* added ignore authData field
* add fix for Postgres
* add test for mongoDB
* add test login with provider despite invalid authData
* removed fit
* fixed ignoring authData in postgres
* Fix postgres test
* Throw error instead of ignore
* improve tests
* Add mongo test
* allow authData when not user class
* fix tests
* more tests
* add condition to synthesize authData field only in _User class
it is forbidden to add a custom field name beginning with `_`, so if the object is not `_User` , the transform should throw
* add warning log when ignoring invalid `authData` in `_User`
* add test to throw when custom field begins with underscore
The method `createSessionToken` in RestWrite.js is assumed to always return a promise (see Line 961 in `handleFollowUp`) - this was throwing an error `cannot read 'then' of undefined`. This simply one word change fixes that error.
* Add field options to mongo schema metadata
* Add/fix test with fields options
* Add required validation failing test
* Add more tests
* Only set default value if field is undefined
* Fix redis test
* Fix tests
* Test for creating a new class with field options
* Validate default value type
* fix lint (weird)
* Fix lint another way
* Add tests for beforeSave trigger and solve small issue regarding the use of unset in the beforeSave trigger
* make possible to alter response using the after save trigger like for after find
* code clearing to follow same object checking
* remove console log debug
* fix test unit
* Add beforeLogin trigger with support for auth providers
* adjust comment that boxed off beforeLogin to a negative use-case only
* add internal error to help future maintainers regarding use of beforeLogin
* let beforeLogin accept className or constructor like other hook types
* add assertions for beforeLogin trigger className validation
* Auth module refactoring in order to be reusable
* Ensure cache controller is properly forwarded from helpers
* Nits
* Adds support for static validation
* Adds support for CLP in Live query (no support for roles yet)
* Adds e2e test to validate liveQuery hooks is properly called
* Adds tests over LiveQueryController to ensure data is correctly transmitted
* nits
* Fixes for flow types
* Removes usage of Parse.Promise
* Use the Auth module for authentication and caches
* Cleaner implementation of getting auth
* Adds authCache that stores auth promises
* Proper testing of the caching
* nits
* Fixes an issue that would let the beforeDelete be called when user has no access to the object
* Ensure we properly lock user
- Improves find method so we can attempt to read for a write poking the right ACL instead of using masterKey
- This ensure we do not run beforeDelete/beforeFind/beforeSave in the wrong scenarios
* nits
* Caps insufficient
* Allows masterKey to lock _User object and prevent login with email / password
* Ensure the authData based auth can be locked out as well when accounts is masterKey only
* Fixes an issue where a beforeSave hook could cause a numeric val to be dropped in response.
* Use hasOwnProperty to check instead
* Remove redundant set
* Tweaks test in order to show the error
- Session is effectively created when it should not
* Do not create a session when users need verified accounts on signup
* Adds test to repro the issue
* Improved test
* Destroy duplicate sessions for User/Installation-id pair
- Sessions will also be created with action login instead of signup when using 3rd party auth
* Makes sure we don't override roles
* Reduces the query size whith pointer permissions
- Does not return as $and if not needed
- Returns just the query with the additional constraint
* Do not use $in if include is just of length 1
* Makes InstallationRouter like others
* Adds testing for Range file requests
- Fixes issue with small requests (0-2)
* Revert "Makes InstallationRouter like others"
This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6.
* Better handling of errors in FilesRouter
* Fix incorrectness in range requests
* Better/simpler logic
* Only on mongo at it requires Gridstore
* Open file streaming to all adapters supporting it
* Improves coverage of parsers
* Ensures depreciation warning is effective
* Removes unused function
* de-duplicate logic
* Removes necessity of overriding req.params.className on subclasses routers
* Use babel-preset-env to ensure min-version compatible code
* removes dead code
* Leverage indexes in order to infer which field is duplicated upon signup
- A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated
* Small nit
* Better template to match column name
* Restores original implementation for safety
* nits
* Adds failing test,
the _User object is not updated as soon as you pass some authData part of the PUT
* Do not run the DB call when updating the user with new auth data, just part of the rest
* The 'beforeSave' trigger breaks requests using the dot notation for subdocuments (cf #567)
* Convert 'var' to 'let' / 'const'
* Convert 'var' to 'const'
* Use RestWrite when verifying emails so hooks are called (as master)
* Fixes tests for postgres
* nit
* Makes rest.update support a full where instead of objectId
* Use rest.update to guaranteed proper beforeSave and liveQuery calls
* Adds test for the new feature
* Re-validate authData only if mutated
- In case of short-lived tokens (like facebook) this will allow clients to be lax with asking users to re-login
