Allow API access to public data without a key

[dlebauer]

Currently, anyone can access public data with a 'public' key, i.e.

The guest user API key is 9999999999999999999999999999999999999999, and this can be used by anyone to access the metadata tables as well as to any traits records with access_level = 4, i.e.:

https://betydb.org/api/v1/treatments?key=9999999999999999999999999999999999999999

It is difficult to remember this key, so one option would be to change the key to something like 'publickey', but @robkooper suggested the following feature request:

Change the API so that the key parameter is optional; if no key is provided, the request is handled as the guest user.

[serbinsh]

@dlebauer how do I implement the "guest user" on modex bety so we can enable that API key to access the DB? I tried it out on our system and received an API warning

{
  "metadata": {
    "URI": "https://modex.bnl.gov/bety/api/beta/species?limit=250&scientificname=Citrus+%C3%97+sinensis",
    "timestamp": "2019-01-15T08:22:41.820-05:00",
    "count": null
  },
  "errors": "authentication failed: For key-less access to the API, you must set up the guest user account."
}

[robkooper]

Make sure guest user does not exist (all commands are run on bety database):

SELECT count(id) FROM users WHERE login='guestuser';

If this is non zero you have a guest user already

Add guest user:

INSERT INTO users (login, name, email, crypted_password, salt, city, state_prov, postal_code, country, area, access_level, page_access_level, created_at, updated_at, apikey, remember_token, remember_token_expires_at) 
  VALUES ('guestuser', 'guestuser', 'betydb+guestuser@gmail.com', '994363a949b6486fc7ea54bf40335127f5413318', 'bety', 'Urbana', 'IL', '61801', 'USA', '', 4, 4, NOW(), NOW(), NULL, NULL, NULL);

(edit: fixed bad insert, see below)

[serbinsh]

Thanks @robkooper Here is my current issue

[sserbin@modex ~]$ psql -d bety -U bety
psql (9.4.20)
Type "help" for help.

bety=> SELECT count(id) FROM users WHERE login='guestuser';
 count
-------
     0
(1 row)

bety=> INSERT INTO users (login, name, email, crypted_password, salt, city, state_prov, postal_code, country, area, access_level, page_access_level, created_at, updated_at, apikey, remember_token, remember_token_expires_at)
bety->   VALUES ('guestuser', 'guestuser', 'betydb+${ID}@gmail.com', '994363a949b6486fc7ea54bf40335127f5413318', 'bety', 'Urbana', 'IL', '61801', 'USA', '', 4, 4, NOW(), NOW(), NULL, NULL, NULL);
ERROR:  new row for relation "users" violates check constraint "well_formed_user_email"
DETAIL:  Failing row contains (2000001815, guestuser, guestuser, betydb+${ID}@gmail.com, Urbana, USA, , 994363a949b6486fc7ea54bf40335127f5413318, bety, 2019-01-15 12:05:05.557649, 2019-01-15 12:05:05.557649, null, null, 4, 4, null, IL, 61801).
bety=>

I get
ERROR: new row for relation "users" violates check constraint "well_formed_user_email"
DETAIL: Failing row contains (2000001815, guestuser, guestuser, betydb+${ID}@gmail.com,

[robkooper]

My bad, bad copy paste.

Try:

INSERT INTO users (login, name, email, crypted_password, salt, city, state_prov, postal_code, country, area, access_level, page_access_level, created_at, updated_at, apikey, remember_token, remember_token_expires_at) 
  VALUES ('guestuser', 'guestuser', 'betydb+guestuser@gmail.com', '994363a949b6486fc7ea54bf40335127f5413318', 'bety', 'Urbana', 'IL', '61801', 'USA', '', 4, 4, NOW(), NOW(), NULL, NULL, NULL);

[serbinsh]

bety=> INSERT INTO users (login, name, email, crypted_password, salt, city, state_prov, postal_code, country, area, access_level, page_access_level, created_at, updated_at, apikey, remember_token, remember_token_expires_at) VALUES ('guestuser', 'guestuser', 'betydb+guestuser@gmail.com', '994363a949b6486fc7ea54bf40335127f5413318', 'bety', 'Urbana', 'IL', '61801', 'USA', '', 4, 4, NOW(), NOW(), NULL, NULL, NULL);
INSERT 0 1

bety=> SELECT count(id) FROM users WHERE login='guestuser';
 count
-------
     1
(1 row)

Thanks!!

