BREAKING CHANGE: Fields in the internal scope of Parse Server (prefixed with underscore `_`) are only returned using the new `maintenanceKey`; previously the `masterKey` allowed reading of internal fields; see [access scopes](https://github.com/parse-community/parse-server#access-scopes) for a comparison of the keys' access permissions (#8212)
BREAKING CHANGE: The mechanism to determine the client IP address has been rewritten; to correctly determine the IP address it is now required to set the Parse Server option `trustProxy` accordingly if Parse Server runs behind a proxy server, see the express framework's [trust proxy](https://expressjs.com/en/guide/behind-proxies.html) setting (#8372)
BREAKING CHANGE: This release introduces the asynchronous initialization of Parse Server to prevent mounting Parse Server before being ready to receive request; it changes how Parse Server is imported, initialized and started; it also removes the callback `serverStartComplete`; see the [Parse Server 6 migration guide](https://github.com/parse-community/parse-server/blob/alpha/6.0.0.md) for more details (#8232)
BREAKING CHANGE: This release upgrades to Redis 4; if you are using the Redis cache adapter with Parse Server then this is a breaking change as the Redis client options have changed; see the [Redis migration guide](https://github.com/redis/node-redis/blob/redis%404.0.0/docs/v3-to-v4.md) for more details (#8293)
* added localized pages; added refactored page templates; adapted test cases; introduced localization test cases
* added changelog entry
* fixed test description typo
* fixed bug in PromiseRouter where headers are not added for text reponse
* added page parameters in page headers for programmatic use
* refactored tests for PublicAPIRouter
* added mustache lib for template rendering
* fixed fs.promises module reference
* fixed template placeholder typo
* changed redirect response to provide headers instead of query parameters
* fix lint
* fixed syntax errors and typos in html templates
* removed obsolete URI encoding
* added locale inferring from request body and header
* added end-to-end localizaton test
* added server option validation; refactored pages server option
* fixed invalid redirect URL for no locale matching file
* added end-to-end localizaton tests
* adapted tests to new response content
* re-added PublicAPIRouter; added PagesRouter as experimental feature
* refactored PagesRouter test structure
* added configuration option for custom path to pages
* added configuration option for custom endpoint to pages
* fixed lint
* added tests
* added a distinct page for invalid password reset link
* renamed generic page invalidLink to expiredVerificationLink
* improved HTML files documentation
* improved HTML files documentation
* changed changelog entry for experimental feature
* improved file naming to make it more descriptive
* fixed file naming and env parameter naming
* added readme entry
* fixed readme TOC - hasn't been updated in a while
* added localization with JSON resource
* added JSON localization to feature pages (password reset, email verification)
* updated readme
* updated readme
* optimized JSON localization for feature pages; added e2e test case
* fixed readme typo
* minor refactoring of existing tests
* fixed bug where Object type was not recognized as config key type
* added feature config placeholders
* prettier
* added passing locale to page config placeholder callback
* refactored passing locale to placeholder to pass test
* added config placeholder feature to README
* fixed typo in README
* Optimize query, fixes some null returns, fix stitched GraphQLUpload
* Fix authData key selection
* Prefer Iso string since other GraphQL solutions use this format
* fix tests
Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
* Allow real GraphQL Schema via ParseServer.start
* wip
* working
* tests ok
* add tests about enum/input use case
* Add async function based merge
* Better naming
* remove useless condition
* feat: add allowHeaders to Options
This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app.
* refactor: convert allowCrossDomain to generator to add appId in scope
This is necessary as the middleware may run in OPTIONS request that do not contain the appId within the header.
* chore: update Definitions and docs
* fix: update test to use new allowCrossDomain params
* chore: add tests for allowCustomDomain middleware re: allowHeadrs
* Support: serverCloseComplete option
Callback when server has fully shutdown.
Please check that all cases are covered.
