Move password masking functionality into LoggerController.
The is a more aggresive approach to masking password string in the logs.
Cleaning the url is still in the PromiseRouter because picking it out of the log string
would be fragile.
This will cause more log messages to be scanned for password strings, and may cause a password
string to be obsfucated that is not neccesarily part of parse internals -- but i think that is
still a good thing....
see: #2755 & #2680
* Lookup for email in username field to match docs if email is undefined
* Adds support for sendMail option to when email is selected
* Proper does not exists clause
* increased filename length to 36 to make sure clients display correct filename
* increased filename length to 36 to make sure clients display correct filename
* added uuid prefix to saved filenames
* Adds jobs endpoint protected by masterKey
* Adds connection timeout for 15 minutes in jobs
* Refactors pushStatusHandler into StatusHandler
* Adds reporting of _JobStatus
* Only accept strings as messages
* Adds test for masterKey basic auth
* Adds CloudCodeRouter for cloud_code endpoint of job status, enable Jobs feature on dashboard
* xit racing test
* Adds passing tests
* Better containsAll implementation
* Full Geopoint support, fix inverted lat/lng
* Adds support for $and operator / PointerPermissions specs
* Fix issue updating CLPs on schema
* Extends query support
* Adds RestCreate to the specs
* Adds User specs
* Adds error handlers for failing tests
* nits
* Proper JSON update of AuthData
* fix for #1259 with PG
* Fix for Installations _PushStatus test
* Adds support for GlobalConfig
* Enables relations tests
* Exclude spec as legacy
* Makes corner case for 1 in GlobalConfig
* Make parse-server cloud code logging much to parse.com legacy. (fixes#2501)
1. More closely mimic the wording. Include the user id.
2. Truncate input and result at 1k char.
3. Use more sensible metadata that would makes sense to index. The guideline I used was: if it makes sense to filter on, put it in metadata. If it makes sense to "free text" search on, then put it in the message.
- file and console output, logging an object does not do what on might expect. For example, logging a function's "params":
```
expected:
info: Ran cloud function aFunction for user qWHLVEsbEe with:
Input: {"foo":"bar","bar":"baz"}
Result: "it worked!" functionName=aFunction, params= { foo: "bar", "bar": baz }, user=qWHLVEsbEe
what you actually get:
info: Ran cloud function aFunction for user qWHLVEsbEe with:
Input: {"foo":"bar","bar":"baz"}
Result: "it worked!" functionName=aFunction, foo=bar, bar=baz, user=qWHLVEsbEe
```
- logging highly variable metadata is pretty useless for indexing when logs are sent to a logging repository like elastic search. In that use case, you want to index stuff you expect to filter on like user, hook type.
- finally, putting the same input and result data in both the metadata and the message makes each message much larger with no additional value (that I know of anyway :).
4. Change some of the naming of functions in trigger.js to make future work easier. I was confused about why there were three logging functions in trigger and it took me awhile to get that before hooks and after hooks are logged differently. I just changed the names to make it obvious at first glance.