[serbinsh]

working now!

  "metadata": {
    "URI": "https://modex.bnl.gov/bety/api/beta/species?limit=250&scientificname=Citrus+%C3%97+sinensis",
    "timestamp": "2019-01-15T12:17:43.943-05:00",
    "count": 1
  },
  "data": [
    {
      "species": {
        "id": 2721,
        "spcd": null,
        "genus": "Citrus",
        "species": "× sinensis",
        "scientificname": "Citrus × sinensis",
        "commonname": "sweet orange",
        "notes": "",
        "created_at": "2010-10-22 08:59:26 -0500",
        "updated_at": "2015-03-16 15:27:52 -0500",
        "AcceptedSymbol": "CISI3",
        "SynonymSymbol": "",
        "Symbol": "CISI3",
        "PLANTS_Floristic_Area": "NA (L48), PR, VI",
        "State": "<strong>USA</strong> (FL, LA), <strong>USA+</strong> (PR, VI)",
        "Category": "Dicot",
        "Family": "Rutaceae",
        "FamilySymbol": "RUTACE",
        "FamilyCommonName": "Rue family",
        "xOrder": "Sapindales",
        "SubClass": "Rosidae",
        "Class": "Magnoliopsida",
        "SubDivision": "",
        "Division": "Magnoliophyta",
        "SuperDivision": "Spermatophyta",
        "SubKingdom": "Tracheobionta",
        "Kingdom": "Plantae",
        "ITIS_TSN": 0,
        "Duration": "Perennial",
        "GrowthHabit": "Shrub, Tree",
        "NativeStatus": "L48 (I), PR (I), VI (I)",
        "NationalWetlandIndicatorStatus": "",
        "RegionalWetlandIndicatorStatus": "",
        "ActiveGrowthPeriod": "",
        "AfterHarvestRegrowthRate": "",
        "Bloat": "",
        "C2N_Ratio": "",
        "CoppicePotential": "",
        "FallConspicuous": "",
        "FireResistance": "",
        "FoliageTexture": "",
        "GrowthForm": "",
        "GrowthRate": "",
        "MaxHeight20Yrs": 0,
        "MatureHeight": 0,
        "KnownAllelopath": "",
        "LeafRetention": "",
        "Lifespan": "",
        "LowGrowingGrass": "",
        "NitrogenFixation": "",
        "ResproutAbility": "",
        "AdaptedCoarseSoils": "",
        "AdaptedMediumSoils": "",
        "AdaptedFineSoils": "",
        "AnaerobicTolerance": "",
        "CaCO3Tolerance": "",
        "ColdStratification": "",
        "DroughtTolerance": "",
        "FertilityRequirement": "",
        "FireTolerance": "",
        "MinFrostFreeDays": 0,
        "HedgeTolerance": "",
        "MoistureUse": "",
        "pH_Minimum": "0.0",
        "pH_Maximum": "0.0",
        "Min_PlantingDensity": 0,
        "Max_PlantingDensity": 0,
        "Precipitation_Minimum": 0,
        "Precipitation_Maximum": 0,
        "RootDepthMinimum": 0,
        "SalinityTolerance": "",
        "ShadeTolerance": "",
        "TemperatureMinimum": 0,
        "BloomPeriod": "",
        "CommercialAvailability": "",
        "FruitSeedPeriodBegin": "",
        "FruitSeedPeriodEnd": "",
        "Propogated_by_BareRoot": "",
        "Propogated_by_Bulbs": "",
        "Propogated_by_Container": "",
        "Propogated_by_Corms": "",
        "Propogated_by_Cuttings": "",
        "Propogated_by_Seed": "",
        "Propogated_by_Sod": "",
        "Propogated_by_Sprigs": "",
        "Propogated_by_Tubers": "",
        "Seeds_per_Pound": 0,
        "SeedSpreadRate": "",
        "SeedlingVigor": "",
        "number of associated pfts": 5,
        "number of associated yields": 0,
        "number of associated traits": 2,
        "number of associated cultivars": 0,
        "view_url": "https://modex.bnl.gov/bety/species/2721",
        "edit_url": "https://modex.bnl.gov/bety/species/2721/edit"
      }
    }
  ]
}