serverOptions) {
 
     serverOptions.beforeStateChange = function(req, callback) {
         var err = null;
-        if ( ! req.hasOwnProperty('dbuser') ) {
+        if ( ! req.params.hasOwnProperty('dbuser') ) {
           err = new Error("map state cannot be changed by unauthenticated request!");
         }
         callback(err, req);

lib/cartodb/redis_pool.js

@@ -1,80 +0,0 @@
-/**
- * RedisPool. A database specific redis pooling lib
- *
- */
-
-var redis  = require('redis')
-  , _      = require('underscore')
-  , Pool   = require('generic-pool').Pool;
-
-// constructor.
-// 
-// - `opts` {Object} optional config for redis and pooling
-var RedisPool = function(opts){
-  var opts = opts || {};
-  var defaults = {
-    host: '127.0.0.1', 
-    port: '6379', 
-    max: 50, 
-    idleTimeoutMillis: 10000, 
-    reapIntervalMillis: 1000, 
-    log: false
-  };    
-  var options = _.defaults(opts, defaults)
-
-  var me = {
-    pools: {} // cached pools by DB name
-  };
-  
-  // Acquire resource.
-  //
-  // - `database` {String} redis database name
-  // - `callback` {Function} callback to call once acquired. Takes the form
-  //   `callback(err, resource)`  
-  me.acquire = function(database, callback) {
-      if (!this.pools[database]) {
-        this.pools[database] = this.makePool(database);            
-      }
-      this.pools[database].acquire(function(err,resource) {
-        callback(err, resource);
-      });
-  };
-  
-  // Release resource.
-  //
-  // - `database` {String} redis database name
-  // - `resource` {Object} resource object to release
-  me.release = function(database, resource) {
-      this.pools[database] && this.pools[database].release(resource);
-  };
-    
-  // Factory for pool objects.
-  me.makePool = function(database) {
-    return Pool({
-      name: database,
-      create: function(callback){
-        var client = redis.createClient(options.port, options.host);          
-        client.on('connect', function () {
-          client.send_anyway = true;
-          client.select(database);  
-          client.send_anyway = false;
-          callback(null, client);
-        });    
-        client.on('error', function (err) {
-          callback(err, null);
-        });
-      },
-      destroy: function(client) { 
-        return client.quit(); 
-      },
-      max: options.max, 
-      idleTimeoutMillis: options.idleTimeoutMillis, 
-      reapIntervalMillis: options.reapIntervalMillis, 
-      log: options.log 
-    });
-  };
-      
-  return me;
-};
-
-module.exports = RedisPool;

lib/cartodb/server_options.js

@@ -1,6 +1,6 @@
 var   _          = require('underscore')
     , Step       = require('step')
-    , cartoData  = require('./carto_data')
+    , cartoData  = require('cartodb-redis')(global.environment.redis)
     , Cache = require('./cache_validator')
     , mapnik     = require('mapnik')
     , crypto     = require('crypto')
@@ -9,7 +9,9 @@ var   _          = require('underscore')
   ;
 
 // This is for backward compatibility with 1.3.3
-if ( ! global.environment.sqlapi.domain ) global.environment.sqlapi.host;
+if ( _.isUndefined(global.environment.sqlapi.domain) ) {
+  global.environment.sqlapi.domain = global.environment.sqlapi.host;
+}
 
 module.exports = function(){
 
@@ -65,7 +67,9 @@ module.exports = function(){
       var api = global.environment.sqlapi;
 
       // build up api string
-      var sqlapi = api.protocol + '://' + username + '.' + api.domain + ':' + api.port + '/api/' + api.version + '/sql'
+      var sqlapi = api.protocol + '://' + username;
+      if ( api.domain ) sqlapi += '.' + api.domain;
+      sqlapi += ':' + api.port + '/api/' + api.version + '/sql'
 
       var qs  = { q: sql }
 
@@ -84,7 +88,7 @@ module.exports = function(){
               callback(new Error(msg));
               console.log('unexpected response status (' + res.statusCode + ') for sql query: ' + sql + ': ' + msg);
               return;
-          } 
+          }
           callback(null, body.rows);
       });
     };
@@ -162,7 +166,7 @@ module.exports = function(){
       if ( me.channelCache.hasOwnProperty(cacheKey) ) {
         callback(null, me.channelCache[cacheKey]);
         return;
-      } 
+      }
       else if ( req.params.token ) {
         // cached cache channel for token-based access should be constructed
         // at cache creation time
@@ -233,7 +237,7 @@ module.exports = function(){
         me.generateCacheChannel(req, function(err, channel){
             if ( ! err ) {
               res.header('X-Cache-Channel', channel);
-              cb(null, channel); 
+              cb(null, channel);
             } else {
               console.log('ERROR generating cache channel: ' + ( err.message ? err.message : err ));
               // TODO: evaluate if we should bubble up the error instead
@@ -264,6 +268,7 @@ module.exports = function(){
         // take place before proceeding. Error will be logged
         // asyncronously
         cartoData.incMapviewCount(username, mapconfig.stat_tag, function(err) {
+          if (req.profiler) req.profiler.done('incMapviewCount');
           if ( err ) console.log("ERROR: failed to increment mapview count for user '" + username + "': " + err);
           done();
         });
@@ -281,12 +286,14 @@ module.exports = function(){
         var cacheKey = dbName + ':' + token;
 
         me.affectedTables(usr, key, sql, function(err, tableNames) {
+            if (req.profiler) req.profiler.done('affectedTables');
 
             if ( err ) { done(err); return; }
             var cacheChannel = me.buildCacheChannel(dbName,tableNames);
             me.channelCache[cacheKey] = cacheChannel; // store for caching
             // find last updated
             me.findLastUpdated(usr, key, tableNames, function(err, lastUpdated) {
+              if (req.profiler) req.profiler.done('findLastUpdated');
               if ( err ) { done(err); return; }
               response.layergroupid = response.layergroupid + ':' + lastUpdated; // use epoch
               response.last_updated = new Date(lastUpdated).toISOString(); // TODO: use ISO format
@@ -297,6 +304,73 @@ module.exports = function(){
 
 /* X-Cache-Channel generation } */
 
+    /**
+     * Get privacy for cartodb table
+     *
+     * @param req - standard req object. Importantly contains table and host information
+     * @param callback - is the table private or not?
+     */
+    me.authorize= function(req, callback) {
+        var that = this;
+
+        Step(
+            function(){
+                cartoData.checkMapKey(req, this);
+            },
+            function checkIfInternal(err, check_result){
+                if (err) throw err;
+
+                // if unauthorized continue to check table privacy
+                if (check_result !== 1) return true;
+
+                // authorized by key, login as db owner 
+                var user_params = {};
+                var auth_user = global.environment.postgres_auth_user;
+                var auth_pass = global.environment.postgres_auth_pass;
+                Step(
+                  function getId() {
+                    cartoData.getId(req, this);
+                  },
+                  function(err, user_id) {
+                    if (err) throw err;
+                    user_params['user_id'] = user_id;
+                    var dbuser = _.template(auth_user, user_params);
+                    _.extend(req.params, {dbuser:dbuser});
+
+                    // skip looking up user_password if postgres_auth_pass
+                    // doesn't contain the "user_password" label 
+                    if ( ! auth_pass.match(/\buser_password\b/) ) return null;
+
+                    cartoData.getDatabasePassword(req, this);
+                  },
+                  function(err, user_password) {
+                    if (err) throw err;
+                    user_params['user_password'] = user_password;
+                    if ( auth_pass ) {
+                      var dbpass = _.template(auth_pass, user_params);
+                      _.extend(req.params, {dbpassword:dbpass});
+                    }
+                    return true;
+                  },
+                  function finish(err) {
+                    callback(err, true); // authorized (or error)
+                  }
+                );
+            }
+            ,function getDatabase(err, data){
+                if (err) throw err;
+                cartoData.getDatabase(req, this);
+            },
+            function getPrivacy(err, data){
+                if (err) throw err;
+                cartoData.getTablePrivacy(data, req.params.table, this);
+            },
+            function(err, data){
+                callback(err, data);
+            }
+        );
+    };
+
     /**
      * Whitelist input and get database name & default geometry type from
      * subdomain/user metadata held in CartoDB Redis
@@ -322,7 +396,7 @@ module.exports = function(){
                 delete req.query.lzma
                 _.extend(req.query, JSON.parse(result))
                 me.req2params(req, callback);
-              } catch (err) { 
+              } catch (err) {
                 callback(new Error('Error parsing lzma as JSON: ' + err));
               }
             },
@@ -354,9 +428,22 @@ module.exports = function(){
         req.params.interactivity = req.params.interactivity || 'cartodb_id';
 
