Commit Graph

300 Commits

Author SHA1 Message Date
Vamshi Surabhi
24dcefb142
use bytestring builder to represent encoded json (#1800) 2019-03-18 21:52:21 +05:30
Rakesh Emmadi
5f274b5527 fix mutation returning when relationships are present (fix #1576) (#1703)
If returning field contains nested selections then mutation is performed in two steps
1. Mutation is performed with returning columns of any primary key and unique constraints
2. returning fields are queried on rows returned by selecting from table by filtering with column values returned in Step 1.

Since mutation takes two courses based on selecting relations in returning field, it is hard to maintain sequence of prepared arguments (PrepArg) generated while resolving returning field. So, we're using txtConverter instead of prepare to resolve mutation fields.
2019-03-07 15:54:07 +05:30
Vamshi Surabhi
f794653b69
update event triggers on rename operations (#1684) 2019-03-01 19:29:24 +05:30
Rakesh Emmadi
377290a058 breaking: correct (de)serialisation of postgres numeric types in json (fix #1523) (#1662) 2019-03-01 17:15:04 +05:30
Rakesh Emmadi
6c20ca8a55 allow renaming tables, columns and relationships (close #79) (#1542) 2019-03-01 14:47:22 +05:30
Rakesh Emmadi
c731fde1e3 enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 16:06:42 +05:30
Tirumarai Selvan
7851015cb2 refactor event processing logic (#1639) 2019-02-22 17:55:36 +05:30
nizar-m
f83a8e591f rename access-key to admin-secret (close #1347) (#1540)
Rename the admin secret key header used to access GraphQL engine from X-Hasura-Access-Key to X-Hasura-Admin-Secret.

Server CLI and console all support the older flag but marks it as deprecated.
2019-02-14 15:07:47 +05:30
Tirumarai Selvan
51dd6157e1 remove wreq and set response timeout (close #1477) (#1501) 2019-02-14 13:07:59 +05:30
Rakesh Emmadi
2054bdc44e do not allow overloading already tracked functions (#1563) 2019-02-14 09:35:18 +05:30
Rakesh Emmadi
cba732d439 support column presets in update mutation (closes #1449, closes #1464) (#1473)
Also restricts altering type of columns which are used in presets
2019-02-11 18:15:30 +05:30
Rakesh Emmadi
96f8b05326 don't allow altering tracked SQL functions type to VOLATILE (fix #1546) (#1547) 2019-02-05 11:27:03 +05:30
nizar-m
68da491d9d Improve error message when no operation specs are provided during event trigger creation (close #998) (#1541) 2019-02-01 15:07:38 +05:30
Rakesh Emmadi
4ef50d95c7 hdb_views should always be cleared before building schema cache (#1513) 2019-01-29 15:39:58 +05:30
Rakesh Emmadi
3caff9b924 support jsonb and postgis operators in permissions (#1461)
* support jsonb and geometry operators on RQL bool exps, close #1408

* add tests for jsonb operators in /v1/query

TODO:-
-> add tests for geometry (postgis) operators

* support parsing session variables for st_d_within and has_key ops

-> Add tests for boolExp operators and select permissions

* improve parsing $st_d_within op's json value logic
2019-01-28 23:16:31 +05:30
nizar-m
32387ba964 support union and interface types in remote schema (close #1276) (#1361) 2019-01-28 22:15:10 +05:30
Rakesh Emmadi
0bf2457e23 allow exposing postgres functions through GraphQL interface (close #333) (#1073) 2019-01-25 09:01:54 +05:30
Rakesh Emmadi
ae63ed9603 simplify SQL generated for _eq and _neq operators in GraphQL API (#1466) 2019-01-25 00:04:44 +05:30
Vamshi Surabhi
5514b40de2
dependencies of object relationship now includes remote table, closes #1441 (#1442) 2019-01-24 18:56:13 +05:30
Rakesh Emmadi
d91d7e658a optimise 'run_sql' query, closes #1362 (#1406) 2019-01-18 16:15:59 +05:30
Rakesh Emmadi
7ff1c8829a add PostGIS operators in boolean expressions (closes #1051) (#1372) 2019-01-17 11:51:38 +05:30
Vamshi Surabhi
380fdad468 update constraint enum types when a new constraint is added (#1287)
* update metadata when constraints on a table are altered, fix #240