5. Add some try/catches to help any future futzers see syntax errors, etc instead of just hanging.
Some log examples from unit test output:
```
info: Ran cloud function loggerTest for user YUD2os1i5B with:
Input: {}
Result: {} functionName=loggerTest, user=YUD2os1i5B
info: beforeSave triggered for MyObject for user nssehQ3wtz:
Input: {}
Result: {} className=MyObject, triggerType=beforeSave, user=nssehQ3wtz
info: afterSave triggered for MyObject for user XdznQgTD0p:
Input: {"createdAt":"2016-08-19T01:11:31.249Z","updatedAt":"2016-08-19T01:11:31.249Z","objectId":"POoOOLL89U"} className=MyObject, triggerType=afterSave, user=XdznQgTD0p
error: beforeSave failed for MyObject for user 7JHqCZgnhf:
Input: {}
Error: {"code":141,"message":"uh oh!"} className=MyObject, triggerType=beforeSave, code=141, message=uh oh!, user=7JHqCZgnhf
info: Ran cloud function aFunction for user YR3nOoT3r9 with:
Input: {"foo":"bar"}
Result: "it worked!" functionName=aFunction, user=YR3nOoT3r9
error: Failed running cloud function aFunction for user Xm6NpOyuMC with:
Input: {"foo":"bar"}
Error: {"code":141,"message":"it failed!"} functionName=aFunction, code=141, message=it failed!, user=Xm6NpOyuMC
info: Ran cloud function aFunction for user CK1lvkmaLg with:
Input: {"longString":"Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lobortis semper diam, ac euismod diam pharetra sed. Etiam eget efficitur neque. Proin nec diam mi. Sed ut purus dolor. Nulla nulla nibh, ornare vitae ornare et, scelerisque rutrum eros. Mauris venenatis tincidunt turpis a mollis. Donec gravida eget enim in luctus.\n\nSed porttitor commodo orci, ut pretium eros convallis eget. Curabitur pretium velit in odio dictum luctus. Vivamus ac tristique arcu, a semper tellus. Morbi euismod purus dapibus vestibulum sagittis. Nunc dapibus vehicula leo at scelerisque. Donec porta mauris quis nulla imperdiet consectetur. Curabitur sagittis eleifend arcu eget elementum. Aenean interdum tincidunt ornare. Pellentesque sit amet interdum tortor. Pellentesque blandit nisl eget euismod consequat. Etiam feugiat felis sit amet porta pulvinar. Lorem ipsum dolor sit amet, consectetur adipiscing elit.\n\nNulla faucibus sem ipsum, at rhoncus diam pulvinar at. Vivamus consectetur, diam... (truncated)
Result: {"longString":"Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lobortis semper diam, ac euismod diam pharetra sed. Etiam eget efficitur neque. Proin nec diam mi. Sed ut purus dolor. Nulla nulla nibh, ornare vitae ornare et, scelerisque rutrum eros. Mauris venenatis tincidunt turpis a mollis. Donec gravida eget enim in luctus.\n\nSed porttitor commodo orci, ut pretium eros convallis eget. Curabitur pretium velit in odio dictum luctus. Vivamus ac tristique arcu, a semper tellus. Morbi euismod purus dapibus vestibulum sagittis. Nunc dapibus vehicula leo at scelerisque. Donec porta mauris quis nulla imperdiet consectetur. Curabitur sagittis eleifend arcu eget elementum. Aenean interdum tincidunt ornare. Pellentesque sit amet interdum tortor. Pellentesque blandit nisl eget euismod consequat. Etiam feugiat felis sit amet porta pulvinar. Lorem ipsum dolor sit amet, consectetur adipiscing elit.\n\nNulla faucibus sem ipsum, at rhoncus diam pulvinar at. Vivamus consectetur, diam... (truncated) functionName=aFunction, user=CK1lvkmaLg
```
* Implement PR comments:
- add back params to metadata and add back to the test
- use screaming snake case for conts
* fix typo
* Adds files related tests through fs-adapter with PG
* Schema deletions implementations
* Adds Hooks spec
* Fix test
* Adds support for containsAll (numbers and strings)
* Better support for deleteFields and deleteClass
* Recursive JSON update for authData
* Adds node_modules to travis cache
* Disable temporarily to make tests pass
* Adds _perishable_token support for _User class
* ignore when a table creation fails at init (table exists)
* Adds support for AddUnique and Remove
* PG 9.4 compatible functions
* Re-enable tests
* nit
* Better handling of schema creation race
* Start DB runner from tests
* Connect GridstoreAdapter only when needed
* removes unused package
* better test errors reporting
* Adds support for __op.Delete
* Better test error reporting
* Makes sure all tests can run without crashing
* Use xdescribe to skip test suite
* Removes unused dependencies
* Let volatiles classes be created with PG on start
* Do not fail if class dont exist
* adds index.spec.js to the pg suite
* Use a new config each test to prevent side effects
* Enable EmailVerificationToken specs with pg
* Makes sure failure output is not cut
* Reduces number of ignored tests in ParseObject.spec
* Inspect reconfiguration errors
* Mark GlobalConfig is incompatible with PG
- Problem is with nested updates (param.prop = value)
* PG: Nested JSON queries and updates
- Adds support for nested json and . operator queries
- Adds debug support for PG adapter
- Adds loglevel support in helper
* Enable working specs in ParseUser
* Sets default logLevel in tests to undefined
* Adds File type support, retores purchaseValidation specs
* Adds support for updating jsonb objects
- Restores PushController tests
* Proper implementation of deleteByQuery and ORs
- Adds ParseInstallation spec to the test suite
* xit only failing tests
* Nit on ParseAPI spec
* add sorting operator
* properly bound order keys
* reverts describe_only_db behavior
* Enables passing tests
* Adds basic support for relations, upsertOneObject aliased to createObject
* progress on queries options
* Fix ACL update related problems
* Creates relation tables on class creation
* Adds Relation tests
* remove flaky tests
* use promises instead of CB
* disable flaky test
* nits
* Fixes on schema spec
- Next thing is to implemenet geopoint and files correctly
* fix failues
* Basic GeoPoint support
* Adds support for $nearSphere/$maxDistance geopoint queries
* enable passing tests
* drop tables afterEach for PG, clean up relation tables too
* Better initialization/dropTables
* Stream video with GridStoreAdapter
* fixing nits. Removing test(Range not accepted as header)
* nit
* Changed names. Added function to check if stream-requirements is fulfilled.