         req.params.processXML = function(req, xml, callback) {
-          var dbuser = req.dbuser ? req.dbuser : global.settings.postgres.user;
+
+          // Replace dbuser
+          var dbuser = req.params.dbuser || global.environment.postgres.user;
           if ( ! me.rx_dbuser ) me.rx_dbuser = /(<Parameter name="user"><!\[CDATA\[)[^\]]*(]]><\/Parameter>)/g;
           xml = xml.replace(me.rx_dbuser, "$1" + dbuser + "$2");
+
+          // Replace dbpass
+          var dbpass = req.params.dbpassword || global.environment.postgres.password;
+          if ( ! me.rx_dbpass ) me.rx_dbpass = /(<Parameter name="password"><!\[CDATA\[)[^\]]*(]]><\/Parameter>)/g;
+          xml = xml.replace(me.rx_dbpass, "$1" + dbpass + "$2");
+
+          // Replace or set dbhost
+          var dbhost = req.params.dbhost || global.environment.postgres.host;
+          if ( ! me.rx_dbhost ) me.rx_dbhost = /(<Parameter name="host"><!\[CDATA\[)[^\]]*(]]><\/Parameter>)/g;
+          xml = xml.replace(me.rx_dbhost, "$1" + dbhost + "$2");
+
           callback(null, xml);
         }
 
@@ -366,35 +453,42 @@ module.exports = function(){
 
         Step(
             function getPrivacy(){
-                cartoData.authorize(req, this);
+                me.authorize(req, this);
             },
             function gatekeep(err, data){
-        if (req.profiler) req.profiler.done('cartoData.authorize');
+                if (req.profiler) req.profiler.done('cartoData.authorize');
                 if(err) throw err;
                 if(data === "0") throw new Error("Sorry, you are unauthorized (permission denied)");
                 return data;
             },
-            function getDatabase(err, data){
+            function getDatabaseHost(err, data){
                 if(err) throw err;
 
+                cartoData.getDatabaseHost(req, this);
+            },
+            function getDatabase(err, data){
+                if (req.profiler) req.profiler.done('cartoData.getDatabaseHost');
+                if(err) throw err;
+                if ( data ) _.extend(req.params, {dbhost:data});
+
                 cartoData.getDatabase(req, this);
             },
             function getGeometryType(err, data){
-        if (req.profiler) req.profiler.done('cartoData.getDatabase');
+                if (req.profiler) req.profiler.done('cartoData.getDatabase');
                 if (err) throw err;
                 _.extend(req.params, {dbname:data});
 
                 cartoData.getGeometryType(req, this);
             },
             function finishSetup(err, data){
-        if (req.profiler) req.profiler.done('cartoData.getGeometryType');
+                if (req.profiler) req.profiler.done('cartoData.getGeometryType');
                 if ( err ) { callback(err, req); return; }
 
                 if (!_.isNull(data))
                     _.extend(req.params, {geom_type: data});
 
                 that.addCacheChannel(req, function(err) {
-        if (req.profiler) req.profiler.done('addCacheChannel');
+                  if (req.profiler) req.profiler.done('addCacheChannel');
                   callback(err, req);
                 });
             }

npm-shrinkwrap.json

@@ -1,6 +1,6 @@
 {
   "name": "windshaft-cartodb",
-  "version": "1.3.4",
+  "version": "1.5.1",
   "dependencies": {
     "node-varnish": {
       "version": "0.1.1"
@@ -9,38 +9,47 @@
       "version": "1.3.3"
     },
     "windshaft": {
-      "version": "0.13.4",
+      "version": "0.14.4",
       "dependencies": {
         "grainstore": {
-          "version": "0.13.8",
+          "version": "0.15.1",
           "dependencies": {
             "carto": {
-              "version": "0.9.3-cdb3",
-              "from": "git://github.com/CartoDB/carto.git#cdb-0.9.3-cdb3",
+              "version": "0.9.5-cdb2",
+              "from": "git://github.com/CartoDB/carto.git#0.9.5-cdb2",
               "dependencies": {
-                "mapnik-reference": {
-                  "version": "5.0.0-cdb1",
-                  "from": "git://github.com/CartoDB/mapnik-reference.git#cdb-5.0"
+                "underscore": {
+                  "version": "1.4.4"
                 },
                 "xml2js": {
-                  "version": "0.1.14",
+                  "version": "0.2.8",
                   "dependencies": {
                     "sax": {
                       "version": "0.5.5"
                     }
                   }
+                },
+                "optimist": {
+                  "version": "0.6.0",
+                  "dependencies": {
+                    "wordwrap": {
+                      "version": "0.0.2"
+                    },
+                    "minimist": {
+                      "version": "0.0.5"
+                    }
+                  }
                 }
               }
             },
             "mapnik-reference": {
-              "version": "5.0.4"
+              "version": "5.0.7"
             },
             "millstone": {
-              "version": "0.6.0-cdb1",
-              "from": "git://github.com/CartoDB/millstone.git#cdb-0.6.0-cdb1",
+              "version": "0.6.8",
               "dependencies": {
                 "underscore": {
-                  "version": "1.5.1"
+                  "version": "1.5.2"
                 },
                 "request": {
                   "version": "2.26.0",
@@ -101,7 +110,7 @@
                       "version": "1.4.1"
                     },
                     "form-data": {
-                      "version": "0.1.1",
+                      "version": "0.1.2",
                       "dependencies": {
                         "combined-stream": {
                           "version": "0.0.4",
@@ -119,13 +128,53 @@
                   }
                 },
                 "srs": {
-                  "version": "0.3.2"
+                  "version": "0.3.8"
                 },
                 "zipfile": {
-                  "version": "0.4.0"
+                  "version": "0.4.2"
                 },
                 "sqlite3": {
-                  "version": "2.1.15"
+                  "version": "2.1.19",
+                  "dependencies": {
+                    "tar.gz": {
+                      "version": "0.1.1",
+                      "dependencies": {
+                        "fstream": {
+                          "version": "0.1.25",
+                          "dependencies": {
+                            "rimraf": {
+                              "version": "2.2.2"
+                            },
+                            "graceful-fs": {
+                              "version": "2.0.1"
+                            },
+                            "inherits": {
+                              "version": "2.0.1"
+                            }
+                          }
+                        },
+                        "tar": {
+                          "version": "0.1.18",
+                          "dependencies": {
+                            "inherits": {
+                              "version": "2.0.1"
+                            },
+                            "block-stream": {
+                              "version": "0.0.7"
+                            }
+                          }
+                        },
+                        "commander": {
+                          "version": "1.1.1",
+                          "dependencies": {
+                            "keypress": {
+                              "version": "0.1.0"
+                            }
+                          }
+                        }
+                      }
+                    }
+                  }
                 },
                 "mime": {
                   "version": "1.2.11"
@@ -140,7 +189,7 @@
                       "version": "0.0.2"
                     },
                     "minimist": {
-                      "version": "0.0.2"
+                      "version": "0.0.5"
                     }
                   }
                 }
@@ -148,6 +197,9 @@
             }
           }
         },
+        "generic-pool": {
+          "version": "2.0.4"
+        },
         "express": {
           "version": "2.5.11",
           "dependencies": {
@@ -187,11 +239,10 @@
           }
         },
         "tilelive-mapnik": {
-          "version": "0.5.0",
-          "from": "git://github.com/Vizzuality/tilelive-mapnik.git#5908346",
+          "version": "0.6.4",
           "dependencies": {
             "eio": {
-              "version": "0.2.1"
+              "version": "0.2.2"
             },
             "mime": {
               "version": "1.2.11"
@@ -209,11 +260,31 @@
     "step": {
       "version": "0.0.5"
     },
-    "generic-pool": {
-      "version": "2.0.3"
+    "request": {
+      "version": "2.9.202"
+    },
+    "cartodb-redis": {
+      "version": "0.1.0",
+      "dependencies": {
+        "generic-pool": {
+          "version": "2.0.4"
+        }
+      }
+    },
+    "mapnik": {
+      "version": "0.7.25"
+    },
+    "lzma": {
+      "version": "1.2.3"
+    },
+    "semver": {
+      "version": "1.1.4"
     },
     "redis": {
-      "version": "0.8.3"
+      "version": "0.8.6"
+    },
+    "strftime": {
+      "version": "0.6.2"
     },
     "hiredis": {
       "version": "0.1.15",
@@ -223,43 +294,56 @@
         }
       }
     },
-    "request": {
-      "version": "2.9.202"
-    },
-    "mapnik": {
-      "version": "0.7.22"
-    },
-    "strftime": {
-      "version": "0.6.0"
-    },
-    "lzma": {
-      "version": "1.2.3"
-    },
-    "semver": {
-      "version": "1.1.4"
-    },
     "mocha": {
-      "version": "1.2.1",
+      "version": "1.14.0",
       "dependencies": {
         "commander": {
-          "version": "0.6.1"
+          "version": "2.0.0"
         },
         "growl": {
-          "version": "1.5.1"
+          "version": "1.7.0"
         },
         "jade": {
           "version": "0.26.3",
           "dependencies": {
+            "commander": {
+              "version": "0.6.1"
+            },
             "mkdirp": {
               "version": "0.3.0"
             }
           }
         },
         "diff": {
-          "version": "1.0.2"
+          "version": "1.0.7"
         },
         "debug": {
-          "version": "0.7.2"
+          "version": "0.7.4"
+        },
+        "mkdirp": {
+          "version": "0.3.5"
+        },
+        "glob": {
+          "version": "3.2.3",
+          "dependencies": {
+            "minimatch": {
+              "version": "0.2.12",
+              "dependencies": {
+                "lru-cache": {
+                  "version": "2.5.0"
+                },
+                "sigmund": {
+                  "version": "1.0.0"
+                }
+              }
+            },
+            "graceful-fs": {
+              "version": "2.0.1"
+            },
+            "inherits": {
+              "version": "2.0.1"
+            }
+          }
         }
       }
     }