* capture only unique or primary constraints in tableinfo
2019-01-03 09:28:12 +05:30
Vamshi Surabhi
be1d9414f8
diff's query should account for table having no columns (#1256) 2018-12-21 15:24:22 +05:30
Vamshi Surabhi
c28fbd3f98
faster retrieval of table information from postgres (#1235) 2018-12-19 16:11:06 +05:30
Vamshi Surabhi
8feff0daca
clear event_triggers when clear_metadata is called, closes #1232 (#1233) 2018-12-19 12:04:27 +05:30
Rakesh Emmadi
3026c49087 apply update permissions for upsert mutations (#628) 2018-12-15 21:40:29 +05:30
Tirumarai Selvan
6de17b303f drop trigger functions on updating event triggers (#1214) 2018-12-15 10:35:29 +05:30
Vamshi Surabhi
ec8b2c80b5
refactor to remove warnings especially with orphan instances (#1163)
* remove phase one/two distinction and hdbquery typeclass

* move extensions to default-extensions

* switch to LazyTx which only acquires a connection if needed

* move defns from TH module into Ops module

* remove tojson orphan instance for http exception

* remove orphan instance for dmlp1

* getTopLevelNodes will not throw any exceptions
2018-12-13 12:56:15 +05:30
Rakesh Emmadi
ff6c95c2f8 allow ordering with aggregated fields (close #1039) (#1042) 2018-12-12 18:28:39 +05:30
Rakesh Emmadi
29ba490296 conform to graphql subscription and error spec (close #1056, close #1059) (#1126) 2018-12-04 19:07:38 +05:30
Anon Ray
0d14c13f98 metadata should be backwards compatible for remote schemas (fix #1120) (#1121) 2018-11-27 16:56:10 +05:30
Rakesh Emmadi
8df23ad6c9 use postgres IN experssion for _in operator (fix #1109) (#1111) 2018-11-26 15:39:55 +05:30
Anon Ray
512ee6fb9f adds basic support for remote schemas/schema stitching (#952) 2018-11-23 18:32:46 +05:30
Rakesh Emmadi
58fe579497 support Postgres's DISTINCT ON (close #1040) (#1099) 2018-11-23 07:23:56 +05:30
Rakesh Emmadi
030f094de9 handle empty array for _in and _nin operators, fix #1075 (#1076) 2018-11-21 12:28:29 +05:30
Vamshi Surabhi
47dcae1614
fix sql generation for boolean expressions, closes #853 (#1037)
When using self referential relationships in boolean expressions, the exists clause incorrectly uses the table names to qualify columns which will be the same for parent table and the child table. This is now fixed by generating unique aliases as we traverse down the relationships.
2018-11-16 18:10:23 +05:30
Rakesh Emmadi
b719e82e89 add statistical aggregate operations and count on columns (close #1028) (#1029) 2018-11-14 18:29:59 +05:30
Tirumarai Selvan
317efb81f1 event triggers: take webhook url from env (close #966) (#968) 2018-11-14 12:43:01 +05:30
Rakesh Emmadi
9af591e2cb remove x-hasura-access-key header from logs (fix #1016) (#1017) 2018-11-13 14:05:44 +05:30
Tirumarai Selvan
d4d31838cb quote function and trigger names, allow hyphen in trigger name (#1012) 2018-11-13 11:28:55 +05:30
Rakesh Emmadi
8c1700e76f improve SQL generation for '_in' operation (close #1013) (#1014) 2018-11-12 18:57:47 +05:30
Rakesh Emmadi
80de0e019a do not generate prefix for column identifiers in agg select, fix #1004 (#1005) 2018-11-12 12:58:46 +05:30
Rakesh Emmadi
999580481c allow specifying a list of columns that can be inserted (close #250) (#917) 2018-11-02 20:38:38 +05:30
Rakesh Emmadi
0e9d6994ac refactor nested insert mutation and fix returning (fix #844) (#852)
* improved nested insert execution logic

* integrate error path, improve executing 'withExp' and improve tests

* add more readable types in '/Resolve/Insert.hs'

