Commit Graph

217 Commits

Author SHA1 Message Date
Rakesh Emmadi
70f4db19ad allow creating multiple relationships which includes the same column (fix #2228) (#2232) 2019-05-21 10:30:33 +05:30
Josha Inglis
277be9074e fix transaction isolation settings on server (#2211) 2019-05-20 19:48:17 +05:30
Rakesh Emmadi
2e19cbee8d keep allowed queries in sync when collections are changed, fix #2221 (#2230) 2019-05-20 15:59:32 +05:30
Shahidh K Muhammed
7c89e951f2 serve console assets without any authorization checks (#2201) 2019-05-16 16:58:50 +05:30
Anon Ray
81bdfafd69 ignore content-type header in auth webhook (#2197) 2019-05-16 14:41:15 +05:30
Shahidh K Muhammed
76ceb707f4
bundle console assets into server (close #516, close #521, close #2130) (#2192)
This PR builds console static assets into the server docker image at `/srv/console-assets`. When env var `HASURA_GRAPHQL_CONSOLE_ASSETS_DIR=/srv/console-assets` or flag `--console-assets-dir=/srv/console-assets` is set on the server, the files in this directory are served at `/console/assets/*`.

The console html template will have a variable called `cdnAssets: false` when this flag is set and it loads assets from server itself instead of CDN.

The assets are moved to a new bucket with a new naming scheme:

```
graphql-engine-cdn.hasura.io/console/assets/
   /common/{}
   /versioned/<version/{}
   /channel/<channel>/<version>/{}
```

Console served by CLI will still load assets from CDN - will fix that in the next release.
2019-05-16 13:15:29 +05:30
Rakesh Emmadi
0b210cc245 support allow-list for graphql queries (closes #989) (#2075) 2019-05-16 11:43:25 +05:30
Anon Ray
935eaf2211 booleans from env are case insensitve (fix #2177) (#2182) 2019-05-14 16:52:05 +05:30
Anon Ray
7d03e7af2f fix non-200 response for authorization errors on /v1/graphql (#2173) 2019-05-14 16:50:55 +05:30
Rakesh Emmadi
c6f40df6d5 close websocket connection on JWT expiry (fix #578) (#2156) 2019-05-14 11:54:46 +05:30
Anon Ray
ee783e142e fix sending duplicate content-type header to remote schemas (fix #2159) (#2170) 2019-05-13 18:17:01 +05:30
Tirumarai Selvan
36e49ea75b manual event triggers (close #1687) (#2077) 2019-05-13 15:11:07 +05:30
Anon Ray
a21f6cd648 introduce v1/graphql (fix #1368) (#2064)
Changes compared to `/v1alpha1/graphql`

* Changed all graphql responses in **/v1/graphql** endpoint to be 200. All graphql clients expect responses to be HTTP 200. Non-200 responses are considered transport layer errors. 

* Errors in http and websocket layer are now consistent and have similar structure.
2019-05-10 11:35:10 +05:30
Rakesh Emmadi
204cd3514b optimise server startup time (close #1430) (#2120)
1. Reuses postgres connections during startup which reduces the overhead of opening and closing connections. 
2. Faster schema cache building. This is done by fetching all the required data in a single sql statement.
2019-05-08 13:06:42 +05:30
Anon Ray
dfaf7d3a1f fix duplicate headers being sent to remote schema (#2118) 2019-05-06 16:57:34 +05:30
Rakesh Emmadi
c4c36e0ef4 schema cache sync improvements (#2098)
* build schema cache function without db setup

The setup shouldn't happen for sync. The database is already setup by the instance which generated the event. This means that the sync is now faster.

* use SQL loop to drop hdb_views schema views and routines with ordering

This avoids deadlocks when schema is being changed concurrently

* schema sync now only processes the latest event

This becomes useful when a lot of schema change
events happen while we are still processing an
earlier event.
2019-05-03 16:12:26 +05:30
Rakesh Emmadi
b436948e7f update schema cache on a column's null-ability or type changes (fix #2101) (#2106) 2019-05-02 18:01:32 +05:30
Shahidh K Muhammed
71cf017197 add an api to dump postgres schema (close #1939) (#1967) 2019-04-30 14:04:08 +05:30
Vamshi Surabhi
8389a7e273
multiplexed subscription improvements (#2081)
* split stm transactions when snapshotting to make it faster