package.json

@@ -1,8 +1,11 @@
 {
     "private": true,
     "name": "windshaft-cartodb",
-    "version": "1.3.4",
+    "version": "1.5.1",
     "description": "A map tile server for CartoDB",
+    "keywords": [
+      "cartodb"
+    ],
     "url": "https://github.com/CartoDB/Windshaft-cartodb",
     "licenses": [{
         "type": "BSD",
@@ -21,18 +24,17 @@
     "dependencies": {
         "node-varnish": "0.1.1",
         "underscore"  : "~1.3.3",
-        "windshaft"  : "~0.13.4",
+        "windshaft"  : "~0.14.4",
         "step": "0.0.x",
-        "generic-pool": "~2.0.3",
-        "redis": "~0.8.3",
-        "hiredis": "~0.1.14",
         "request": "2.9.202",
-        "mapnik": "~0.7.14",
-        "strftime": "~0.6.0",
+        "cartodb-redis": "~0.1.0",
+        "mapnik": "~0.7.22",
         "lzma": "~1.2.3"
     },
     "devDependencies": {
-        "mocha": "1.2.1",
+        "mocha": "1.14.0",
+        "redis": "~0.8.3",
+        "strftime": "~0.6.0",
         "semver": "~1.1.0"
     },
     "scripts": {

run_tests.sh

@@ -1,9 +1,5 @@
 #!/bin/sh
 
-# Must match redis_port in config/environments/test.js
-# TODO: read from there
-REDIS_PORT=6333
-
 OPT_CREATE=yes # create the test environment
 OPT_DROP=yes   # drop the test environment
 
@@ -11,6 +7,9 @@ cd $(dirname $0)
 BASEDIR=$(pwd)
 cd -
 
+REDIS_PORT=`node -e "console.log(require('${BASEDIR}/config/environments/test.js').redis.port)"`
+export REDIS_PORT
+
 cleanup() {
   if test x"$OPT_DROP" = xyes; then
     if test x"$PID_REDIS" = x; then

test/acceptance/multilayer.js

@@ -99,7 +99,7 @@ suite('multilayer', function() {
               // Check X-Cache-Channel
               cc = res.headers['x-cache-channel'];
               assert.ok(cc); 
-              var dbname = 'cartodb_test_user_1_db'
+              var dbname = 'test_cartodb_user_1_db'
               assert.equal(cc.substring(0, dbname.length), dbname);
               var jsonquery = cc.substring(dbname.length+1);
               var sentquery = JSON.parse(jsonquery);
@@ -156,7 +156,7 @@ suite('multilayer', function() {
             errors.push(err.message);
             console.log("Error: " + err);
           }
-          redis_client.keys("map_style|cartodb_test_user_1_db|~" + expected_token, function(err, matches) {
+          redis_client.keys("map_style|test_cartodb_user_1_db|~" + expected_token, function(err, matches) {
               if ( err ) errors.push(err.message);
               assert.equal(matches.length, 1, "Missing expected token " + expected_token + " from redis: " + matches);
               redis_client.del(matches, function(err) {
@@ -229,7 +229,7 @@ suite('multilayer', function() {
               // Check X-Cache-Channel
               var cc = res.headers['x-cache-channel'];
               assert.ok(cc); 
-              var dbname = 'cartodb_test_user_1_db'
+              var dbname = 'test_cartodb_user_1_db'
               assert.equal(cc.substring(0, dbname.length), dbname);
               var jsonquery = cc.substring(dbname.length+1);
               var sentquery = JSON.parse(jsonquery);
@@ -262,7 +262,7 @@ suite('multilayer', function() {
               // Check X-Cache-Channel
               var cc = res.headers['x-cache-channel'];
               assert.ok(cc); 
-              var dbname = 'cartodb_test_user_1_db'
+              var dbname = 'test_cartodb_user_1_db'
               assert.equal(cc.substring(0, dbname.length), dbname);
               var jsonquery = cc.substring(dbname.length+1);
               var sentquery = JSON.parse(jsonquery);
@@ -321,7 +321,7 @@ suite('multilayer', function() {
             errors.push(err.message);
             console.log("Error: " + err);
           }
-          redis_client.keys("map_style|cartodb_test_user_1_db|~" + expected_token, function(err, matches) {
+          redis_client.keys("map_style|test_cartodb_user_1_db|~" + expected_token, function(err, matches) {
               if ( err ) errors.push(err.message);
               assert.equal(matches.length, 1, "Missing expected token " + expected_token + " from redis: " + matches);
               redis_client.del(matches, function(err) {
@@ -417,7 +417,7 @@ suite('multilayer', function() {
           var next = this;
           // trip epoch
           expected_token = expected_token.split(':')[0];
-          redis_client.keys("map_style|cartodb_test_user_1_db|~" + expected_token, function(err, matches) {
+          redis_client.keys("map_style|test_cartodb_user_1_db|~" + expected_token, function(err, matches) {
               redis_client.del(matches, next);
           });
         },
@@ -468,19 +468,19 @@ suite('multilayer', function() {
            { options: {
                sql: 'select * from test_table_private_1 where cartodb_id=1',
                cartocss: '#layer { marker-fill:red; marker-width:32; marker-allow-overlap:true; }', 
-               cartocss_version: '2.1.1',
+               cartocss_version: '2.1.0',
                interactivity: 'cartodb_id'
              } },
            { options: {
                sql: 'select * from test_table_private_1 where cartodb_id=2',
                cartocss: '#layer { marker-fill:blue; marker-allow-overlap:true; }', 
-               cartocss_version: '2.1.1',
+               cartocss_version: '2.1.0',
                interactivity: 'cartodb_id'
              } }
         ]
       };
 
