joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,173 Commits 2 Branches 18 Tags
9e43bc2fa07ff860d4812df0bec1bb569c5d7e7e
Commit Graph

501 Commits

Author SHA1 Message Date
Lucas Coratger
9e43bc2fa0 docs: Change API docs template to jsdoc-clean-theme (#8519) 2023-04-29 16:53:54 +02:00
Daniel
ce34747e8a fix: Parameters missing in afterFind trigger of authentication adapters (#8458) 2023-03-06 03:18:00 +01:00
Daniel
c793bb88e7 feat: Add afterFind trigger to authentication adapters (#8444) 2023-03-06 01:35:15 +01:00
Corey
87cab09b6a refactor: Upgrade pg-promise to 11.3.0 and pg-monitor to 2.0.0 (#8453) 2023-03-06 00:16:04 +01:00
Daniel
22d2446dfe fix: Nested date is incorrectly decoded as empty object {} when fetching a Parse Object (#8446) 2023-03-05 01:22:19 +01:00
Daniel
40c196153b feat: Export AuthAdapter to make it available for extension with custom authentication adapters (#8443) 2023-03-03 17:51:45 +01:00
Daniel
b3b76de71b feat: Add option schemaCacheTtl for schema cache pulling as alternative to enableSchemaHooks (#8436) 2023-02-27 01:55:47 +01:00
Daniel
f5bfe4571e fix: Security upgrade jsonwebtoken to 9.0.0 (#8420) 2023-02-07 12:45:30 +01:00
Daniel
d0d30c4f13 feat: Remove deprecation DEPPS1: Native MongoDB syntax in aggregation pipeline (#8362) 
BREAKING CHANGE: The MongoDB aggregation pipeline requires native MongoDB syntax instead of the custom Parse Server syntax; for example pipeline stage names require a leading dollar sign like `$match` and the MongoDB document ID is referenced using `_id` instead of `objectId` (#8362)
 2023-01-05 15:53:43 +01:00
Daniel
1412666f75 fix: Nested objects are encoded incorrectly for MongoDB (#8209) 
BREAKING CHANGE: Nested objects are now properly stored in the database using JSON serialization; previously, due to a bug only top-level objects were serialized, but nested objects were saved as raw JSON; for example, a nested `Date` object was saved as a JSON object like `{ "__type": "Date", "iso": "2020-01-01T00:00:00.000Z" }` instead of its serialized representation `2020-01-01T00:00:00.000Z` (#8209)
 2022-12-20 16:57:29 +01:00
alljinx
8f3b694e39 feat: Add option to change the log level of the logs emitted by triggers (#8328) 2022-12-07 22:55:45 +01:00
Daniel
b2761fb378 feat: Upgrade Redis 3 to 4 for LiveQuery (#8333) 2022-11-26 17:45:30 +01:00
dblythy
7d622f06a4 feat: Upgrade Redis 3 to 4 (#8293) 
BREAKING CHANGE: This release upgrades to Redis 4; if you are using the Redis cache adapter with Parse Server then this is a breaking change as the Redis client options have changed; see the [Redis migration guide](https://github.com/redis/node-redis/blob/redis%404.0.0/docs/v3-to-v4.md) for more details (#8293)
 2022-11-11 01:16:50 +01:00
dblythy
5bbf9cade9 feat: Improve authentication adapter interface to support multi-factor authentication (MFA), authentication challenges, and provide a more powerful interface for writing custom authentication adapters (#8156) 2022-11-10 17:35:39 +01:00
Antoine Cormouls
e90a5183ec refactor: replace deprecated LRU cache methods (#8266) 2022-11-01 21:33:14 +01:00
Manuel
c03908f74e fix: server crashes when receiving file download request with invalid byte range; this fixes a security vulnerability that allows an attacker to impact the availability of the server instance; the fix improves parsing of the range parameter to properly handle invalid range requests ([GHSA-h423-w6qv-2wj3](https://github.com/parse-community/parse-server/security/advisories/GHSA-h423-w6qv-2wj3)) [skip release] (#8238) 2022-10-15 01:06:45 +02:00
Manuel
8c8ec71573 fix: authentication adapter app ID validation may be circumvented; this fixes a vulnerability that affects configurations which allow users to authenticate using the Parse Server authentication adapter for *Facebook* or *Spotify* and where the server-side authentication adapter configuration appIds is set as a string (e.g. abc) instead of an array of strings (e.g. ["abc"]) ([GHSA-r657-33vp-gp22](https://github.com/parse-community/parse-server/security/advisories/GHSA-r657-33vp-gp22)) [skip release] (#8187) 2022-09-20 23:05:44 +02:00
dblythy
e424137406 fix: query aggregation pipeline cannot handle value of type Date when directAccess: true (#8167) 2022-09-17 16:19:28 +02:00
Jong Eun Lee
7f5a15d5df fix: graphQL query ignores condition equalTo with value false (#8032) 2022-07-03 12:13:10 +02:00
Manuel
75af9a26cc fix: certificate in Apple Game Center auth adapter not validated [skip release] (#8058) 2022-06-17 20:22:35 +02:00
Antoine Cormouls
72fac8a5fc refactor: lru-cache maxAge to ttl (#8039) 2022-06-13 15:29:50 +02:00
dblythy
3fb6b2b4ab ci: fix flaky tests for Apple Game Center authentication (#7958) 2022-05-01 04:26:08 +02:00
Manuel
af4a0417a9 fix: authentication bypass and denial of service (DoS) vulnerabilities in Apple Game Center auth adapter (GHSA-qf8x-vqjv-92gr) (#7962) 2022-05-01 02:28:16 +02:00
Manuel Trezza
1593575a87 build: release 2022-03-18 15:17:12 +01:00
Antoine Cormouls
f88aa2a62a feat: upgrade to MongoDB Node.js driver 4.x for MongoDB 5.0 support (#7794) 
BREAKING CHANGE: The MongoDB GridStore adapter has been removed. By default, Parse Server already uses GridFS, so if you do not manually use the GridStore adapter, you can ignore this change.
 2022-02-06 18:30:36 +01:00
Corey
a5ffb95022 refactor: remove deprecated url.parse() method (#7751) 2022-01-06 15:26:00 +01:00
Corey
0c3feaaa17 feat: add Idempotency to Postgres (#7750) 2022-01-02 19:25:53 +01:00
Corey
5e363eae44 refactor: remove unnecessary error checking in PostgresAdapter (#7761) 2022-01-02 18:43:12 +01:00
Corey
16b1b2a197 feat: support relativeTime query constraint on Postgres (#7747) 2022-01-02 01:10:54 +01:00
Manuel
8ee0445c0a fix: unable to use objectId size higher than 19 on GraphQL API (#7722) 2021-11-27 13:36:49 +01:00
Antoine Cormouls
ed86c80772 fix: unable to use objectId size higher than 19 on GraphQL API (#7627) 2021-11-27 12:27:08 +01:00
Samuel Denis-D'Ortun
25d5c30be2 feat: add user-defined schema and migrations (#7418) 2021-11-01 14:28:49 +01:00
Corey
090350a7a0 feat: add support for Postgres 14 (#7644) 2021-10-31 20:49:03 +01:00
Antoine Cormouls
68057c49f3 refactor: minor changes to remove mongo deprecation warnings (#7626) 2021-10-17 21:16:24 +02:00
Antonio Davi Macedo Coelho de Castro
308668c894 Merge pull request from GHSA-xqp8-w826-hh6x 
* Added a test case that triggers the query parameter crash

