Commit Graph

537 Commits

Author SHA1 Message Date
Vamshi Surabhi
24dcefb142
use bytestring builder to represent encoded json (#1800) 2019-03-18 21:52:21 +05:30
Rakesh Emmadi
e32f5a1fb1 sync metadata cache across multiple instances connected to same db (closes #1182) (#1574)
1. Haskel library `pg-client-hs` has been updated to expose a function that helps listen to `postgres` notifications over a `channel` in this [PR](https://github.com/hasura/pg-client-hs/pull/5)
2. The server records an event in a table `hdb_catalog.hdb_cache_update_event` whenever any `/v1/query` (that changes metadata) is requested. A trigger notifies a `cache update` event via `hasura_cache_update` channel
3. The server runs two concurrent threads namely `listener` and `processor`. The `listener` thread listens to events on `hasura_cache_update` channel and pushed into a `Queue`. The `processor` thread fetches events from that `Queue` and processes it. Thus server rebuilds schema cache from database and updates.
2019-03-12 11:16:27 +05:30
Rakesh Emmadi
5f274b5527 fix mutation returning when relationships are present (fix #1576) (#1703)
If returning field contains nested selections then mutation is performed in two steps
1. Mutation is performed with returning columns of any primary key and unique constraints
2. returning fields are queried on rows returned by selecting from table by filtering with column values returned in Step 1.

Since mutation takes two courses based on selecting relations in returning field, it is hard to maintain sequence of prepared arguments (PrepArg) generated while resolving returning field. So, we're using txtConverter instead of prepare to resolve mutation fields.
2019-03-07 15:54:07 +05:30
Rakesh Emmadi
6c20ca8a55 allow renaming tables, columns and relationships (close #79) (#1542) 2019-03-01 14:47:22 +05:30
Shahidh K Muhammed
097bfb6bfa revert "forward response headers from remote servers (#1664)"
This reverts commit c19fe35f4e.
2019-02-28 17:20:56 +05:30
Anon Ray
c19fe35f4e forward response headers from remote servers (fix #1654) (#1664) 2019-02-28 17:15:07 +05:30
Anon Ray
199a24d050 add support for multiple domains in cors config (close #1436) (#1536)
Support for multiple domains (as CSV) in the `--cors-domain` flag and `HASURA_GRAPHQL_CORS_DOMAIN` env var.

Following are all valid configurations (must include scheme and optional port):
```shell
HASURA_GRAPHQL_CORS_DOMAIN="https://*.foo.bar.com:8080"
HASURA_GRAPHQL_CORS_DOMAIN="https://*.foo.bar.com, http://*.localhost, https://example.com"
HASURA_GRAPHQL_CORS_DOMAIN="*"
HASURA_GRAPHQL_CORS_DOMAIN="http://example.com, http://*.localhost, http://localhost:3000, https://*.foo.bar.com, https://foo.bar.com"
```

**Note**: top-level domains are not considered as part of wildcard domains. You have to add them separately. E.g - `https://*.foo.com` doesn't include `https://foo.com`.

The default (if the flag or env var is not specified) is `*`. Which means CORS headers are sent for all domains.
2019-02-14 11:28:38 +05:30
Shahidh K Muhammed
11e7c3f9d6 add anonymous telemetry (#1401) 2019-01-28 19:25:28 +05:30
Rakesh Emmadi
0bf2457e23 allow exposing postgres functions through GraphQL interface (close #333) (#1073) 2019-01-25 09:01:54 +05:30
Vamshi Surabhi
ea4d2644e8
local console during development (#1252)
* console now works on local builds of the server

1. local console assets can be served at /static/ by a build time flag
'local-console'. This can be set with stack as follows:
   `stack build --flag graphql-engine:local-console`
2. the --root-dir option is removed which was used as a temporary hack
for serving graphiql
3. remove server's graphiql source code
2018-12-21 13:21:02 +05:30
Rakesh Emmadi
708a29fc89 refactor server cli code, add more cli options & version command (closes #51, #144, #1090, #1195) (#1200) 2018-12-14 08:51:41 +05:30
Vamshi Surabhi
ec8b2c80b5
refactor to remove warnings especially with orphan instances (#1163)
* remove phase one/two distinction and hdbquery typeclass