-      var expected_token = "50cb56d0ebe9142ca4ed97bc8dac3ee1";
+      var expected_token = "b4ed64d93a411a59f330ab3d798e4009";
       Step(
         function do_post()
         {
@@ -525,7 +525,7 @@ suite('multilayer', function() {
               // Check X-Cache-Channel
               var cc = res.headers['x-cache-channel'];
               assert.ok(cc); 
-              var dbname = 'cartodb_test_user_1_db'
+              var dbname = 'test_cartodb_user_1_db'
               assert.equal(cc.substring(0, dbname.length), dbname);
               next(err);
           });
@@ -559,13 +559,216 @@ suite('multilayer', function() {
               next(err);
           });
         },
+        function do_get_tile_unauth(err)
+        {
+          if ( err ) throw err;
+          var next = this;
+          assert.response(server, {
+              url: '/tiles/layergroup/' + expected_token + ':cb0/0/0/0.png',
+              method: 'GET',
+              headers: {host: 'localhost' },
+              encoding: 'binary'
+          }, {}, function(res) {
+              assert.equal(res.statusCode, 401);
+              var re = RegExp('permission denied');
+              assert.ok(res.body.match(re), 'No "permission denied" error: ' + res.body);
+              next(err);
+          });
+        },
+        function do_get_grid_layer0_unauth(err)
+        {
+          if ( err ) throw err;
+          var next = this;
+          assert.response(server, {
+              url: '/tiles/layergroup/' + expected_token
+                 + '/0/0/0/0.grid.json',
+              headers: {host: 'localhost' },
+              method: 'GET'
+          }, {}, function(res) {
+              assert.equal(res.statusCode, 401);
+              var re = RegExp('permission denied');
+              assert.ok(res.body.match(re), 'No "permission denied" error: ' + res.body);
+              next(err);
+          });
+        },
+        function do_get_grid_layer1_unauth(err)
+        {
+          if ( err ) throw err;
+          var next = this;
+          assert.response(server, {
+              url: '/tiles/layergroup/' + expected_token
+                 + '/1/0/0/0.grid.json',
+              headers: {host: 'localhost' },
+              method: 'GET'
+          }, {}, function(res) {
+              assert.equal(res.statusCode, 401);
+              var re = RegExp('permission denied');
+              assert.ok(res.body.match(re), 'No "permission denied" error: ' + res.body);
+              next(err);
+          });
+        },
         function finish(err) {
           var errors = [];
           if ( err ) {
             errors.push(err.message);
             console.log("Error: " + err);
           }
-          redis_client.keys("map_style|cartodb_test_user_1_db|~" + expected_token, function(err, matches) {
+          redis_client.keys("map_style|test_cartodb_user_1_db|~" + expected_token, function(err, matches) {
+              if ( err ) errors.push(err.message);
+              assert.equal(matches.length, 1, "Missing expected token " + expected_token + " from redis: " + matches);
+              redis_client.del(matches, function(err) {
+                if ( err ) errors.push(err.message);
+                if ( errors.length ) done(new Error(errors));
+                else done(null);
+              });
+          });
+        }
+      );
+    });
+
+    // https://github.com/cartodb/Windshaft-cartodb/issues/81
+    test("invalid text-name in CartoCSS", function(done) {
+
+      var layergroup =  {
+        version: '1.0.1',
+        layers: [
+           { options: {
+               sql: "select 1 as cartodb_id, 'SRID=3857;POINT(0 0)'::geometry as the_geom_webmercator",
+               cartocss: '#sample { text-name: cartodb_id; text-face-name: "Dejagnu"; }',
+               cartocss_version: '2.1.0',
+             } }
+        ]
+      };
+
+      assert.response(server, {
+          url: '/tiles/layergroup?',
+          method: 'POST',
+          headers: {host: 'localhost', 'Content-Type': 'application/json' },
+          data: JSON.stringify(layergroup)
+      }, {}, function(res) {
+          assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
+          var parsed = JSON.parse(res.body);
+          assert.equal(parsed.errors.length, 1);
+          var errmsg = parsed.errors[0];
+          assert.ok(errmsg.match(/text-face-name.*Dejagnu/), parsed.errors.toString());
+          done();
+      });
+    });
+
+    test("quotes CartoCSS", function(done) {
+
+      var layergroup =  {
+        version: '1.0.1',
+        layers: [
+           { options: {
+               sql: "select 'single''quote' as n, 'SRID=3857;POINT(0 0)'::geometry as the_geom_webmercator",
+               cartocss: '#s [n="single\'quote" ] { marker-fill:red; }',
+               cartocss_version: '2.1.0',
+             } },
+           { options: {
+               sql: "select 'double\"quote' as n, 'SRID=3857;POINT(2 0)'::geometry as the_geom_webmercator",
+               cartocss: '#s [n="double\\"quote" ] { marker-fill:red; }',
+               cartocss_version: '2.1.0',
+             } }
+        ]
+      };
+
+      assert.response(server, {
+          url: '/tiles/layergroup?',
+          method: 'POST',
+          headers: {host: 'localhost', 'Content-Type': 'application/json' },
+          data: JSON.stringify(layergroup)
+      }, {}, function(res) {
+          assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+          done();
+      });
+    });
+
+    // See https://github.com/CartoDB/Windshaft-cartodb/issues/87
+    test("exponential notation in CartoCSS filter values", function(done) {
+      var layergroup =  {
+        version: '1.0.1',
+        layers: [
+           { options: {
+               sql: "select .4 as n, 'SRID=3857;POINT(0 0)'::geometry as the_geom_webmercator",
+               cartocss: '#s [n<=.2e-2] { marker-fill:red; }',
+               cartocss_version: '2.1.0',
+             } }
+        ]
+      };
+      assert.response(server, {
+          url: '/tiles/layergroup?',
+          method: 'POST',
+          headers: {host: 'localhost', 'Content-Type': 'application/json' },
+          data: JSON.stringify(layergroup)
+      }, {}, function(res) {
+          assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+          done();
+      });
+    });
+
+    // See https://github.com/CartoDB/Windshaft-cartodb/issues/93
+    test("accepts unused directives", function(done) {
+      var layergroup =  {
+        version: '1.0.0',
+        layers: [
+           { options: {
+               sql: "select 'SRID=3857;POINT(0 0)'::geometry as the_geom_webmercator",
+               cartocss: '#layer { point-transform:"scale(20)"; }', 
+               cartocss_version: '2.0.1'
+             } }
+        ]
+      };
+      var expected_token; // = "e34dd7e235138a062f8ba7ad051aa3a7";
+      Step(
+        function do_post()
+        {
+          var next = this;
+          assert.response(server, {
+              url: '/tiles/layergroup',
+              method: 'POST',
+              headers: {host: 'localhost', 'Content-Type': 'application/json' },
+              data: JSON.stringify(layergroup)
+          }, {}, function(res) {
+              assert.equal(res.statusCode, 200, res.body);
+              var parsedBody = JSON.parse(res.body);
+              var expectedBody = { layergroupid: expected_token };
+              if ( expected_token ) {
+                assert.equal(parsedBody.layergroupid, expected_token + ':' + expected_last_updated_epoch);
+              }
+              else {
+                var token_components = parsedBody.layergroupid.split(':');
+                expected_token = token_components[0];
+                expected_last_updated_epoch = token_components[1];
+              }
+              next(null, res);
+          });
+        },
+        function do_get_tile(err)
+        {
+          if ( err ) throw err;
+          var next = this;
+          assert.response(server, {
+              url: '/tiles/layergroup/' + expected_token + ':cb0/0/0/0.png',
+              method: 'GET',
+              headers: {host: 'localhost' },
+              encoding: 'binary'
+          }, {}, function(res) {
+              assert.equal(res.statusCode, 200, res.body);
+              assert.equal(res.headers['content-type'], "image/png");
+              assert.imageEqualsFile(res.body, windshaft_fixtures + '/test_default_mapnik_point.png', 2,
+                function(err, similarity) {
+                  next(err);
+              });
+          });
+        },
+        function finish(err) {
+          var errors = [];
+          if ( err ) {
+            errors.push(err.message);
+            console.log("Error: " + err);
+          }
+          redis_client.keys("map_style|test_cartodb_user_1_db|~" + expected_token, function(err, matches) {
               if ( err ) errors.push(err.message);
               assert.equal(matches.length, 1, "Missing expected token " + expected_token + " from redis: " + matches);
               redis_client.del(matches, function(err) {

