Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make batch queries usable with regular API keys #621

Open
jgoizueta opened this issue Oct 3, 2019 · 1 comment
Open

Make batch queries usable with regular API keys #621

jgoizueta opened this issue Oct 3, 2019 · 1 comment
Labels
enhancement

Comments

@jgoizueta
Copy link
Contributor

Batch queries can only be used with the master key.
This probably was done to facilitate the primary original use of batch queries to execute camshaft analyses, which require access to some internal tables, and the creation of new cache tables which wasn't possible with non-master keys at the time.

These restrictions shouldn't be a problem now: camshaft/Builder will always use master keys to execute queries, and api keys currently allow the creation of tables.

Now, batch queries are very useful for some Dataset operations performed in CartoFrames, because they allow lengthy operations such as data uploads or some analyses that would exceed regular timeouts. But this forces the users to use master keys to be able to perform such operations. This is a serious limitations, since many applications of cartoframes and notebooks would benefit of being able to work with ad hoc API keys.

So it would be valuable to remove the restriction of requiring master keys for batch queries.

cc/ @dgaubert
@dgaubert
Copy link
Contributor

dgaubert commented Oct 4, 2019
edited
Loading

This probably was done to facilitate the primary original use of batch queries to execute camshaft analyses.

It was the other way around. While we were implementing regular api-keys we decided to limit batch queries to be only used by master api-keys for the reasons that @jgoizueta mentioned above.

While Builder and embed (named) maps keep using master api-key internally, I guess we can remove the current restriction to create batch queries and open to regular api-keys as well. In any case, we need to double-check it.

  • default_public shouldn't be able to create batch queries.
  • regular api-key should be able to create batch queries. It may fail if the regular api-key has not the right permissions to read or write a table/view/whatever.
  • master api-key should be able to create batch queries and has permissions to any operation.

For that, we need to modify job creation and be able to store for the job the database credentials of the regular/master api-key. Currently, we are using master api-key always. See: https://github.com/CartoDB/CartoDB-SQL-API/blob/4.0.0/app/controllers/job_controller.js#L127-L135

@alrocar alrocar mentioned this issue Nov 11, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgoizueta @dgaubert