* -Defines new public API route /apps/:appId/resend_verification_email that will generate a new email verification link and email for a user identified by username in POST body
-Add template and url support for invalidVerificationLink, linkSendSuccess, and linkSendFail pages. The invalidVerificationLink pages includes a button that allows the user to generate a new verification email if their current token has expired, using the new public API route
-All three pages have default html that will be functional out of the box, but they can be customized in the customPages object. The custom page for invalidVerificationLink needs to handle the extraction of the username and appId from the url and the POST to generate the new link (this requires javascript)
-Clicking a link for an email that has already been verified now routes to the emailVerifySuccess page instead of the invalidLink page
* Fix package.json repo url to be parse-server againwq
* Fix js lint issues
* Update unit tests
* Use arrow functions, change html page comments, use qs and a string template to construct location for invalidVerificationLink page, syntax fixes
* Remember to pass result when using arrow function
Mongo has a hard limit on 1 $near operation per query. Restructuring to
avoid SERVER-13732 should not invalidate a query by creating multiple
$near operations.
Additionally, queries with multiple $ors are now recursively handled,
whereas before, ops at the top level would only have been pushed one
level deeper.
https://github.com/parse-community/parse-server/issues/3767
* Add support for push scheduling
Add a configuration flag on the server to handle the availability of
push scheduling.
* Update push controller to skip sending only if scheduling is configured
Only skip push sending if scheduling is configured
* Update bad conventions
* Add CLI definitions for push scheduling
* Adds tests for pushTime
* Adds test for scheduling
* nits
* Test for not scheduled
* Adds index on _Role name property
In order to avoid having different _Role objects with the same name, adding an index on the name property of _Role is necessary.
Fixes#3579
* Uses throw instead of Promise.reject when enforcing unique indexes
* Fixes wrong sorting of results in schemas tests
In a prior commit, improvements were made to the addition of `_rperm`
in the case of `$or` queries, to avoid MongoDB bug SERVER-13732.
As the vast majority of $or queries previously hit this bug due to the
presence of `_rperm` on most Parse queries), the present solution
avoids the bug and improves query performance in most cases.
However, it's still possible for clients to supply their own queries
which hit that bug, such as those with `_created_at` or `_updated_at`
filters, or their own properties from their data model.
This commit makes the logic currently present for `_rperm` available
to all top level filters that exist alongside an $or query, meaning
SERVER-13732 should be avoided in all cases where keys at the top and
inner levels do not have name clashes.
- https://github.com/ParsePlatform/parse-server/pull/3476
- https://jira.mongodb.org/browse/SERVER-13732
MongoDB has an unfixed bug in all supported versions 2.6-3.4 which
results in suboptimal index usage for `$or` queries when the query has
implicit `$and`s at the query root.
When adding `_rperm` to `$or` queries, Parse accidentally creates
queries which hit this bug.
The fix in this commit applies the suggested workaround of putting the
`_rperm` property inside all `$or` subdocuments, moving it from the top
level and leaving `$or` as the only top-level operator.
MongoDB Bug Link: https://jira.mongodb.org/browse/SERVER-13732
* Update status through increment
* adds support for incrementing nested keys
* fix issue when having spaces in keys for ordering
* Refactors PushController to use worker
* Adds tests for custom push queue config
* Makes PushController adapter independant
* Better logging of _PushStatus in VERBOSE
* Add parseFrameURL for masking user-facing pages.
Allow users to specify a different address which is used to mask parse
requests for verifying email and resetting password. This is how Parse.com
used to allow customers to gain control over page content, styling etc.
On the destination page javascript is used to check the link in the request
and embed the parse server page using IFRAME.
* Fix code indentation
* Rename method for building link and pass config to it.
* Add customPages options to README.md.
* Add tests for parseFrameURL email link building, and parseFrameURL option.
* Add parseFrameURL for masking user-facing pages.
Allow users to specify a different address which is used to mask parse
requests for verifying email and resetting password. This is how Parse.com
used to allow customers to gain control over page content, styling etc.
On the destination page javascript is used to check the link in the request
and embed the parse server page using IFRAME.
* Fix code indentation
* Rename method for building link and pass config to it.
* Add customPages options to README.md.
* Don't Object.assign to defaultConfiguration global
1. Add no space in paren rule
2. fix spec/eslintrc.json so it allow for inheriting from root rc.
Because the spce rc specified reccomended, it "turned off" all of the
rule tweaks in the root. This fixes that.
