* adapted public api route for use with ajax
* Elegant error handling
* Fixed error return
* Public API error flow redone, tests
* Fixed code to pre-build form
* Public API change password return params
* Reverted errors in resetPassword
* Fixed querystring call
* Success test on ajax password reset
* Added few more routes to tests for coverage
* More tests and redone error return slightly
* Updated error text
* Console logs removal, renamed test, added {} to if
* Wrong error sent
* Revert changes
* Revert "Revert changes"
This reverts commit 68ee2c44bf2411ca8b56b039a4d490a7e2f99ae9.
* real revert of {}
* nits and test fix
* fix tests
* throw proper error
* Auth module refactoring in order to be reusable
* Ensure cache controller is properly forwarded from helpers
* Nits
* Adds support for static validation
* Adds support for CLP in Live query (no support for roles yet)
* Adds e2e test to validate liveQuery hooks is properly called
* Adds tests over LiveQueryController to ensure data is correctly transmitted
* nits
* Fixes for flow types
* Removes usage of Parse.Promise
* Use the Auth module for authentication and caches
* Cleaner implementation of getting auth
* Adds authCache that stores auth promises
* Proper testing of the caching
* nits
* Fixes an issue that would let the beforeDelete be called when user has no access to the object
* Ensure we properly lock user
- Improves find method so we can attempt to read for a write poking the right ACL instead of using masterKey
- This ensure we do not run beforeDelete/beforeFind/beforeSave in the wrong scenarios
* nits
* Caps insufficient
* Added verify password to users router and tests.
* Added more tests to support more coverage.
* Added additional tests to spec. Removed condition from verifyPassword function where authData null keys condition wasn't necessary.
* Removed POST handling from verifyPassword.
* Refactored handleLogin and handleVerifyPassword to use shared helper function to validate the password provided in the request.
* Refactored verifyPassword and login to not use try/catch. Parent promise returns the error. Moved login specific functions to login handler.
* Added account lockout policy to verify password function. Added test spec for account lockout in verify password.
* no message
* Merged new changes from master. Made changes as requested from comments.
* We cannot remove hidden properties from the helper before returning to the login function. The password expiration check in the login function is dependent on some hidden properties, otherwise three password policy tests fail.
* Allows masterKey to lock _User object and prevent login with email / password
* Ensure the authData based auth can be locked out as well when accounts is masterKey only
* Fix "undefined property '__op'" in postgres update
This causes a TypeError which becomes a regular Error,
before the update can be issued. (I think)
This happens when there is an object schema,
and there is also an unrelated field in originalUpdate
which is null or undefined.
e.g. when 'location' is a mandatory object in postgres,
and 'middleName' is an optional string,
PostgresStorageAdapter would throw when a query similar
to the below was performed:
(Object.keys(originalUpdate) would include "middleName" as a value of `k`)
query.set('location', {'country': 'US'})
query.set('middleName', undefined);
* Fix lint error
* Add Indexes to Schema API
* error handling
* ci errors
* postgres support
* full text compound indexes
* pg clean up
* get indexes on startup
* test compound index on startup
* add default _id to index, full Text index on startup
* lint
* fix test
* let travis build against 3.x
* Cleanup dependencies and bump min version to current LTS
* Makes npm-git push all branches to -preview
* restores releases
* Bumps mime to 2.0.3 (requires node 6+)
* Bumps express to latest version
* Fixes linting issue after upgrade
* Use travis-branch for partial releases
* Support for Aggregate Queries
* improve pg and coverage
* Mongo 3.4 aggregates and tests
* replace _id with objectId
* improve tests for objectId
* project with group query
* typo
* Fix for unhandled undefined config
When an invalid application id is passed either for reset/change password or email verification, config.get returns undefined. This causes internal server.
* Throwing a 403 exception instead of returning a 404 for an invalid app id
Also, added a missing semicolon
* Fix indent issues
* Fix invalid colon to semicolon
* Fix space and indent issues
* Tests for the fix for unhandled undefined config
* Adds flow types / Configuration interfaces
* Lets call it options
* Use a single interface to generate the configurations
* Translates options to definitions only if comments are set
* improves logic
* Moves objects around
* Fixes issue affecting logging of circular objects
* fixes undefined env
* Moves all defaults to defaults
* Adds back CLI defaults
* Restored defaults in commander.js
* Merge provided defaults and platform defaults
* Addresses visual nits
* Improves Config.js code
* Adds ability to pass the default value in trailing comments
* Load platform defaults from the definitions file
* proper default values on various options
* Adds ParseServer.start and server.start(options) as quick startup methods
* Moves creating liveQueryServer http into ParseServer.js
* removes dead code
* Adds tests to guarantee we can start a LQ Server from main module
* Fixes incorrect code regading liveQuery init port
* Start a http server for LQ if port is specified
* ensure we dont fail if config.port is not set
* Specify port
* ignore other path skipped in tests
* Adds test for custom middleware setting
* Refactors new Config into Config.get
- Hides AppCache from ParseServer.js, use Config.put which validates
* Extracts controller creation into Controllers/index.js
- This makes the ParseServer init way simpler
* Move serverURL inference into ParseServer
* review nits
* add the client ip to the request config object
* add the config ip to the trigger request object
* add the config ip to the functions request object
* add tests
* remove log
* remove log
* Makes InstallationRouter like others
* Adds testing for Range file requests
- Fixes issue with small requests (0-2)
* Revert "Makes InstallationRouter like others"
This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6.
* Better handling of errors in FilesRouter
* Fix incorrectness in range requests
* Better/simpler logic
* Only on mongo at it requires Gridstore
* Open file streaming to all adapters supporting it
* Improves coverage of parsers
* Ensures depreciation warning is effective
* Removes unused function
* de-duplicate logic
* Removes necessity of overriding req.params.className on subclasses routers
* Use babel-preset-env to ensure min-version compatible code
* removes dead code
* Leverage indexes in order to infer which field is duplicated upon signup
- A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated
* Small nit
* Better template to match column name
* Restores original implementation for safety
* nits
* Adds support for localized push data keys
- passign alert-[lang|locale] or title-[lang|locale] will inject the
proper locale on the push body based on the installation
* Better handling of the default cases
* Updates changelog
* nits
* nits
* Adds back _JobSchedule as volatile class
* wip
* Restores jobs endpoints for creation, update and deletion
* Adds tests
* Fixes postgres tests
* Enforce jobName exists before creating a schedule
* Use RestWrite when verifying emails so hooks are called (as master)
* Fixes tests for postgres
* nit
* Makes rest.update support a full where instead of objectId
* Use rest.update to guaranteed proper beforeSave and liveQuery calls
