Commit Graph

591 Commits

Author SHA1 Message Date
Vamshi Surabhi
ff99b24031 fix a security issue with 1.2 2020-05-22 14:40:57 +05:30
Karthikeyan Chinnakonda
ac3076796c
Allowlist metadata Import bug (#4762)
fix bug which was not allowing the allowlist to be imported
2020-05-20 11:46:26 +05:30
Auke Booij
20cbe9cfd3
server: fix an introspection query caching issue (fix #4547) (#4661)
Introspection queries accept variables, but we need to make sure to
also touch the variables that we ignore, so that an introspection
query is marked not reusable if we are not able to build a correct
query plan for it.

A better solution here would be to deal with such unused variables
correctly, so that more introspection queries become reusable.

An even better solution would be to type-safely track *how* to reuse
which variables, rather than to split the reusage marking from the
planning.

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-05-18 14:27:56 +02:00
Tirumarai Selvan
cc8e2ccc78
Scheduled triggers (close #1914) (#3553)
server: add scheduled triggers 

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Karthikeyan Chinnakonda <karthikeyan@hasura.io>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
2020-05-13 18:03:16 +05:30
Auke Booij
2735d284c1
server: use a new version of graphql-parser-hs to avoid loss of precision (#4741)
Fixes #4733.  See also hasura/graphql-parser-hs#29.
2020-05-13 12:10:46 +02:00
Auke Booij
4d10a610f4
server: fix mishandling of GeoJSON inputs in subscriptions (fix #3239) (#4551)
* Add support for multiple top-level fields in a subscription to improve testability of subscriptions

* Add an internal flag to enable multiple subscriptions

* Add missing call to withConstructorFn in live queries (fix #3239)

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-05-13 10:09:44 +02:00
Auke Booij
ad882a93e2
tests: tear down numerics values (fix #4602) (#4604)
Also temporarily disable part of the CI to avoid it becoming confused about tests for/from old versions
2020-04-29 16:56:16 +02:00
Auke Booij
ee7c7b1672
server: allow computed fields to have access to Hasura's session variables (fix #3846) (#4486)
* Allow computed fields to have access to Hasura's session variables

* Inform about session args for computed fields in changelog and docs

* Add tests for session arguments for computed fields (and the respective errors)

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-04-27 17:07:03 +02:00
Rakesh Emmadi
d52bfcda4e
backend only insert permissions (rfc #4120) (#4224)
* move user info related code to Hasura.User module

* the RFC #4120 implementation; insert permissions with admin secret

* revert back to old RoleName based schema maps

An attempt made to avoid duplication of schema contexts in types
if any role doesn't possess any admin secret specific schema

* fix compile errors in haskell test

* keep 'user_vars' for session variables in http-logs

* no-op refacto

* tests for admin only inserts

* update docs for admin only inserts

* updated CHANGELOG.md

* default behaviour when admin secret is not set

* fix x-hasura-role to X-Hasura-Role in pytests

* introduce effective timeout in actions async tests

* update docs for admin-secret not configured case

* Update docs/graphql/manual/api-reference/schema-metadata-api/permission.rst

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* a complete iteration

backend insert permissions accessable via 'x-hasura-backend-privilege'
session variable

* console changes for backend-only permissions

* provide tooltip id; update labels and tooltips;

* requested changes

* requested changes

- remove className from Toggle component
- use appropriate function name (capitalizeFirstChar -> capitalize)

* use toggle props from definitelyTyped

* fix accidental commit

* Revert "introduce effective timeout in actions async tests"

This reverts commit b7a59c19d6.