* rest.js: validate the explain parameter to keep the nodejs driver from throwing an uncatchable exception and crashing the server (see https://jira.mongodb.org/browse/NODE-3463)
RestQuery.js: Check whether explain mode is enabled not by "!== true", but by the "!" operator. explain can have string values.
Added tests that validate correct behaviour on different explain values

* Refactor the new tests

* Simplify the new tests
Also do a sanity check on the explain results

* Test refactor

* Exclude queryPlannerExtended as it is not supported by the testing environment
  Simplifies the tests

* Restrict the changes to mongodb
  Moved the verification of the explain value from rest.js to MongoStorageAdapter.js
  Also restricted the relevant unit tests to mongodb

* Added changelog entry

* reformat changelog entry

* Update CHANGELOG.md

Co-authored-by: Kartal Kaan Bozdoğan <kartalkaanbozdogan@gmail.com>
Co-authored-by: Manuel <5673677+mtrezza@users.noreply.github.com>
 2021-09-02 12:46:48 +02:00
Kartal Kaan Bozdoğan
5e7c9d2e1a Fixed a bug affecting updates to nested pointers (#7392) 
* Fixed a bug affecting updates to nested pointers
  Also created unit tests

* Marked the regression test for #7391 as pending for postgre
  The issue is not fixed yet
Use cont instead of var
 2021-05-25 15:33:40 -07:00
Snyk bot
755c49404d [Snyk] Upgrade pg-promise from 10.9.2 to 10.10.1 (#7286) 
* fix: upgrade pg-promise from 10.9.2 to 10.9.3

Snyk has created this PR to upgrade pg-promise from 10.9.2 to 10.9.3.