* move extensions to default-extensions

* switch to LazyTx which only acquires a connection if needed

* move defns from TH module into Ops module

* remove tojson orphan instance for http exception

* remove orphan instance for dmlp1

* getTopLevelNodes will not throw any exceptions
2018-12-13 12:56:15 +05:30
Rakesh Emmadi
ff6c95c2f8 allow ordering with aggregated fields (close #1039) (#1042) 2018-12-12 18:28:39 +05:30
Anon Ray
512ee6fb9f adds basic support for remote schemas/schema stitching (#952) 2018-11-23 18:32:46 +05:30
Vamshi Surabhi
47dcae1614
fix sql generation for boolean expressions, closes #853 (#1037)
When using self referential relationships in boolean expressions, the exists clause incorrectly uses the table names to qualify columns which will be the same for parent table and the child table. This is now fixed by generating unique aliases as we traverse down the relationships.
2018-11-16 18:10:23 +05:30
Tirumarai Selvan
d4d31838cb quote function and trigger names, allow hyphen in trigger name (#1012) 2018-11-13 11:28:55 +05:30
Rakesh Emmadi
0803738df1 refactor select query generation (#941) 2018-10-31 18:21:20 +05:30
Vamshi Surabhi
ac537330d0 explain a graphql query, similar to explain of an sql statement (close #562) (#805) 2018-10-19 07:45:28 +05:30
Vamshi Surabhi
ecf8c760ec workaround postgres default limit of 63 chars for identifiers (close #688) (#707) 2018-10-12 14:58:43 +05:30
Rakesh Emmadi
00d5a5c1a3 insert mutations can now handle nested-data/relationsips (close #343) (#429) 2018-10-05 20:43:51 +05:30
Anon Ray
75090d51b9 jwt config now takes a jwk url (close #465) (#527)
JWT config now takes an optional jwk_url parameter (which points to published JWK Set). This is useful for providers who rotate their JWK Set.

Optional jwk_url parameter is taken. The published JWK set under that URL should be in standard JWK format (tools.ietf.org/html/rfc7517#section-4.8).

If the response contains an Expires header, the JWK set is automatically refreshed.
2018-09-27 16:52:49 +05:30
Tirumarai Selvan
82e09efce6 add event triggers (#329) 2018-09-05 16:56:46 +05:30
Anon Ray
b2f88ff28a add support for jwt authorization (close #186) (#255)
The API:
1. HGE has `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var. The value of which is a JSON.

2. The structure of this JSON is: `{"type": "<standard-JWT-algorithms>", "key": "<the-key>"}`
`type` : Standard JWT algos : `HS256`, `RS256`, `RS512` etc. (see jwt.io).
`key`:
  i. Incase of symmetric key, the key as it is.
  ii. Incase of asymmetric keys, only the public key, in a PEM encoded string or as a X509 certificate.

3. The claims in the JWT token must contain the following:
  i. `x-hasura-default-role` field: default role of that user
  ii. `x-hasura-allowed-roles` : A list of allowed roles for the user. The default role is overriden by `x-hasura-role` header.

4. The claims in the JWT token,  can have other `x-hasura-*` fields where their values can only be strings.

5. The JWT tokens are sent as `Authorization: Bearer <token>` headers.

---
To test:
1. Generate a shared secret (for HMAC-SHA256) or RSA key pair.
2. Goto https://jwt.io/ , add the keys
3. Edit the claims to have `x-hasura-role` (mandatory) and other `x-hasura-*` fields. Add permissions related to the claims to test permissions.
4. Start HGE with `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var, which takes a JSON string: `{"type": "HS256", "key": "mylongsharedsecret"}` or `{"type":"RS256", "key": "<PEM-encoded-public-key>"}`
5. Copy the JWT token from jwt.io and use it in the `Authorization: Bearer <token>` header.

---
TODO: Support EC public keys. It is blocked on frasertweedale/hs-jose#61
2018-08-30 16:02:09 +05:30
Rakesh Emmadi
e3b56ac368 fix upsert queries to work on non admin roles (fix #239) (#291) 2018-08-17 20:14:43 +05:30
Rakesh Emmadi
adf973dee5 better error code when insertion check constraint fails (fix #257) (#267) 2018-08-10 17:35:07 +05:30
Rakesh Emmadi
a0590598e5 filter schema identifiers to conform to graphql naming scheme (close #134) (#211)
* filter schema identifiers to conform to graphql naming scheme,closes #134

Filter out tables, columns, relationships etc which does not conform to
graphql naming scheme.
This ensures GraphiQL initialisation works properly for existing
databases.

* rename `isGraphQLConform` to `isValidName`

* rename all graphQL validators
2018-07-27 15:20:12 +05:30
Anon Ray
62b7b800c5 check for updates every 24 hrs in background (fix #204) (#209) 2018-07-27 15:04:50 +05:30
Anon Ray
c747971f2d server tests now run across supported postgres versions >= 9.5 (fix #154) (#199) 2018-07-26 11:17:21 +05:30
Anon Ray
07ac9fe345 add more tests (#170) 2018-07-20 13:49:06 +05:30
Vamshi Surabhi
e3f960da96 initial support for livequeries (#176)
fix #59
2018-07-20 12:52:46 +05:30
Anon Ray
4270529c11 basic test suite (#78)
* server: basic test setup

* server: use the default transaction mode

* server: basic tests in yaml files

* server: restructure test setup and some more tests
2018-07-11 12:43:07 +05:30
dsandip
29654fa883
remove license file reference 2018-07-10 20:57:20 +05:30
dsandip
467988c4b4
Changes license 2018-07-10 19:48:54 +05:30
Rakesh Emmadi
400a0e3f16 server: add v1/version api, fix #34 (#37) 2018-07-03 21:04:25 +05:30
Vamshi Surabhi
47c73f750f server: use insert-ordered-containers for ordered map 2018-06-28 13:49:52 +05:30
Vamshi Surabhi
3b8c5a1848 server: use attoparsec-iso8601 for parsing time information 2018-06-28 13:49:52 +05:30
Vamshi Surabhi
530027cf20 move raven into graphql-engine repo 2018-06-28 00:32:00 +05:30