test/acceptance/server.js

@@ -21,13 +21,21 @@ suite('server', function() {
     var redis_client = redis.createClient(global.environment.redis.port);
     var sqlapi_server;
 
-    var default_style = semver.satisfies(mapnik.versions.mapnik, '<2.1.0')
-    ?
+    var mapnik_version = global.environment.mapnik_version || mapnik.versions.mapnik;
+    var test_database = 'test_cartodb_user_1_db';
+    var default_style;
+    if ( semver.satisfies(mapnik_version, '<2.1.0') ) {
       // 2.0.0 default
-      '#<%= table %>{marker-fill: #FF6600;marker-opacity: 1;marker-width: 8;marker-line-color: white;marker-line-width: 3;marker-line-opacity: 0.9;marker-placement: point;marker-type: ellipse;marker-allow-overlap: true;}'
-    :
+      default_style = '#<%= table %>{marker-fill: #FF6600;marker-opacity: 1;marker-width: 8;marker-line-color: white;marker-line-width: 3;marker-line-opacity: 0.9;marker-placement: point;marker-type: ellipse;marker-allow-overlap: true;}';
+    }
+    else if ( semver.satisfies(mapnik_version, '<2.2.0') ) {
       // 2.1.0 default
-      '#<%= table %>[mapnik-geometry-type=1] {marker-fill: #FF6600;marker-opacity: 1;marker-width: 16;marker-line-color: white;marker-line-width: 3;marker-line-opacity: 0.9;marker-placement: point;marker-type: ellipse;marker-allow-overlap: true;}#<%= table %>[mapnik-geometry-type=2] {line-color:#FF6600; line-width:1; line-opacity: 0.7;}#<%= table %>[mapnik-geometry-type=3] {polygon-fill:#FF6600; polygon-opacity: 0.7; line-opacity:1; line-color: #FFFFFF;}';
+      default_style = '#<%= table %>[mapnik-geometry-type=1] {marker-fill: #FF6600;marker-opacity: 1;marker-width: 16;marker-line-color: white;marker-line-width: 3;marker-line-opacity: 0.9;marker-placement: point;marker-type: ellipse;marker-allow-overlap: true;}#<%= table %>[mapnik-geometry-type=2] {line-color:#FF6600; line-width:1; line-opacity: 0.7;}#<%= table %>[mapnik-geometry-type=3] {polygon-fill:#FF6600; polygon-opacity: 0.7; line-opacity:1; line-color: #FFFFFF;}';
+    }
+    else {
+      // 2.2.0+ default
+      default_style = '#<%= table %>["mapnik::geometry_type"=1] {marker-fill: #FF6600;marker-opacity: 1;marker-width: 16;marker-line-color: white;marker-line-width: 3;marker-line-opacity: 0.9;marker-placement: point;marker-type: ellipse;marker-allow-overlap: true;}#<%= table %>["mapnik::geometry_type"=2] {line-color:#FF6600; line-width:1; line-opacity: 0.7;}#<%= table %>["mapnik::geometry_type"=3] {polygon-fill:#FF6600; polygon-opacity: 0.7; line-opacity:1; line-color: #FFFFFF;}';
+    }
 
     // A couple of styles to use during testing
     var test_style_black_200 = "#test_table{marker-fill:black;marker-line-color:red;marker-width:10}";
@@ -95,7 +103,7 @@ suite('server', function() {
             method: 'GET'
         },{
             status: 200,
-            headers: { 'X-Cache-Channel': 'cartodb_test_user_1_db:my_table' },
+            headers: { 'X-Cache-Channel': test_database+':my_table' },
         }, function(res) {
             var parsed = JSON.parse(res.body);
             assert.equal(parsed.style, _.template(default_style, {table: 'my_table'}));
@@ -133,7 +141,7 @@ suite('server', function() {
           // FIXME: should be 401 Unauthorized
           assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
           assert.deepEqual(JSON.parse(res.body),
-            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+            {error:"missing unknown_user's database_name in redis (try CARTODB/script/restore_redis)"});
           done();
         });
     });
@@ -155,6 +163,43 @@ suite('server', function() {
         });
     });
 
+    // See https://github.com/CartoDB/Windshaft-cartodb/issues/94
+    test("get'ing unrenderable style", function(done) {
+      var base_key = 'map_style|'+test_database+'|issue94';
+      var style = '#s{bogus}';
+      Step(
+        function checkRedis() {
+          redis_client.keys(base_key+'*', this);
+        },
+        function setupRedisBase(err, matches) {
+          if ( err ) throw err;
+          assert.equal(matches.length, 0);
+          redis_client.set(base_key, 
+            JSON.stringify({ style: style }),
+          this);
+        },
+        function getStyle(err) {
+          if ( err ) throw err;
+          var next = this;
+          assert.response(server, {
+              headers: {host: 'localhost'},
+              url: '/tiles/issue94/style',
+              method: 'GET'
+              }, {}, function(res) { next(null, res); });
+        },
+        function checkStyle(err, res) {
+          if ( err ) throw err;
+          assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+          var parsed = JSON.parse(res.body);
+          assert.equal(parsed.style, style);
+          return null
+        },
+        function finish(err) {
+          done(err);
+        }
+      );
+    });
+
     /////////////////////////////////////////////////////////////////////////////////
     //
     // POST STYLE
@@ -190,10 +235,11 @@ suite('server', function() {
             method: 'POST',
             headers: {host: 'localhost', 'Content-Type': 'application/x-www-form-urlencoded' },
             data: querystring.stringify({style: '#my_table3{'})
-        },{
-            status: 400, 
-            body: /Missing closing/
-        }, function() { done(); });
+        },{}, function(res) {
+          assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
+          assert.ok( RegExp(/missing closing/i).test(res.body) );
+          done();
+        });
     });
     