* handle error on startup
* fix tests
* test workaround
* remove serverCloseComplete chech on startup failure
* fix(package): update mongodb to version 3.3.0
* chore(package): update lockfile package-lock.json
* Fix tests
* Fix GraphQL tests for read preference
* Fix mongo adapter deprecation notice
* Fix the way the connections are checked, return promise when shutting down mongo
* add parse-graph-ql configuration for class schema customisation
Not yet tested - essentially an RFC
* refactor and add graphql router, controller and config cache
* fix(GraphQLController): add missing check isEnabled
* chore(GraphQLController): remove awaits from cache put
* chore(GraphQLController): remove check for if its enabled
* refactor(GraphQLController): only use cache if mounted
* chore(GraphQLController): group all validation errors and throw at once
* chore(GraphQLSchema): move transformations into controller validation
* refactor(GraphQL): improve ctrl validation and fix schema usage of config
* refactor(GraphQLSchema): remove code related to additional schema
This code has been moved into a separate feature branch.
* fix(GraphQLSchema): fix incorrect default return type for class configs
* refactor(GraphQLSchema): update staleness check code to account for config
* fix(GraphQLServer): fix regressed tests due to internal schema changes
This will be followed up with a backwards compatability fix for the `ClassFields` issue to avoid breakages for our users
* refactor: rename to ParseGraphQLController for consistency
* fix(ParseGraphQLCtrl): numerous fixes for validity checking
Also includes some minor code refactoring
* chore(GraphQL): minor syntax cleanup
* fix(SchemaController): add _GraphQLConfig to volatile classes
* refactor(ParseGraphQLServer): return update config value in setGraphQLConfig
* testing(ParseGraphQL): add test cases for new graphQLConfig
* fix(GraphQLController): fix issue where config with multiple items was not being mapped to the db
* fix(postgres): add _GraphQLConfig default schema on load
fixes failing postgres tests
* GraphQL @mock directive (#5836)
* Add mock directive
* Include tests for @mock directive
* Fix existing tests due to the change from ClassFields to ClassCreateFields
* fix(parseClassMutations): safer type transformation based on input type
* fix(parseClassMutations): only define necessary input fields
* fix(GraphQL): fix incorrect import paths
* Add --graphQLSchema to CLI
* Add custom graphql schema instructions to readme file
* Update README.md
Co-Authored-By: Tom Fox <tomfox@surprises.io>
* Update src/Options/Definitions.js
Co-Authored-By: Tom Fox <tomfox@surprises.io>
* Update src/Options/docs.js
Co-Authored-By: Tom Fox <tomfox@surprises.io>
* Update src/Options/index.js
Co-Authored-By: Tom Fox <tomfox@surprises.io>
* Including GraphQL options in CLI - now it was auto-generated
* Improving the way that the headers are passed to the playground
* Including README notes about GraphQL
* Improving final text
`api.use('/', middleware, ...)` will end up calling `middleware` for _every_ request, even if no routers in the `...` part matches.
This is because passing a router to express is just like passing any other route handler. The only thing that happens when it doesn't match a route is that it calls `next`, but by that point, the middleware has already run.
The changes in the PR avoids adding the middleware twice for every route except file upload routes. Which will make express not call `allowCrossDomain` twice for every incoming request.
* Changing __indexBuildCompletionCallbackForTests callback to serverStartComplete
* Improving serverStartComplete callback to avoid production unhandled promise rejection
* Add test to check inexistence of unhandled promise rejection on server fail
* Removing some hooks delays
* Removing delay after reconfigureServer
* Improving code style
* Support direct access config
test options
* add test
* fix test
* fix definitions
* improve docs
* Update .travis.yml
* Revert "Update .travis.yml"
This reverts commit 407f1384953b64bad9e63068db8564c3584ca3a4.
* Fix failing tests
* just ignore the test for now.
* Bumping jasmine
* Fix pg unhandled exception
* Improving the way the test is fixed
* Fix unhandled failed promise in postgres test
* Solving unhandled promise fail on redis test
* Returning the excluded test
* Fixing package-lock
* Fix unhandled promise from redis test
* fix minor spelling mistake
* Always process userSensitiveFields if they exist
* Cover change to protectedFields
Add start of some more tests for protectedFields
which i need to do to document the feature.
* re-arrange promise deck chairs to not
swallow errors.
* remove noop code
* protect agains the case where options.protectedFields
is set without a _User permission.
* Silences warnings from mongodb client
* Update count, delete and finds to recommended implementations
* With new parser, readPref will be null by default
* Update flaky specs wih async/await style
* Adds gridstore adapter spec
* Use GridFSBucketStorage adapter
* Support for Aggregate Queries
* improve pg and coverage
* Mongo 3.4 aggregates and tests
* replace _id with objectId
* improve tests for objectId
* project with group query
* typo