* adds resetTokenValidityDuration setting
* adds a validator to validate password that can be used to enforce strong
passwords
* adds unit tests for passwordPolicy.validator
* adds unit tests to to fail reset password function if password is not in a valid format
* updates README.md for passwordPolicy
* prevents duplicate check for password validator in updateUserPassword
* adds optional setting to disallow username in password
* updates test cases to use fdescribe instead of describe
* updates test cases to use request-promise instead of request
* adds ability to use a RegExp or Callback function or both for a passwordPolicy.validator
* expect username parameter in redirect to password_reset_success
* adds support for _perishable_token_expires_at in postgres
* Add option to reuse database controller between requests. Clear schema cache when deleting everything
* Add test
* Rename setting to persistSchemaCache to more accurately reflect effect
* Repurpose option to determine whether to randomize cache prefix. Restore Config.js controller creation. Add tests
* Fix bug with missing parameter passed to to SchemaCache
* Renaming and formatting
* Fix property name typo
* Rename option to avoid double negative and still be falsey by default. Style fix
* Add failing test for multiple .notEqualTo on relation with same class
* Fix multiple .notEqualTo on relations with the same class
Multiple should use the union of all objectIds not the intersect
FixesParsePlatform/parse-server#1596
* Removes runtime dependency babel-polyfill (#2692)
* Removes runtime dependency babel-polyfill
* removes references to polyfilled array includes
* Better support for polyfilling
* Removes unnecessary log
* Adds killswitch if tests are polyfilled
* Reverts usage of includes on strings
* Reproduction for #1567
* Recursive handling of nested pointer keys in select
* Better support for multi-level nested keys
* Adds support for selecting columns natively (mongo)
* Support for postgres column selections
* Filter-out empty keys for pg
Move password masking functionality into LoggerController.
The is a more aggresive approach to masking password string in the logs.
Cleaning the url is still in the PromiseRouter because picking it out of the log string
would be fragile.
This will cause more log messages to be scanned for password strings, and may cause a password
string to be obsfucated that is not neccesarily part of parse internals -- but i think that is
still a good thing....
see: #2755 & #2680
* Lookup for email in username field to match docs if email is undefined
* Adds support for sendMail option to when email is selected
* Proper does not exists clause
* increased filename length to 36 to make sure clients display correct filename
* increased filename length to 36 to make sure clients display correct filename
* added uuid prefix to saved filenames
* Adds jobs endpoint protected by masterKey
* Adds connection timeout for 15 minutes in jobs
* Refactors pushStatusHandler into StatusHandler
* Adds reporting of _JobStatus
* Only accept strings as messages
* Adds test for masterKey basic auth
* Adds CloudCodeRouter for cloud_code endpoint of job status, enable Jobs feature on dashboard
* xit racing test
* Adds passing tests
* Better containsAll implementation
* Full Geopoint support, fix inverted lat/lng
* Adds support for $and operator / PointerPermissions specs
* Fix issue updating CLPs on schema
* Extends query support
* Adds RestCreate to the specs
* Adds User specs
* Adds error handlers for failing tests
* nits
* Proper JSON update of AuthData
* fix for #1259 with PG
* Fix for Installations _PushStatus test
* Adds support for GlobalConfig
* Enables relations tests
* Exclude spec as legacy
* Makes corner case for 1 in GlobalConfig
* Make parse-server cloud code logging much to parse.com legacy. (fixes#2501)
1. More closely mimic the wording. Include the user id.
2. Truncate input and result at 1k char.
3. Use more sensible metadata that would makes sense to index. The guideline I used was: if it makes sense to filter on, put it in metadata. If it makes sense to "free text" search on, then put it in the message.
- file and console output, logging an object does not do what on might expect. For example, logging a function's "params":
```
expected:
info: Ran cloud function aFunction for user qWHLVEsbEe with:
Input: {"foo":"bar","bar":"baz"}
Result: "it worked!" functionName=aFunction, params= { foo: "bar", "bar": baz }, user=qWHLVEsbEe
what you actually get:
info: Ran cloud function aFunction for user qWHLVEsbEe with:
Input: {"foo":"bar","bar":"baz"}
Result: "it worked!" functionName=aFunction, foo=bar, bar=baz, user=qWHLVEsbEe
```
- logging highly variable metadata is pretty useless for indexing when logs are sent to a logging repository like elastic search. In that use case, you want to index stuff you expect to filter on like user, hook type.
- finally, putting the same input and result data in both the metadata and the message makes each message much larger with no additional value (that I know of anyway :).
4. Change some of the naming of functions in trigger.js to make future work easier. I was confused about why there were three logging functions in trigger and it took me awhile to get that before hooks and after hooks are logged differently. I just changed the names to make it obvious at first glance.
