hampelm
commented
7 years ago even simpler:
- read-only user
- read & write user
- config value for write token
- POST /data
- GET /data?sql=
- Serves vector tiles
- Maybe: POST /layers with SQL
Open hampelm opened 9 years ago
hampelm
commented
7 years ago even simpler:
Not really even close to cartodb
Single-user to start? (Could be multi-user if privs are just GRANT'ed on a per-table basis to users...)
How to sanitize queries and manage permissions? Don't worry, just use Postgres permissions for now!
When authenticated: user gets more db privs (write, drop, etc)
When unauthenticated: just read privs
POST /user/loginPOST /data-- send a shapefile, geojson, whatever to create a tableGET /tables-- list all the tablesGET /tables/:table-name/?sql=select * from foo where-- run arbitrary sql to get geojsonPOST /tables/:table-name/tiles...-- or something like that, create a styleHow to sanitize queries? Just rely on DB permissions.
GET /tables/:table-name/tiles/z/x/y.png?sql=...-- arbitrary tilesUses nodetiles for rendering.