* generate complete schema for both 'default' and 'backend' sessions

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* remove unnecessary import, export Toggle as is

* update session variable in tooltip

* 'x-hasura-use-backend-only-permissions' variable to switch

* update help texts

* update docs

* update docs

* update console help text

* regenerate package-lock

* serve no backend schema when backend_only: false and header set to true

- Few type name refactor as suggested by @0x777

* update CHANGELOG.md

* Update CHANGELOG.md

* Update CHANGELOG.md

* fix a merge bug where a certain entity didn't get removed

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: rikinsk <rikin.kachhia@gmail.com>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 14:40:53 +05:30
Rakesh Emmadi
6f100e0009
improve debug information in actions errors response (close #4031) (#4432)
* config options for internal errors for non-admin role, close #4031

More detailed action debug info is added in response 'internal' field

* add docs

* update CHANGELOG.md

* set admin graphql errors option in ci tests, minor changes to docs

* fix tests

Don't use any auth for sync actions error tests. The request body
changes based on auth type in session_variables (x-hasura-auth-mode)

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* use a new sum type to represent the inclusion of internal errors

As suggested in review by @0x777
-> Move around few modules in to specific API folder
-> Saperate types from Init.hs

* fix tests

Don't use any auth for sync actions error tests. The request body
changes based on auth type in session_variables (x-hasura-auth-mode)

* move 'HttpResponse' to 'Hasura.HTTP' module

* update change log with breaking change warning

* Update CHANGELOG.md

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 13:25:51 +05:30
Karthikeyan Chinnakonda
a8affc2cda
fix intermittent errors occur when query actions used with variables (#4527)
* don't add query actions to the plan cache

Co-authored-by: rakeshkky <12475069+rakeshkky@users.noreply.github.com>
2020-04-24 11:39:00 +05:30
Rakesh Emmadi
b51a8ece4d
fix creating relationships for custom object types with fields reusing Postgres scalars (fix #4447) (#4455)
* fix creating relationships for custom object types with fields reusing Postgres scalars, close #4447

* fix changelog entry

* rearrange entries

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 10:58:42 +05:30
Rakesh Emmadi
e983b1596e
fix recreating action's permission, fix #4377 (#4495)
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-04-22 11:29:14 +05:30
Auke Booij
b2ad3ee2ee
server: avoid integer overflows (fix #576) (fix #4368) (#4435)
* Update graphql-parser-hs and hence use `Scientific` directly

The new version of graphql-parser-hs returns Scientific and Integer
rather than Double and Int32, respectively.  So we now need to do less
work in graphql-engine, and we can process larger numbers.

In practice, this means that when inserting a bigint, we no longer
need to specify the inserted integer as text.  This is also
represented in the updated tests.

* Generate int overflow error on insert

* Document bigint insertion support in changelog
2020-04-21 15:56:15 +02:00
Auke Booij
cd2e09c6ad
server: add support for timestamps without timezone to graphql-engine (fix #1217) (#4452)
* Add support for timestamps without timezone to graphql-engine

* Add tests for aggregations on timestamps without timezones
2020-04-21 14:30:48 +02:00
Rakesh Emmadi
9b7781ee6b
introduce effective timeout in actions async tests (#4363)
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-21 15:55:56 +05:30
Auke Booij
82cdad1556
Link to pytest docs in the server test suite READMEs (#4425) 2020-04-21 11:29:16 +02:00
Karthikeyan Chinnakonda
ced6275ff0
add additional tests for testing claims_namespace_path in JWT tokens (#4481)
* add additional tests for testing claims_namespace_path in JWT tokens

- add tests for at root level and at a nested level

* modify the JWT tests

* combine the claims_namespace_path tests together in test-server.sh

* change the order of the claims_namespace_path tests

* change the order of the claims_namespace_path tests
2020-04-21 14:54:35 +05:30
Toan Nguyen
5f84669568
server: support single $ as root json path (#4482)
* support single $ json path

* support sql query with root json path

* update changelog

* update changelog

Co-authored-by: Karthikeyan Chinnakonda <karthikeyan@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-21 13:36:11 +05:30
Toan Nguyen
15c0ebf1ef
allow special characters in json path's property name (close #3890) (#3892)
* allow underscore prefix and special characters in json path

* server: Rewrite/refactor JSONPath parser

The JSONPath parser is also rewritten, the previous implementation
was written in a very explicitly “recursive descent” style, but the whole
point of using attoparsec is to be able to backtrack! Taking advantage
of the combinators makes for a much simpler parser.