* set conflict context just before executing WITH expression
2018-11-02 19:31:01 +05:30
Rakesh Emmadi
1a91399298 extract session variables from relational bool expression (fix #960) (#961) 2018-11-02 15:06:33 +05:30
Rakesh Emmadi
0803738df1 refactor select query generation (#941) 2018-10-31 18:21:20 +05:30
Tirumarai Selvan
baf7c493bc respect retry-after header on event trigger response (#525) 2018-10-26 21:58:03 +05:30
Vamshi Surabhi
8b0082eac1
clean up user variables parsing logic and fix explain api (#869) 2018-10-26 21:27:22 +05:30
Rakesh Emmadi
fb842fde6f optional 'set' field in insert permissions, closes #216 (#622) 2018-10-26 20:28:20 +05:30
Rakesh Emmadi
f6ed169219 allow ordering using columns from object relationships (closes #463) (#672)
* allow ordering using columns from object relationships, close #463

* validate table fields in nested insert

* add tests

* add docs

* change 'table_order_by' type from enums to ordered map

* remove unwanted code from 'Schema.hs' file

* 'AnnGObject' is not list of field name and value tuple

* update docs for new order_by type

* use 'InsOrdHashMap' for 'AnnGObj'

* handle empty fields in order_by

* remove '_' prefixes for asc/desc

* fix the changed order_by syntax across the repo
2018-10-26 17:27:33 +05:30
Rakesh Emmadi
a8cee16ab5 support aggregations (closes #786) (#787)
* support for count and aggregations on columns, close #786

* support explain query for aggregations

* '<arr-rel>_agg' in '<table>' type, fix order by for aggregations

* add 'allow_aggregations' key in select permissions

* Add checkbox to toggle count and aggregations on columns on select permission

* align aggregation checkbox with columns div

* improve readability of the generated sql

* alias is needed at the top level aggregation

* throw internal errors for unexpected fields

* rename SelFld to more readable TableAggFld

* rename agg to aggregate
2018-10-26 14:32:43 +05:30
Vamshi Surabhi
199531cbd9
http and websocket logs now correctly have user information, closes #849 (#850) 2018-10-25 15:07:57 +05:30
Tirumarai Selvan
810b440089 trigger webhooks on column level changes instead of row (close #547, close #680) (#550) 2018-10-25 12:52:51 +05:30
Vamshi Surabhi
ab9692da4d
set all session data in a single paramater, 'hasura.user' (closes #825) 2018-10-24 16:09:47 +05:30
Vamshi Surabhi
ac537330d0 explain a graphql query, similar to explain of an sql statement (close #562) (#805) 2018-10-19 07:45:28 +05:30
Rakesh Emmadi
45691e3509 for views consider only insertable ones in generating nested insert input objects (fix #773) (#774) 2018-10-16 15:55:41 +05:30
Rakesh Emmadi
49dd7bf98b allow mutations on views only if they are allowed by postgres (fix #232) (#339) 2018-10-12 17:36:12 +05:30
Vamshi Surabhi
ecf8c760ec workaround postgres default limit of 63 chars for identifiers (close #688) (#707) 2018-10-12 14:58:43 +05:30
Rakesh Emmadi
d57be587b3 format schema name and table name as identifiers in event triggers (fix #639) (#644) 2018-10-09 12:09:20 +05:30
Rakesh Emmadi
00d5a5c1a3 insert mutations can now handle nested-data/relationsips (close #343) (#429) 2018-10-05 20:43:51 +05:30
Vamshi Surabhi
32ae105279 improved sql generation for select queries (closes #6, #121, #278) (#643)
Better SQL generation for select queries (the query plans will be the same but much more readable). This closes some long standing issues (#6, #121, #278).
2018-10-05 14:26:47 +05:30
Rakesh Emmadi
91376316f2 breaking: encode bigint and bigserial postgres types as strings in response (fix #633) (#640)
This is breaking change where bigint and bigserial Postgres types will be encoded as GraphQL String types, as opposed to Int as present in earlier releases.

Input types were already encoded as String.

This is achieved by selecting `bigint` and `bigserial` columns as `text`s in the SQL query: `select "big_id"::text ..` instead of `select "big_id" .. `.