* Refactor logging to provide common logger from LoggerAdapter
Move logger logic de WinstonLoggerAdapter
Further improvements in configuration
Use logger instead of getLogger
- Removes PLog module
Reverts name changes
nits
* Adds additional logging levels as requirements
* Adds tests for logging configuration
* removes flaky test
* investigate...
* further investigation
* Adds silent option to disable console output
* Restores logs with VERBOSE in tests
* Expose controller instead of adapter, reduces method requirements for adapter
* Shuffles initializations around
* Fix doc
* Load cloudCode last to make sure the logger is available
* Adds test to make sure we can load an adapter from npm module
* extract defaults
* Adds defaultMongoURI to defaults
* fix defaults values
* Proper error for PG failures
* Disable flaky test
* HooksRouter is enabled by default
* Adds middleswares on PromiseRouter, fixes#2410
* Move testing line to helper
* Modernize middlewares.js
* Moves DB uniqueness initialization to DBController, modernize
* Moves testing related code to spec folder
* remove unused _removeHook function
* Adds tests, docs for Analytics and improvements
* nit
* moves back TestUtils
* Add test for notEqualTo on relation with equalTo on objectId
* Properly handles queries with equalTo on objectId and relation conditions
This is done by converting shorthand $eq condition to $eq condition instead of clobbering.
* Adds schema caching capabilities (off by default)
* Use InMemoryCacheAdapter
* Uses proper adapter to generate a cache
* Fix bugs when running disabled cache
* nits
* nits
* Use options object instead of boolean
* Imrpove concurrency of loadSchema
* Adds testing with SCHEMA_CACHE_ON
* Use CacheController instead of generator
- Makes caching SchemaCache use a generated prefix
- Makes clearing the SchemaCache clear only the cached schema keys
- Enable cache by default (ttl 5s)
* chore(package): update mongodb to version 2.2.4
https://greenkeeper.io/
* fix for mongo 2.2.4
* Delete schema promise on error...
- Just because this way we can let the adapter an opportunity to yield a new error....
OR A SUCCESS
* Fixes test
* Restore fix
* Add null check for relation type map.
For relations that are not explicitly defined in the schema, we need a null check here.
* Making change to force rebuild.
* Reverting change.
