joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add security check (#7247)

Browse Source 
* added Parse Server security option

* added SecurityRouter

* added Check class

* added CheckGroup class

* moved parameter validation to Utils

* added CheckRunner class

* added auto-run on server start

* added custom security checks as Parse Server option

* renamed script to check

* reformat log output

* added server config check

* improved contributing guideline

* improved contribution guide

* added check security log

* improved log format

* added checks

* fixed log fomat typo

* added database checks

* fixed database check

* removed database auth check in initial version

* improved contribution guide

* added security check tests

* fixed typo

* improved wording guidelines

* improved wording guidelines
This commit is contained in:
Manuel
2021-03-10 20:19:28 +01:00
committed by GitHub
parent 36c2608400
commit bee889a329
17 changed files with 1096 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/Options/index.js
View File

@@ -6,6 +6,7 @@ import { CacheAdapter } from '../Adapters/Cache/CacheAdapter';
import { MailAdapter } from '../Adapters/Email/MailAdapter';
import { PubSubAdapter } from '../Adapters/PubSub/PubSubAdapter';
import { WSSAdapter } from '../Adapters/WebSocketServer/WSSAdapter';
import { CheckGroup } from '../Security/CheckGroup';
// @flow
type Adapter<T> = string | any | T;
@@ -227,6 +228,20 @@ export interface ParseServerOptions {
serverStartComplete: ?(error: ?Error) => void;
/* Callback when server has closed */
serverCloseComplete: ?() => void;
/* The security options to identify and report weak security settings.
:DEFAULT: {} */
security: ?SecurityOptions;
}
export interface SecurityOptions {
/* Is true if Parse Server should check for weak security settings.
:DEFAULT: false */
enableCheck: ?boolean;
/* Is true if the security check report should be written to logs. This should only be enabled temporarily to not expose weak security settings in logs.
:DEFAULT: false */
enableCheckLog: ?boolean;
/* The security check groups to run. This allows to add custom security checks or override existing ones. Default are the groups defined in `CheckGroups.js`. */
checkGroups: ?(CheckGroup[]);
}
export interface PagesOptions {