Reason for that change is outlined in #633 where JavaScript cannot decode 64 bit Integers.
2018-10-05 10:46:21 +05:30
Rakesh Emmadi
fc7ea9213c fix non-admin insert returns null column values when query affects zero rows in postgres (fix #563) (#565)
Insert trigger function: If query affects no rows then return `null`

Insert trigger function is modified to have 
 `IF r IS NULL THEN RETURN null; ELSE RETURN r; END IF;` in return statement.
2018-09-29 11:12:47 +05:30
Vamshi Surabhi
b084249e01 do not clean hdb_views by dropping and creating the schema (closes #567) (#568)
Fix migration logic to accommodate for non superuser permissions. Closes #567 

- [x] Server

By clearing the `hdb_views` schema of existing views and functions instead of dropping and creating it again. 

- [x] Bug fix (non-breaking change which fixes an issue)
2018-09-28 16:22:54 +05:30
Vamshi Surabhi
5e619cc479 fix geojson inconsistencies (closes #510) (#513)
Graphql-engine now accepts crs key to specify the Coordinate Reference System as accepted in GeoJSON 2008 spec.

- [x] Server
2018-09-27 17:53:17 +05:30
Tirumarai Selvan
2cd2b23b2d add custom headers for webhooks, refactor retry logic (#419) 2018-09-24 17:20:11 +05:30
Rakesh Emmadi
8f6b19d6f1 quote constraint name for non-admin inserts (fix #494) (#497)
### Description
What component does this PR affect? 

- [x] Server
### Related Issue
#494 

### Solution and Design
Use `quote_ident()` SQL function over `constraint_name` in insert trigger function definition.

### Type
- [x] Bug fix (non-breaking change which fixes an issue)
2018-09-20 20:54:20 +05:30
Tirumarai Selvan
c42af444f7 implement query to update an event trigger (#367) 2018-09-19 17:42:57 +05:30
Rakesh Emmadi
ec516ce55b allow _is_null operator for filter/check permissions (close #456) (#477) 2018-09-18 17:15:35 +05:30
nizar-m
cde559fe58 dont set non-null constraint for manual object relationships (close #462) 2018-09-18 17:01:16 +05:30
Tirumarai Selvan
f94de38e4c dont reload schema cache for event deliveries (#453) 2018-09-14 18:13:42 +05:30
Rakesh Emmadi
86b769c8e5 returning on json queries now returns only affected row (fix #380) (#381) 2018-09-08 23:02:58 +05:30
Vamshi Surabhi
dd8e09d6cb add jsonb boolean operators (close #369) (#376) 2018-09-07 17:45:28 +05:30
Tirumarai Selvan
e905535beb implement api to deliver a particular event (close #371) (#373) 2018-09-07 17:21:01 +05:30
Karthik Venkateswaran
e3102dfd5e ui buttons to export and import metadata, reload metadata api (close #293) (#323) 2018-09-05 20:55:30 +05:30
Tirumarai Selvan
82e09efce6 add event triggers (#329) 2018-09-05 16:56:46 +05:30
Rakesh Emmadi
0a3f68a6eb allow selectively updating columns on a conflict during insert (fix #342)
* fix primary key changing on upsert, fix #342

* add 'update_columns' in 'on_conflict' object, consider 'allowUpsert'

* 'ConflictCtx' type should respect upsert cases

* validation for not null fields in an object
2018-09-04 19:09:48 +05:30
Anon Ray
b2f88ff28a add support for jwt authorization (close #186) (#255)
The API:
1. HGE has `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var. The value of which is a JSON.

2. The structure of this JSON is: `{"type": "<standard-JWT-algorithms>", "key": "<the-key>"}`
`type` : Standard JWT algos : `HS256`, `RS256`, `RS512` etc. (see jwt.io).
`key`:
  i. Incase of symmetric key, the key as it is.
  ii. Incase of asymmetric keys, only the public key, in a PEM encoded string or as a X509 certificate.

3. The claims in the JWT token must contain the following:
  i. `x-hasura-default-role` field: default role of that user
  ii. `x-hasura-allowed-roles` : A list of allowed roles for the user. The default role is overriden by `x-hasura-role` header.

4. The claims in the JWT token,  can have other `x-hasura-*` fields where their values can only be strings.

5. The JWT tokens are sent as `Authorization: Bearer <token>` headers.

---
To test:
1. Generate a shared secret (for HMAC-SHA256) or RSA key pair.
2. Goto https://jwt.io/ , add the keys
3. Edit the claims to have `x-hasura-role` (mandatory) and other `x-hasura-*` fields. Add permissions related to the claims to test permissions.
4. Start HGE with `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var, which takes a JSON string: `{"type": "HS256", "key": "mylongsharedsecret"}` or `{"type":"RS256", "key": "<PEM-encoded-public-key>"}`
5. Copy the JWT token from jwt.io and use it in the `Authorization: Bearer <token>` header.