     test("post'ing multiple bad styles returns 400 with error array", function(done){
@@ -432,7 +478,7 @@ suite('server', function() {
             method: 'GET'
         },{
             status: 200,
-            headers: { 'X-Cache-Channel': 'cartodb_test_user_1_db:my_tablez' },
+            headers: { 'X-Cache-Channel': test_database+':my_tablez' },
             body: '{"infowindow":null}'
         }, function() { done(); });
     });
@@ -485,7 +531,7 @@ suite('server', function() {
           // FIXME: should be 401 Unauthorized
           assert.equal(res.statusCode, 500, res.statusCode + ': ' + res.body);
           assert.deepEqual(JSON.parse(res.body),
-            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+            {error:"missing unknown_user's database_name in redis (try CARTODB/script/restore_redis)"});
           done();
         });
     });
@@ -516,7 +562,7 @@ suite('server', function() {
         },{
             status: 200,
             headers: { 'Content-Type': 'text/javascript; charset=utf-8; charset=utf-8',
-                       'X-Cache-Channel': 'cartodb_test_user_1_db:gadm4' }
+                       'X-Cache-Channel': test_database+':gadm4' }
         }, function() { done(); });
     });
     
@@ -568,7 +614,7 @@ suite('server', function() {
           // FIXME: should be 401 Unauthorized
           assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
           assert.deepEqual(JSON.parse(res.body),
-            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+            {error:"missing unknown_user's database_name in redis (try CARTODB/script/restore_redis)"});
           done();
         });
     });
@@ -631,7 +677,7 @@ suite('server', function() {
             method: 'GET'
         },{
             status: 200,
-            headers: { 'Content-Type': 'image/png', 'X-Cache-Channel': 'cartodb_test_user_1_db:gadm4' }
+            headers: { 'Content-Type': 'image/png', 'X-Cache-Channel': test_database+':gadm4' }
         }, function() { done(); });
     });
     
@@ -719,7 +765,7 @@ suite('server', function() {
           // FIXME: should be 401 Unauthorized
           assert.equal(res.statusCode, 400, res.statusCode + ': ' + res.body);
           assert.deepEqual(JSON.parse(res.body),
-            {error:"missing unknown_user's dbname in redis (try CARTODB/script/restore_redis)"});
+            {error:"missing unknown_user's database_name in redis (try CARTODB/script/restore_redis)"});
           done();
         });
     });
@@ -763,6 +809,79 @@ suite('server', function() {
         });
     });
 
+    // See https://github.com/CartoDB/Windshaft-cartodb/issues/88
+    test("get'ing a tile from a user-specific database should return an expected tile",  function(done){
+        var style = querystring.stringify({style: test_style_black_200, style_version: '2.0.0'});
+        var backupDBHost = global.environment.postgres.host;
+        global.environment.postgres.host = '6.6.6.6';
+        Step (
+          function() {
+            var next = this;
+            assert.response(server, {
+                headers: {host: 'cartodb250user'},
+                url: '/tiles/test_table/15/16046/12354.png?cache_buster=4.10&' + style, 
+                method: 'GET',
+                encoding: 'binary'
+            },{}, function(res){
+              next(null, res);
+            });
+          },
+          function checkRes(err, res) {
+            assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+            var ct = res.headers['content-type'];
+            assert.equal(ct, 'image/png');
+            assert.imageEqualsFile(res.body,
+              './test/fixtures/test_table_15_16046_12354_styled_black.png',
+              2, this);
+          },
+          function checkImage(err, similarity) {
+              if (err) throw err;
+              return null
+          },
+          function finish(err) {
+            global.environment.postgres.host = backupDBHost;
+            done(err);
+          }
+        );
+    });
+
+    // See https://github.com/CartoDB/Windshaft-cartodb/issues/89
+    test("get'ing a tile with a user-specific database password",  function(done){
+        var style = querystring.stringify({style: test_style_black_200, style_version: '2.0.0'});
+        var backupDBPass = global.settings.postgres_auth_pass;
+        global.settings.postgres_auth_pass = '<%= user_password %>';
+        Step (
+          function() {
+            var next = this;
+            assert.response(server, {
+                headers: {host: 'cartodb250user'},
+                url: '/tiles/test_table/15/16046/12354.png?'
+                  + 'cache_buster=4.20&api_key=4321&' + style, 
+                method: 'GET',
+                encoding: 'binary'
+            },{}, function(res){
+              next(null, res);
+            });
+          },
+          function checkRes(err, res) {
+            assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+            var ct = res.headers['content-type'];
+            assert.equal(ct, 'image/png');
+            assert.imageEqualsFile(res.body,
+              './test/fixtures/test_table_15_16046_12354_styled_black.png',
+              2, this);
+          },
+          function checkImage(err, similarity) {
+              if (err) throw err;
+              return null
+          },
+          function finish(err) {
+            global.settings.postgres_auth_pass = backupDBPass;
+            done(err);
+          }
+        );
+    });
+
     test("get'ing a tile with url specified 2.1.0 style should return an expected tile",  function(done){
         var style = querystring.stringify({style: test_style_black_210, style_version: '2.1.0'});
         assert.response(server, {
@@ -954,8 +1073,7 @@ suite('server', function() {
           });
         },
         function finish(err) {
-          if ( err ) done(err);
-          else done();
+          done(err);
         }
       );
     });
@@ -970,24 +1088,30 @@ suite('server', function() {
         var sqlapi;
         Step(
           function sendRequest(err) {
+            var next = this;
             assert.response(server, {
                 headers: {host: 'localhost'},
                 url: '/tiles/gadm4/6/31/24.png?' + querystring.stringify(qo),
                 method: 'GET'
-            },{}, this);
+            },{}, function(res) { next(null, res); });
           },
-          function checkResponse(res) {
+          function checkResponse(err, res) {
+            if ( err ) throw err;
             assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
             var ct = res.headers['content-type'];
             assert.equal(ct, 'image/png');
             var cc = res.headers['x-cache-channel'];
-            var dbname = 'cartodb_test_user_1_db'
+            assert(cc);
+            var dbname = 'test_cartodb_user_1_db'
             assert.equal(cc.substring(0, dbname.length), dbname);
             var jsonquery = cc.substring(dbname.length+1);
             var sentquery = JSON.parse(jsonquery);
             assert.equal(sentquery.api_key, qo.map_key);
             assert.equal(sentquery.q, 'SELECT CDB_QueryTables($windshaft$' + qo.sql + '$windshaft$)');
-            done();
+            return null;
+          },
+          function finish(err) {
+            done(err);
           }
         );
     });
@@ -1003,23 +1127,45 @@ suite('server', function() {
         var sqlapi;
         Step(
           function sendRequest(err) {
+            var next = this;
             assert.response(server, {
                 headers: {host: 'localhost'},
                 url: '/tiles/gadm4/6/31/24.png?' + querystring.stringify(qo),
                 method: 'GET'
-            },{}, this);
+            },{}, function(res) { next(null, res); });
           },
-          function checkResponse(res) {
+          function checkResponse(err, res) {
+            if ( err ) throw err;
             assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
             var ct = res.headers['content-type'];
             assert.equal(ct, 'image/png');
             // does NOT send an x-cache-channel
             assert.ok(!res.headers.hasOwnProperty('x-cache-channel'));
-            done();
+            return null;
+          },
+          function finish(err) {
+            done(err);
           }
         );
     });
 