* mx subs: push to both old and new sinks at the same time

* expose dev APIs through allowed APIs flag
2019-04-30 10:45:23 +05:30
Rakesh Emmadi
39f43bdd59 log inconsistent metadata objects only when there are any (close #2053) (#2058) 2019-04-29 11:52:48 +05:30
Rakesh Emmadi
7779198f54 do not enforce permission limit in aggregations (fix #1837) (#2027) 2019-04-26 13:49:59 +05:30
Rakesh Emmadi
733101bf85 compute dependencies for column operators in permissions (close #2054) (#2055) 2019-04-24 15:58:10 +05:30
Vamshi Surabhi
7151f1387f
fix validation of null values, closes #1981 (#2057) 2019-04-24 13:19:39 +05:30
Vamshi Surabhi
83c3094936
add variable name to the path when there is an error, closes #2050 (#2051) 2019-04-24 12:02:53 +05:30
Vamshi Surabhi
24c0643a6d
Use ByteString to cache introspection response, closes #1942 (#2028)
If we store it as EncJSON, we still need to render it to ByteString
for every request which will result in higher CPU usage
2019-04-18 17:45:07 +05:30
Vamshi Surabhi
35542df93f
candidate id shouldn't be part of the plan in multiplexed subscriptions (#2029) 2019-04-18 16:50:27 +05:30
Rakesh Emmadi
1d7cbc7f24 recover from inconsistent database state (closes #231) (#1863) 2019-04-17 21:59:39 +05:30
Vamshi Surabhi
ce243f5899
multiplexed subscriptions (#1934)
* add types to represent unparsed http gql requests

This will help when we add caching of frequently used ASTs

* query plan caching

* move livequery to execute

* add multiplexed module

* session variable can be customised depending on the context

Previously the value was always "current_setting('hasura.user')"

* get rid of typemap requirement in reusable plan

* subscriptions are multiplexed when possible

* use lazytx for introspection to avoid acquiring a pg connection

* refactor to make execute a completely decoupled module

* don't issue a transaction for a query

* don't use current setting for explained sql

* move postgres related types to a different module

* validate variableValues on postgres before multiplexing subs

* don't user current_setting for queries over ws

* plan_cache is only visible when developer flag is enabled

* introduce 'batch size' when multiplexing subscriptions

* bump stackage to 13.16

* fix schema_stitching test case error code

* store hashes instead of actual responses for subscriptions

* internal api to dump subscriptions state

* remove PlanCache from SchemaCacheRef

* allow live query options to be configured on server startup

* capture metrics for multiplexed subscriptions

* more metrics captured for multiplexed subs

* switch to tvar based hashmap for faster snapshotting

* livequery modules do not expose internal details

* fix typo in live query env vars

* switch to hasura's pg-client-hs
2019-04-17 15:18:41 +05:30
Rakesh Emmadi
bfe53e9d9a fix incorrect default values for inserts after column drop, fix #1991 (#1993) 2019-04-15 12:34:30 +05:30
Shahidh K Muhammed
de24cfd43a read version from env var during server build time (close #1398) (#1897)
* read version from env var at build time (close #1398)

* remove un-used imports, edit makefile

* edit makefile to add new targets and export variables

* only export VERSION in makefile

* read version by executing the script if env var is absent
2019-04-11 09:41:48 +05:30
Rakesh Emmadi
7b5bbb758a fix excessive memory consumption with bulk queries (#1972)
Use 'Strict' State monad instead of 'Lazy' to avoid unevaluated memory thunks
2019-04-09 21:41:06 +05:30
Tirumarai Selvan
cab1aa0cb1 fix update_event_trigger query not persisting the changes (#1950)
fix #1949
2019-04-05 17:50:46 +05:30
Tirumarai Selvan
d53c70cbcd specify better error msgs for remote schema conflicts (fix #1805) (#1904) 2019-04-03 06:48:19 +05:30
Vamshi Surabhi
ada35c2236 add user information to transactions in ws protocol (fix #1867) (#1869)
This bug introduced with the refactor in 739ff80a51.
2019-03-26 16:38:27 +05:30
Vamshi Surabhi
739ff80a51 refactor graphql query execution logic (#1855) 2019-03-25 23:55:25 +05:30
Tirumarai Selvan
36781199d0 breaking: drop id from event_triggers table (fix #1840) (#1857) 2019-03-25 22:40:52 +05:30
Toan Nguyen
560c31f9fd add a json path argument to query values inside json columns (close #1598) (#1661) 2019-03-25 19:15:35 +05:30
Shahidh K Muhammed
b8700cce70
add spatial predicates for geography columns (close #1674) (#1735)
This PR adds support for PostGIS spatial predicates on geography columns. The predicates are _st_d_within and _st_intersects.
2019-03-25 17:59:52 +05:30
Vamshi Surabhi
d61c90f1b7
validate relationship definitions on startup (#1849) 2019-03-25 14:26:29 +05:30
Rakesh Emmadi
5bafdce9a3 fix delete mutation returning incorrect data (fix #1794) (fix #1763) (#1827)
From `alpha-40` we've been using a `WHERE` clause to fetch required rows and generate mutation response. This has a few limitations like the requirement of a primary key/unique constraint. This also returns inconsistent data on `delete` mutation as mentioned in #1794. 
Now, we're using `VALUES (..)` (refer [here](https://www.postgresql.org/docs/current/sql-values.html)) expression to form virtual table rows in `SQL` to generate mutation response.