5. Add some try/catches to help any future futzers see syntax errors, etc instead of just hanging.
Some log examples from unit test output:
```
info: Ran cloud function loggerTest for user YUD2os1i5B with:
Input: {}
Result: {} functionName=loggerTest, user=YUD2os1i5B
info: beforeSave triggered for MyObject for user nssehQ3wtz:
Input: {}
Result: {} className=MyObject, triggerType=beforeSave, user=nssehQ3wtz
info: afterSave triggered for MyObject for user XdznQgTD0p:
Input: {"createdAt":"2016-08-19T01:11:31.249Z","updatedAt":"2016-08-19T01:11:31.249Z","objectId":"POoOOLL89U"} className=MyObject, triggerType=afterSave, user=XdznQgTD0p
error: beforeSave failed for MyObject for user 7JHqCZgnhf:
Input: {}
Error: {"code":141,"message":"uh oh!"} className=MyObject, triggerType=beforeSave, code=141, message=uh oh!, user=7JHqCZgnhf
info: Ran cloud function aFunction for user YR3nOoT3r9 with:
Input: {"foo":"bar"}
Result: "it worked!" functionName=aFunction, user=YR3nOoT3r9
error: Failed running cloud function aFunction for user Xm6NpOyuMC with:
Input: {"foo":"bar"}
Error: {"code":141,"message":"it failed!"} functionName=aFunction, code=141, message=it failed!, user=Xm6NpOyuMC
info: Ran cloud function aFunction for user CK1lvkmaLg with:
Input: {"longString":"Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lobortis semper diam, ac euismod diam pharetra sed. Etiam eget efficitur neque. Proin nec diam mi. Sed ut purus dolor. Nulla nulla nibh, ornare vitae ornare et, scelerisque rutrum eros. Mauris venenatis tincidunt turpis a mollis. Donec gravida eget enim in luctus.\n\nSed porttitor commodo orci, ut pretium eros convallis eget. Curabitur pretium velit in odio dictum luctus. Vivamus ac tristique arcu, a semper tellus. Morbi euismod purus dapibus vestibulum sagittis. Nunc dapibus vehicula leo at scelerisque. Donec porta mauris quis nulla imperdiet consectetur. Curabitur sagittis eleifend arcu eget elementum. Aenean interdum tincidunt ornare. Pellentesque sit amet interdum tortor. Pellentesque blandit nisl eget euismod consequat. Etiam feugiat felis sit amet porta pulvinar. Lorem ipsum dolor sit amet, consectetur adipiscing elit.\n\nNulla faucibus sem ipsum, at rhoncus diam pulvinar at. Vivamus consectetur, diam... (truncated)
Result: {"longString":"Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus lobortis semper diam, ac euismod diam pharetra sed. Etiam eget efficitur neque. Proin nec diam mi. Sed ut purus dolor. Nulla nulla nibh, ornare vitae ornare et, scelerisque rutrum eros. Mauris venenatis tincidunt turpis a mollis. Donec gravida eget enim in luctus.\n\nSed porttitor commodo orci, ut pretium eros convallis eget. Curabitur pretium velit in odio dictum luctus. Vivamus ac tristique arcu, a semper tellus. Morbi euismod purus dapibus vestibulum sagittis. Nunc dapibus vehicula leo at scelerisque. Donec porta mauris quis nulla imperdiet consectetur. Curabitur sagittis eleifend arcu eget elementum. Aenean interdum tincidunt ornare. Pellentesque sit amet interdum tortor. Pellentesque blandit nisl eget euismod consequat. Etiam feugiat felis sit amet porta pulvinar. Lorem ipsum dolor sit amet, consectetur adipiscing elit.\n\nNulla faucibus sem ipsum, at rhoncus diam pulvinar at. Vivamus consectetur, diam... (truncated) functionName=aFunction, user=CK1lvkmaLg
```
* Implement PR comments:
- add back params to metadata and add back to the test
- use screaming snake case for conts
* fix typo
* Adds files related tests through fs-adapter with PG
* Schema deletions implementations
* Adds Hooks spec
* Fix test
* Adds support for containsAll (numbers and strings)
* Better support for deleteFields and deleteClass
* Recursive JSON update for authData
* Adds node_modules to travis cache
* Disable temporarily to make tests pass
* Adds _perishable_token support for _User class
* ignore when a table creation fails at init (table exists)
* Adds support for AddUnique and Remove
* PG 9.4 compatible functions
* Re-enable tests
* nit
* Better handling of schema creation race