* Adds test
* flag in configurations to use only files adapter
* added lib folder
* remove lib
* alignment edit
* replace comma with semicolon
* ignore parse file storage if fileKey is not provided (undefined)
* remove WithoutValidation from config and push
* remove one use of WithoutValidation
* remove another WithoutValidation
* Kill WithoutValidation and skipValidation
* reload the right data
More passing postgres tests
Handle schema updates, and $in for non array columns
remove authdata from user and implement ensureUniqueness
Make some tests work, detect existing classes
Throw proper error for unique index violation
fix findOneAndUpdate
Support more types
support more type
Support boolean, fix _rperm/_wperm, add TODO
Support string types and also simplify tests
Move operator flattening into Parse Server and out of mongo adapters
Move authdata transform for create into Parse Server
Move authdata transforms completely in to Parse Server
Fix test setup
inline addSchema
Inject default schema to response from DB adapter
* Mark tests that don't work in Postgres
* Exclude one more test
* Exclude some more failing tests
* Exclude more tests
* reload the right data
More passing postgres tests
Handle schema updates, and $in for non array columns
remove authdata from user and implement ensureUniqueness
Make some tests work, detect existing classes
Throw proper error for unique index violation
* fix findOneAndUpdate
* Debug flaky test
* create new object instead of modifying and assigning existing object
* use getOneSchema instead of this.data when updating fields
* Remove debug stuff
* Don't try to validate existing fields
* run just one test
* Verbose test all
* Use schema instead of this.data
* Switch to all tests
WIP
Notes on how to upgrade to 2.3.0 safely
index on unique-indexes: c454180 Revert "Log objects rather than JSON stringified objects (#1922)"
reconfigure username/email tests
Start dealing with test shittyness
most tests passing
Make specific server config for tests async
Fix more tests
Save callback to variable
undo
remove uses of _collection
reorder some params
reorder find() arguments
finishsh touching up argument order
Accept a database adapter as a parameter
First passing test with postgres!
Fix tests
Setup travis
sudo maybe?
use postgres username
reorder find() arguments
Build objects with default fields correctly
Don't tell adapter about ACL
WIP
Passing postgres test with user
Fix up createdAt, updatedAt, nad _hashed_password handling
reconfigure username/email tests
Fix broken cloud code
Save callback to variable
undo
Fix all tests where connections are left open after server closes.
Fix issues caused by missing gridstore adapter
remove uses of _collection
reorder find() arguments
Accept a database adapter as a parameter
sudo maybe?
use postgres username
reorder find() arguments
Build objects with default fields correctly
Don't tell adapter about ACL
WIP
* Remove adaptiveCollection
* Remove an adaptiveCollection use
* Remove an adaptiveCollection
* make adaptiveCollection private
* Remove collection from mongoadapter
* Move schema collection usage into mongo adapter
* stop relying on mongo format for removing join tables
* reduce usage of schemaCollection
* remove uses of _collection
* Move CLP setting into mongo adapter
* remove all uses of schemaCollection
* make schemaCollection private
* remove transform from schemaCollection
* rename some stuff
* Tweak paramaters and stuff
* reorder some params
* reorder find() arguments
* finishsh touching up argument order
* Accept a database adapter as a parameter
* First passing test with postgres!
* Actually use the provided className
* index on unique-indexes: c454180 Revert "Log objects rather than JSON stringified objects (#1922)"
* Start dealing with test shittyness
* Make specific server config for tests async
* Fix email validation
* Fix broken cloud code
* Save callback to variable
* undo
* Fix tests
* Setup travis
* fix travis maybe
* try removing db user
* indentation?
* remove postgres version setting
* sudo maybe?
* use postgres username
* fix check for _PushStatus
* excludes
* remove db=mongo
* allow postgres to fail
* Fix allow failure
* postgres 9.4
* Remove mongo implementations and fix test
* Fix test leaving behind connections
* Move ACL transforming into Parse Server
For the database adapters, it will be more performant and easier to work with _rperm and _wperm than with the ACL object. This way we can type it as an array and so on, and once we have stronger validations in Parse Server, we can type it as an array containing strings of length < x, which will be much much better in sql databases.
* Use destructuring
* Add unique indexing
* Add unique indexing for username/email
* WIP
* Finish unique indexes
* Notes on how to upgrade to 2.3.0 safely
* index on unique-indexes: c454180 Revert "Log objects rather than JSON stringified objects (#1922)"
* reconfigure username/email tests
* Start dealing with test shittyness
* Remove tests for files that we are removing
* most tests passing
* fix failing test
* Make specific server config for tests async
* Fix more tests
* fix more tests
* Fix another test
* fix more tests
* Fix email validation
* move some stuff around
* Destroy server to ensure all connections are gone
* Fix broken cloud code
* Save callback to variable
* no need to delete non existant cloud
* undo
* Fix all tests where connections are left open after server closes.
* Fix issues caused by missing gridstore adapter
* Update guide for 2.3.0 and fix final tests
* use strict
* don't use features that won't work in node 4
* Fix syntax error
* Fix typos
* Add duplicate finding command
* Update 2.3.0.md