---
TODO: Support EC public keys. It is blocked on frasertweedale/hs-jose#61
2018-08-30 16:02:09 +05:30
Rakesh Emmadi
daf01c2b9d mutation return type and query type are same (close #315) (#324) 2018-08-30 15:19:21 +05:30
Rakesh Emmadi
f72d8de87a fix insert fails for non-admin roles on v1/query (fix #327) (#328)
* fix insert fails for non-admin roles on v1/query, fix #327

* add test case for user role upsert usint constraint name
2018-08-29 19:11:33 +05:30
Rakesh Emmadi
75e4400bc5 add req_user_id as alias to x-hasura-user-id (fix #317) (#320) 2018-08-29 11:17:13 +05:30
Rakesh Emmadi
efc9fc7ba9 simpler root level select fields using primary keys (fix #304) (#306)
* select fields by primary key col values as argument values, fix #304

* change field name 'table_by_pkey' to 'table_by_pk'
2018-08-27 19:47:03 +05:30
Rakesh Emmadi
0f13f72bfe do not allow creating permissions for admin role, fix #310 (#312) 2018-08-27 17:20:18 +05:30
Rakesh Emmadi
e3b56ac368 fix upsert queries to work on non admin roles (fix #239) (#291) 2018-08-17 20:14:43 +05:30
Rakesh Emmadi
0797407dbf respect the nullability of columns in generated schema (fix #256) (#276) 2018-08-10 18:14:44 +05:30
Rakesh Emmadi
adf973dee5 better error code when insertion check constraint fails (fix #257) (#267) 2018-08-10 17:35:07 +05:30
Rakesh Emmadi
cffa808d19 returning returns [] when mutations affect no rows (fix #265) (#269)
* fix returning returns null, fix #265

* add a test case for delete mutation with returning
2018-08-08 12:31:49 +05:30
Rakesh Emmadi
9c55490e98 add limit in select permission which overrides limit in query (close #178) (#237) 2018-08-06 17:45:08 +05:30
Rakesh Emmadi
c94640a377 don't allow creating relationships from/to a table that isn't tracked (fix #185) (#229)
* don't allow fkey based relations from/to a table that isn't tracked, fix #185

Check if remote table exist in metadata when creating foreign-key
based object relationship.

* add tests for adding object relation using fkey if remote table is untracked
2018-08-03 15:04:37 +05:30
Rakesh Emmadi
27e2d647bb add _inc and jsonb operators to update_mutation (close #159) (#169) 2018-07-20 16:21:20 +05:30
Vamshi Surabhi
e3f960da96 initial support for livequeries (#176)
fix #59
2018-07-20 12:52:46 +05:30
Vamshi Surabhi
679310b008
accomodate for the precedence of IS before 9.5, closes #150 2018-07-17 22:26:47 +05:30
Rakesh Emmadi
5efa366b49 add 'on_conflict' argument to insert mutation (closes #105)
* add 'on_conflict' condition to allow upsert mutation, closes #105

* check for empty unique or primary key constraints

* add 'on_conflict' condition test cases and introspection test case

* update 'conflict_action' enum values' description
2018-07-17 18:53:23 +05:30
rakeshkky
a094394f38 server: add _is_null operator, closes #106 2018-07-12 19:33:02 +05:30
rakeshkky
82e81cd540 server: use row expressions instead of json_build_object 2018-07-09 12:55:49 +05:30
Rakesh Emmadi
b9ff99329a server: process headers only for known urls, fixes #46 2018-07-06 10:46:42 +05:30
Vamshi Surabhi
db1a098b3b server: do not publish schema for system defined tables 2018-06-29 16:30:54 +05:30
Vamshi Surabhi
f6bb130240 server: improved error messages. closes #8 2018-06-29 12:51:04 +05:30
Rakesh Emmadi
a4dbe58c15 server: Disallow untrack_table for system defined tables. Fix #12 (#15) 2018-06-28 17:26:40 +05:30
Vamshi Surabhi
530027cf20 move raven into graphql-engine repo 2018-06-28 00:32:00 +05:30