+    // Zoom is a special variable
+    test("Specifying zoom level in CartoCSS does not need a 'zoom' variable in SQL output", function(done){
+        // NOTE: may fail if grainstore < 0.3.0 is used by Windshaft
+        var query = querystring.stringify({
+          sql: "SELECT 'SRID=3857;POINT(0 0)'::geometry as the_geom_webmercator, 1::int as cartodb_id",
+          style: '#gadm4 [ zoom>=3] { marker-fill:red; }'
+        });
+        assert.response(server, {
+            headers: {host: 'localhost'},
+            url: '/tiles/gadm4/0/0/0.png?' + query,
+            method: 'GET'
+        },{}, function(res) {
+          assert.equal(res.statusCode, 200, res.statusCode + ': ' + res.body);
+          done();
+        });
+    });
+
     /////////////////////////////////////////////////////////////////////////////////
     //
     // DELETE CACHE 

test/support/config.js

@@ -1,5 +1,8 @@
 var _ = require('underscore');
 
+
+require(__dirname + '/test_helper');
+
 module.exports = function(opts) {
 
     var config = {
@@ -7,7 +10,7 @@ module.exports = function(opts) {
             max: 10, 
             idleTimeoutMillis: 1, 
             reapIntervalMillis: 1,
-            port: 6333 // TODO: read from test env ?
+            port: global.environment.redis.port
         }
     }
 

test/support/prepare_db.sh

@@ -16,20 +16,65 @@ die() {
         exit 1
 }
 
-TEST_DB="cartodb_test_user_1_db"
-REDIS_PORT=6333
+# This is where postgresql connection parameters are read from
+TESTENV=../../config/environments/test.js
+if [ \! -r ${TESTENV} ]; then
+  echo "Cannot read ${TESTENV}" >&2
+  exit 1
+fi
+
+TESTUSERID=1
+
+TESTUSER=`node -e "console.log(require('${TESTENV}').postgres_auth_user || '')"`
+if test -z "$TESTUSER"; then
+  echo "Missing postgres_auth_user from ${TESTENV}" >&2
+  exit 1
+fi
+TESTUSER=`echo ${TESTUSER} | sed "s/<%= user_id %>/${TESTUSERID}/"`
+
+TESTPASS=`node -e "console.log(require('${TESTENV}').postgres_auth_pass || 'test')"`
+# TODO: should postgres_auth_pass be optional ?
+if test -z "$TESTPASS"; then
+  echo "Missing postgres_auth_pass from ${TESTENV}" >&2
+  exit 1
+fi
+TESTPASS=`echo ${TESTPASS} | sed "s/<%= user_id %>/${TESTUSERID}/"`
+
+TEST_DB="${TESTUSER}_db"
+
+if test -z "$REDIS_PORT"; then REDIS_PORT=6333; fi
 
 echo "preparing postgres..."
 dropdb "${TEST_DB}"
 createdb -Ttemplate_postgis -EUTF8 "${TEST_DB}" || die "Could not create test database"
-psql "${TEST_DB}" < ./sql/windshaft.test.sql
-psql "${TEST_DB}" < ./sql/gadm4.sql
+
+PUBLICUSER=`node -e "console.log(require('${TESTENV}').postgres.user || 'xxx')"`
+PUBLICPASS=`node -e "console.log(require('${TESTENV}').postgres.password || 'xxx')"`
+echo "PUBLICUSER: ${PUBLICUSER}"
+echo "PUBLICPASS: ${PUBLICPASS}"
+echo "TESTUSER: ${TESTUSER}"
+echo "TESTPASS: ${TESTPASS}"
+
+cat sql/windshaft.test.sql sql/gadm4.sql |
+  sed "s/:PUBLICUSER/${PUBLICUSER}/" | 
+  sed "s/:PUBLICPASS/${PUBLICPASS}/" | 
+  sed "s/:TESTUSER/${TESTUSER}/" | 
+  sed "s/:TESTPASS/${TESTPASS}/" | 
+  psql ${TEST_DB}
 
 echo "preparing redis..."
-echo "HSET rails:users:localhost id 1" | redis-cli -p ${REDIS_PORT} -n 5
+echo "HSET rails:users:localhost id ${TESTUSERID}" | redis-cli -p ${REDIS_PORT} -n 5
 echo 'HSET rails:users:localhost database_name "'"${TEST_DB}"'"' | redis-cli -p ${REDIS_PORT} -n 5
 echo "HSET rails:users:localhost map_key 1234" | redis-cli -p ${REDIS_PORT} -n 5
 echo "SADD rails:users:localhost:map_key 1235" | redis-cli -p ${REDIS_PORT} -n 5
+
+# A user configured as with cartodb-2.5.0+ 
+echo "HSET rails:users:cartodb250user id ${TESTUSERID}" | redis-cli -p ${REDIS_PORT} -n 5
+echo 'HSET rails:users:cartodb250user database_name "'${TEST_DB}'"' | redis-cli -p ${REDIS_PORT} -n 5
+echo 'HSET rails:users:cartodb250user database_host "localhost"' | redis-cli -p ${REDIS_PORT} -n 5
+echo 'HSET rails:users:cartodb250user database_password "'${TESTPASS}'"' | redis-cli -p ${REDIS_PORT} -n 5
+echo "HSET rails:users:cartodb250user map_key 4321" | redis-cli -p ${REDIS_PORT} -n 5
+
 echo 'HSET rails:'"${TEST_DB}"':my_table infowindow "this, that, the other"' | redis-cli -p ${REDIS_PORT} -n 0
 echo 'HSET rails:'"${TEST_DB}"':test_table_private_1 privacy "0"' | redis-cli -p ${REDIS_PORT} -n 0
 

test/support/sql/gadm4.sql

@@ -22,15 +22,15 @@ CREATE TABLE gadm4 (
     the_geom_webmercator geometry(MultiPolygon,3857)
 );
 
-GRANT ALL ON TABLE gadm4 TO postgres;
-GRANT ALL ON TABLE gadm4 TO publicuser;
+--GRANT ALL ON TABLE gadm4 TO postgres;
+GRANT ALL ON TABLE gadm4 TO :PUBLICUSER;
 CREATE SEQUENCE gadm4_seq
     START WITH 1
     INCREMENT BY 1
     NO MINVALUE
     NO MAXVALUE
     CACHE 1;
-ALTER TABLE public.gadm4_seq OWNER TO postgres;
+--ALTER TABLE public.gadm4_seq OWNER TO postgres;
 SELECT pg_catalog.setval('gadm4_seq', 58, false);
 ALTER TABLE gadm4 ALTER COLUMN cartodb_id SET DEFAULT nextval('gadm4_seq'::regclass);
 
@@ -98,6 +98,6 @@ ALTER TABLE ONLY gadm4
 
 CREATE INDEX bdll25_provincias_4326_2_the_geom_webmercator_idx ON gadm4 USING gist (the_geom_webmercator);
 
-GRANT ALL ON TABLE gadm4 TO test_cartodb_user_1;
-GRANT SELECT ON TABLE gadm4 TO publicuser;
+GRANT ALL ON TABLE gadm4 TO :TESTUSER;
+GRANT SELECT ON TABLE gadm4 TO :PUBLICUSER;
 

test/support/sql/windshaft.test.sql

@@ -15,11 +15,13 @@ SET search_path = public, pg_catalog;
 SET default_tablespace = '';
 SET default_with_oids = false;
 
--- publicuser role
-CREATE USER publicuser;
+-- public user role
+DROP USER IF EXISTS :PUBLICUSER;
+CREATE USER :PUBLICUSER WITH PASSWORD ':PUBLICPASS';
 
 -- db owner role
-CREATE USER test_cartodb_user_1;
+DROP USER IF EXISTS :TESTUSER;
+CREATE USER :TESTUSER WITH PASSWORD ':TESTPASS';
 
