BREAKING CHANGE: This upgrades the internally used Express framework from version 4 to 5, which may be a breaking change. If Parse Server is set up to be mounted on an Express application, we recommend to also use version 5 of the Express framework to avoid any compatibility issues. Note that even if there are no issues after upgrading, future releases of Parse Server may introduce issues if Parse Server internally relies on Express 5-specific features which are unsupported by the Express version on which it is mounted. See the Express [migration guide](https://expressjs.com/en/guide/migrating-5.html) and [release announcement](https://expressjs.com/2024/10/15/v5-release.html#breaking-changes) for more info.
BREAKING CHANGE: A request using the master key will now be rejected as unauthorized if the IP from which the request originates is not set in the Parse Server option `masterKeyIps`, even if the request does not require the master key permission, for example for a public object in a public class class.
BREAKING CHANGE: `Parse.Session.current()` no longer throws an error if the session token is expired, but instead returns the session token with its expiration date to allow checking its validity
BREAKING CHANGE: Fields in the internal scope of Parse Server (prefixed with underscore `_`) are only returned using the new `maintenanceKey`; previously the `masterKey` allowed reading of internal fields; see [access scopes](https://github.com/parse-community/parse-server#access-scopes) for a comparison of the keys' access permissions (#8212)
BREAKING CHANGE: The mechanism to determine the client IP address has been rewritten; to correctly determine the IP address it is now required to set the Parse Server option `trustProxy` accordingly if Parse Server runs behind a proxy server, see the express framework's [trust proxy](https://expressjs.com/en/guide/behind-proxies.html) setting (#8372)
BREAKING CHANGE: This release introduces the asynchronous initialization of Parse Server to prevent mounting Parse Server before being ready to receive request; it changes how Parse Server is imported, initialized and started; it also removes the callback `serverStartComplete`; see the [Parse Server 6 migration guide](https://github.com/parse-community/parse-server/blob/alpha/6.0.0.md) for more details (#8232)
BREAKING CHANGE: This release restricts the use of `masterKey` to localhost by default; if you are using Parse Dashboard on a different server to connect to Parse Server you need to add the IP address of the server that hosts Parse Dashboard to this option (#8281)
* failing testcase
* add header
* switch to X-Parse-Cloud-Context header
* add back blank line that lint removed
* test replacing context header with body context. Add support for setting body with json string
* add back blank line
* cover error when _context body is wrong
* Update middlewares.js
* revert accidental status change
* make sure context always decodes to an object else throw error
* improve context object check
Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
* Optimize query, fixes some null returns, fix stitched GraphQLUpload
* Fix authData key selection
* Prefer Iso string since other GraphQL solutions use this format
* fix tests
Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
* added hint to aggregate
* added support for hint in query
* added else clause to aggregate
* fixed tests
* updated tests
* Add tests and clean up
* added beforeSaveFile and afterSaveFile triggers
* Add support for explain
* added some validation
* added support for metadata and tags
* tests?
* trying tests
* added tests
* fixed failing tests
* added some docs for fileObject
* updated hooks to use Parse.File
* added test for already saved file being returned in hook
* added beforeDeleteFile and afterDeleteFile hooks
* removed contentLength because it's already in the header
* added fileSize param to FileTriggerRequest
* added support for client side metadata and tags
* removed fit test
* removed unused import
* added loging to file triggers
* updated error message
* updated error message
* fixed tests
* fixed typos
* Update package.json
* fixed failing test
* fixed error message
* fixed failing tests (hopefully)
* TESTS!!!
* Update FilesAdapter.js
fixed comment
* added test for changing file name
* updated comments
Co-authored-by: Diamond Lewis <findlewis@gmail.com>
* Fix session token issue
* verify email problem
* Fix password reset problem
* Change test file name
* Split tests
* Refetch user
* Replaces lets to consts
* Refactor unit test
What you have is just finee, but wanted
to show you what I meant with my comment
Use jasmine's this to set stuff in beforeEach's
Not that all functions need to be `function ()` instead of
`() =>` so `this` is preserved.
see: https://jasmine.github.io/tutorials/your_first_suite#section-The_%3Ccode%3Ethis%3C/code%3E_keyword
Co-authored-by: Antonio Davi Macedo Coelho de Castro <adavimacedo@gmail.com>
* Suppress Test Logs
This will reduce some of the noise in the tests logs.
* replace deprecated buffer
* remove deprecation warnings
* fix geopoint
* Fix GraphQL
* postgres warnings
* feat: add allowHeaders to Options
This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app.
* refactor: convert allowCrossDomain to generator to add appId in scope
This is necessary as the middleware may run in OPTIONS request that do not contain the appId within the header.
* chore: update Definitions and docs
* fix: update test to use new allowCrossDomain params
* chore: add tests for allowCustomDomain middleware re: allowHeadrs