See this package in npm:
https://www.npmjs.com/package/pg-promise

See this project in Snyk:
https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr

* bump pg-promise to 10.10.1

* fix add field if not exists

* lint

Co-authored-by: Diamond Lewis <findlewis@gmail.com>
 2021-04-29 12:10:15 -05:00
Vitaly Tomilov
25fb476bf8 Update PostgresClient.js (#7276) 
Proper pg-monitor re-attachment logic.
 2021-03-18 15:54:17 -05:00
Diamond Lewis
a02014f557 Improve single schema cache (#7214) 
* Initial Commit

* fix flaky test

* temporary set ci timeout

* turn off ci check

* fix postgres tests

* fix tests

* node flaky test

* remove improvements

* Update SchemaPerformance.spec.js

* fix tests

* revert ci

* Create Singleton Object

* properly clear cache testing

* Cleanup

* remove fit

* try PushController.spec

* try push test rewrite

* try push enqueue time

* Increase test timeout

* remove pg server creation test

* xit push tests

* more xit

* remove skipped tests

* Fix conflicts

* reduce ci timeout

* fix push tests

* Revert "fix push tests"

This reverts commit 05aba62f1cbbca7d5d3e80b9444529f59407cb56.

* improve initialization

* fix flaky tests

* xit flaky test

* Update CHANGELOG.md

* enable debug logs

* Update LogsRouter.spec.js

* create initial indexes in series

* lint

* horizontal scaling documentation

* Update Changelog

* change horizontalScaling db option

* Add enableSchemaHooks option

* move enableSchemaHooks to databaseOptions
 2021-03-16 16:05:36 -05:00
Diamond Lewis
32fc45d2d2 Add KeyPromiseQueue to Push and Job StatusHandlers (#7267) 
* Add KeyPromiseQueue to Push and Job StatusHandlers

* Update CHANGELOG.md

* Update CHANGELOG.md
 2021-03-15 18:51:46 -05:00
Diamond Lewis
1666c3e382 [WIP] Enable test suite to be randomized (#7265) 
* initial run

* Update ParseGraphQLServer.spec.js

* temporarily enable reporter

* Bump retry limit

* fix undefined database

* try to catch error

* Handle LiveQueryServers

* Update Config.js

* fast-fail false

* Remove usage of AppCache

* oops

* Update contributing guide

* enable debugger, try network retry attempt 1

* Fix ldap unbinding

* move non specs to support

* add missing mock adapter

* fix Parse.Push

* RestController should match batch.spec.js

* Remove request attempt limit

* handle index.spec.js

* Update CHANGELOG.md

* Handle error: tuple concurrently updated

* test transactions

* Clear RedisCache after every test

* LoggerController.spec.js

* Update schemas.spec.js

* finally fix transactions

* fix geopoint deadlock

* transaction with clean database

* batch.spec.js
 2021-03-15 02:04:09 -05:00
Diamond Lewis
9563793303 Allow single server instance in test suite (#7262) 
* initial pass

* reconfigureServer when needed

* finish postgres tests

* mongo tests

* more tests

* clean up

* re-add skipped test

* Fix transaction tests

* handle batch

* AuthenticationAdapter fix

* More reconfiguration

* clean up

* properly terminate cli servers

* handle Parse.Push

* Flaky PushController

* ensure reconfigureServer when changed

* fix postgres tests

* remove console.log

* LiveQuery spec remove duplicates and listeners
 2021-03-13 09:05:22 -06:00
Diamond Lewis
39fa17f914 Postgres: Properly initialize database on startup and debugger (#7255) 
* PG: Properly initialize database

* fix flaky tests

* flaky test

* correct test

* no idea

* clean up debugger
 2021-03-10 11:31:35 -08:00
Miguel Serrano
92f50f6808 Add support for Facebook Limited Login (#7219) 
* Add support for Facebook Limited auth

* Add tests

* Fix tests

* Fix tests

* Add entry to changelog

* Cleanup
 2021-02-24 07:36:24 -06:00
OverDrive
a1cd631425 Fix for authenticating with instagram (#7173) 
* Fix for authenticating with instagram

* Change tests for instagram authentication

* Instagram authentication for the case when data child object is presented in the response
 2021-02-19 13:19:13 -06:00
Antonio Davi Macedo Coelho de Castro
a430d6f7b7 Fix flaky test with transactions (#7187) 
* Fix flaky test with transactions

* Add CHANGELOG entry

* Fix the other transactions related tests that became flaky because now Parse Server tries to submit the transaction multilpe times in the case of TransientError

* Remove fit from tests
 2021-02-18 10:18:54 -08:00
Diamond Lewis
1ede078154 fix(Logger): Handle interpolating stdout (#7114) 
* fix(Logger): Handle interpolating stdout

* Update CHANGELOG.md
 2021-01-11 09:20:21 -06:00
Antoine Cormouls
05f5aa0eb3 Fix max listener warning from livequery server (#7083) 
* fix max listner warning

* fix

* Clean test log
 2020-12-21 11:14:07 -06:00
Diamond Lewis
033a0bd443 Fix Prettier (#7066) 2020-12-13 11:19:04 -06:00
Antonio Davi Macedo Coelho de Castro
da905a357d Merge pull request from GHSA-4w46-w44m-3jq3 
* strip password after authentication to prevent cleartext password storage

* fixed forgotten testcase forcing ;-/

* added test to check if password is not stored in user record

Co-authored-by: Fabian Strachanski <fabian@fastr.de>
 2020-12-02 13:08:02 -08:00