 -- first table
 CREATE TABLE test_table (
@@ -63,8 +65,8 @@ ALTER TABLE ONLY test_table ADD CONSTRAINT test_table_pkey PRIMARY KEY (cartodb_
 CREATE INDEX test_table_the_geom_idx ON test_table USING gist (the_geom);
 CREATE INDEX test_table_the_geom_webmercator_idx ON test_table USING gist (the_geom_webmercator);
 
-GRANT ALL ON TABLE test_table TO test_cartodb_user_1;
-GRANT SELECT ON TABLE test_table TO publicuser;
+GRANT ALL ON TABLE test_table TO :TESTUSER;
+GRANT SELECT ON TABLE test_table TO :PUBLICUSER;
 
 -- second table
 CREATE TABLE test_table_2 (
@@ -108,8 +110,8 @@ ALTER TABLE ONLY test_table_2 ADD CONSTRAINT test_table_2_pkey PRIMARY KEY (cart
 CREATE INDEX test_table_2_the_geom_idx ON test_table_2 USING gist (the_geom);
 CREATE INDEX test_table_2_the_geom_webmercator_idx ON test_table_2 USING gist (the_geom_webmercator);
 
-GRANT ALL ON TABLE test_table_2 TO test_cartodb_user_1;
-GRANT SELECT ON TABLE test_table_2 TO publicuser;
+GRANT ALL ON TABLE test_table_2 TO :TESTUSER;
+GRANT SELECT ON TABLE test_table_2 TO :PUBLICUSER;
 
 -- third table
 CREATE TABLE test_table_3 (
@@ -153,8 +155,8 @@ ALTER TABLE ONLY test_table_3 ADD CONSTRAINT test_table_3_pkey PRIMARY KEY (cart
 CREATE INDEX test_table_3_the_geom_idx ON test_table_3 USING gist (the_geom);
 CREATE INDEX test_table_3_the_geom_webmercator_idx ON test_table_3 USING gist (the_geom_webmercator);
 
-GRANT ALL ON TABLE test_table_3 TO test_cartodb_user_1;
-GRANT SELECT ON TABLE test_table_3 TO publicuser;
+GRANT ALL ON TABLE test_table_3 TO :TESTUSER;
+GRANT SELECT ON TABLE test_table_3 TO :PUBLICUSER;
 
 -- private table
 CREATE TABLE test_table_private_1 (
@@ -173,4 +175,4 @@ CREATE TABLE test_table_private_1 (
     CONSTRAINT enforce_srid_the_geom_webmercator CHECK ((st_srid(the_geom_webmercator) = 3857))
 );
 
-GRANT ALL ON TABLE test_table_private_1 TO test_cartodb_user_1;
+GRANT ALL ON TABLE test_table_private_1 TO :TESTUSER;

test/unit/cartodb/redis_pool.test.js

@@ -1,61 +0,0 @@
-var assert = require('../../support/assert')
-  , _ = require('underscore')
-  , RedisPool = require('../../../lib/cartodb/redis_pool')
-  , tests = module.exports = {};
-
-suite('redis_pool', function() {
-
-    // configure redis pool instance to use in tests
-    var test_opts = require('../../support/config').redis_pool;
-    
-    var redis_pool = new RedisPool(test_opts);
-
-    test('RedisPool object exists', function(done){
-      assert.ok(RedisPool);
-      done();
-    });
-    
-    test('RedisPool can create new redis_pool objects with default settings', function(done){
-      var redis_pool = new RedisPool();
-      done();
-    });
-    
-    test('RedisPool can create new redis_pool objects with specific settings', function(done){
-      var redis_pool = new RedisPool(_.extend({host:'127.0.0.1', port: '6379'}, test_opts));
-      done();
-    });
-    
-    
-    test('pool object has an acquire function', function(done){
-      var found=false;
-      var functions = _.functions(redis_pool);
-      for (var i=0; i<functions.length; ++i) {
-          if ( functions[i] == 'acquire' ) { found=true; break; }
-      }
-      assert.ok(found);
-      done();
-    });
-    
-    test('calling aquire returns a redis client object that can get/set', function(done){
-      redis_pool.acquire(0, function(err, client){
-        client.set("key","value");
-        client.get("key", function(err,data){      
-          assert.equal(data, "value");      
-          redis_pool.release(0, client); // needed to exit tests
-          done();
-        })
-      });    
-    });
-    
-    test('calling aquire on another DB returns a redis client object that can get/set', function(done){
-      redis_pool.acquire(2, function(err, client){
-        client.set("key","value");
-        client.get("key", function(err,data){      
-          assert.equal(data, "value");      
-          redis_pool.release(2, client); // needed to exit tests
-          done();
-        })
-      });      
-    });
-
-});

test/unit/cartodb/req2params.test.js

@@ -20,8 +20,8 @@ suite('req2params', function() {
           assert.ok(!req.query.hasOwnProperty('dbuser'), 'dbuser was removed from query');
           assert.ok(req.hasOwnProperty('params'), 'request has params');
           assert.ok(req.params.hasOwnProperty('interactivity'), 'request params have interactivity');
-          assert.equal(req.params.dbname, 'cartodb_test_user_1_db', 'could forge dbname: '+ req.params.dbname);
-          assert.ok(!req.hasOwnProperty('dbuser'), 'could inject dbuser ('+req.params.dbuser+')');
+          assert.equal(req.params.dbname, 'test_cartodb_user_1_db', 'could forge dbname: '+ req.params.dbname);
+          assert.ok(!req.params.hasOwnProperty('dbuser'), 'could inject dbuser ('+req.params.dbuser+')');
           done();
       });
     });
@@ -35,7 +35,7 @@ suite('req2params', function() {
           assert.ok(req.hasOwnProperty('params'), 'request has params');
           assert.ok(req.params.hasOwnProperty('interactivity'), 'request params have interactivity');
           // database_name for user "localhost" (see test/support/prepare_db.sh)
-          assert.equal(req.params.dbname, 'cartodb_test_user_1_db');
+          assert.equal(req.params.dbname, 'test_cartodb_user_1_db');
           // unauthenticated request gets no dbuser
           assert.ok(!req.params.hasOwnProperty('dbuser'), 'could inject dbuser ('+req.params.dbuser+')');
           done();
@@ -51,13 +51,13 @@ suite('req2params', function() {
           assert.ok(req.hasOwnProperty('params'), 'request has params');
           assert.ok(req.params.hasOwnProperty('interactivity'), 'request params have interactivity');
           // database_name for user "localhost" (see test/support/prepare_db.sh)
-          assert.equal(req.params.dbname, 'cartodb_test_user_1_db');
+          assert.equal(req.params.dbname, 'test_cartodb_user_1_db');
           // id for user "localhost" (see test/support/prepare_db.sh)
-          assert.equal(req.dbuser, 'test_cartodb_user_1');
+          assert.equal(req.params.dbuser, 'test_cartodb_user_1');
  
           opts.req2params({headers: { host:'localhost' }, query: {map_key: '1235'} }, function(err, req) {
               // wrong key resets params to no user
-              assert.ok(!req.hasOwnProperty('dbuser'), 'could inject dbuser ('+req.params.dbuser+')');
+              assert.ok(!req.params.hasOwnProperty('dbuser'), 'could inject dbuser ('+req.params.dbuser+')');
               done();
           });
       });

tools/multilayer_token

@@ -23,11 +23,11 @@ if test -z "$cfg"; then
   exit 1
 fi
 
-cmd="curl -skH Content-Type:application/json --data-binary @${cfg} ${tiler_url}"
+cmd="curl -skH Content-Type:application/json --data-binary @- ${tiler_url}"
 if test x${verbose} = xyes; then
   cmd="${cmd} -v"
 fi
-res=`${cmd}`
+res=`cat ${cfg} | tr '\n' ' ' | ${cmd}`
 if test $? -gt 0; then
   echo "curl command failed: ${cmd}"
 fi