Internal changes:-
- Not to use primary key/unique constraint columns:-
  - Revert back to `ConstraintName` from `TableConstraint` in `TableInfo` type
  - Remove `tcCols` field in `TableConstraint` type
  - Modify `table_info.sql` and `fetchTableMeta` function `SQL`
- A test case to perform `delete` mutation and returning relational objects.
2019-03-22 12:38:42 +05:30
Vamshi Surabhi
ac1749c764 add type, variable information to input value's ast (close #21) (#1809) 2019-03-20 12:01:49 +05:30
Tirumarai Selvan
8615c306ec add for update skip locked to fetch query (#1798) 2019-03-19 10:00:44 +05:30
Vamshi Surabhi
24dcefb142
use bytestring builder to represent encoded json (#1800) 2019-03-18 21:52:21 +05:30
Anon Ray
961f1af528 send error not connection_error on query validation errors (fix #1790) (#1792) 2019-03-17 17:30:54 +05:30
Vamshi Surabhi
c7346fd55a bump stackage to lts 13 and refer to hasura's pg-client-hs (#1747) 2019-03-14 20:25:33 +05:30
Rakesh Emmadi
e32f5a1fb1 sync metadata cache across multiple instances connected to same db (closes #1182) (#1574)
1. Haskel library `pg-client-hs` has been updated to expose a function that helps listen to `postgres` notifications over a `channel` in this [PR](https://github.com/hasura/pg-client-hs/pull/5)
2. The server records an event in a table `hdb_catalog.hdb_cache_update_event` whenever any `/v1/query` (that changes metadata) is requested. A trigger notifies a `cache update` event via `hasura_cache_update` channel
3. The server runs two concurrent threads namely `listener` and `processor`. The `listener` thread listens to events on `hasura_cache_update` channel and pushed into a `Queue`. The `processor` thread fetches events from that `Queue` and processes it. Thus server rebuilds schema cache from database and updates.
2019-03-12 11:16:27 +05:30
Rakesh Emmadi
5f274b5527 fix mutation returning when relationships are present (fix #1576) (#1703)
If returning field contains nested selections then mutation is performed in two steps
1. Mutation is performed with returning columns of any primary key and unique constraints
2. returning fields are queried on rows returned by selecting from table by filtering with column values returned in Step 1.

Since mutation takes two courses based on selecting relations in returning field, it is hard to maintain sequence of prepared arguments (PrepArg) generated while resolving returning field. So, we're using txtConverter instead of prepare to resolve mutation fields.
2019-03-07 15:54:07 +05:30
Vamshi Surabhi
98405fdc0c
allow x-hasura- req headers for jwt unauth role, closes #1686 (#1689) 2019-03-05 17:54:47 +05:30
Anon Ray
d9882fcb03 fix remote queries/mutations to work over websocket (fix #1619) (#1621) 2019-03-05 16:39:02 +05:30
Anon Ray
02d80c9ac6 read cookie while initialising websocket connection (fix #1660) (#1668)
* read cookie while initialising websocket connection (fix #1660)

* add tests for cookie on websocket init

* fix logic for tests

* enforce cors, and flag to force read cookie when cors disabled

  - as browsers don't enforce SOP on websockets, we enforce CORS policy
  on websocket handshake
  - if CORS is disabled, by default cookie is not read (because XSS
  risk!). Add special flag to force override this behaviour

* add log and forward origin header to webhook

  - add log notice when cors is disabled, and cookie is not read on
  websocket handshake
  - forward origin header to webhook in POST mode. So that when CORS is
  disabled, webhook can also enforce CORS independently.

* add docs, and forward all client headers to webhook
2019-03-04 13:16:53 +05:30