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
Co-authored-by: Shahidh K Muhammed <shahidh@hasura.io>
2020-04-20 14:25:09 +05:30
Auke Booij
b2d65d16d3
server: _inc for non-integer numeric types (fix #3573) (#4429)
* Allow `_inc` to update other numeric types in addition to integers

* Add support for PostgreSQL's `money` field type

* Add support for _inc on money types

* Add note of generalized `_inc` support to changelog
2020-04-17 11:32:09 +02:00
Karthikeyan Chinnakonda
5116e16e18
server(actions): add support for queries (close #4032) (#4309)
* add support for action queries

* a new parameter `type` is added in the ArgumentDefinition, its value
  can be either `query` or `mutation` and it defaults to the latter

* throw 400 when a query action is tried to explain

* update the actions docs to include query actions

* refactor the ToJSON and ToOrdJSON of ActionDefinition

Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-16 12:55:19 +05:30
Karthikeyan Chinnakonda
a26bc80496
accept a new argument claims_namespace_path in JWT config (#4365)
* add new optional field `claims_namespace_path` in JWT config

* return value when empty array is found in executeJSONPath

* update the docs related to claims_namespace_path

* improve encodeJSONPath, add property tests for parseJSONPath

* throw error if both claims_namespace_path and claims_namespace are set

* refactor the Data.Parser.JsonPath to Data.Parser.JSONPathSpec

* update the JWT docs

Co-Authored-By: Marion Schleifer <marion@hasura.io>

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: rakeshkky <12475069+rakeshkky@users.noreply.github.com>
Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com>
2020-04-16 12:15:21 +05:30
Auke Booij
dbf0c43ca8
server: Avoid duplicated test runs (#4420)
This avoids re-running tests when a parameterized test is specified
that doesn't actually depend on its parameter.
2020-04-15 11:13:53 -05:00
Rakesh Emmadi
dc31b835e1
allow reusing Postgres scalars in custom types & actions (close #4125) (#4333)
* allow re-using Postgres scalars in custom types, close #4125

* add pytest tests

* update CHANGELOG.md

* add a doc pointer for reusable postgres scalars

* document the code, improve the CHANGELOG entry

As suggested by @lexi-lambda

* a bit more source code documentation, use WriterT to collect reused scalars

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* improve doc for Postgres scalars in custom graphql types

* Add some more references to Note; fix Haddock syntax

Also a few very minor tweaks:
  * Use HashSet instead of [] more pervasively
  * Export execWriterT from Hasura.Prelude
  * Use pattern guards in multi-way if
  * Tweak a few names/comments

* Pull buildActions out of buildAndCollectInfo, use buildInfoMap

* Tweak wording in documentation

* incorporate changes in console code

* account Postgres scalars for action input arguments

-> Avoid unnecessary 'throw500' in making action schema

* Review changes

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
2020-04-15 17:33:13 +05:30
nizar-m
0e666a9203
Fix catalog version for v1.1.1 (close #4354) (#4355)
* Fix catalog version for v1.1.1

* Remove entries of removed tables from hdb_catalog

While downgrading catalog version from 32 -> 31, not removing entries
in hdb_table and hdb_relationship for the tables that are removed in
the downgrade, results in incosistent schema, when the server with
downgraded version is started. This should probably be handled in
a better fashion.

With the change in this commit, the server is able to successfully
start with downgraded catalog version 31.

* Test downgrade command along with upgrade tests
2020-04-09 19:57:59 -05:00
Antoine Leblanc
5b54f9d766
server: add support for webhook connection expiration (#4196)
* add expiry time to webhook user info

This also adds an optional message to webhook errors: if we fail to
parse an expiry time, we will log a warning with the parse error.

* refactored Auth

This change had one main goal: put in common all expiry time
extraction code between the JWT and WebHook parts of the
code. Furthermore, this change also moves all WebHook specific code to
its own module, similarly to what is done for JWT.

* Remove dependency on string-conversions in favor of text-conversions

string-conversions silently uses UTF8 instead of being explicit about
it, and it uses lenientDecode when decoding ByteStrings when it’s
usually better to reject invalid UTF8 input outright. text-conversions
solves both those problems.

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-04-02 19:00:13 -05:00
Lyndon Maydwell
85b7c552af
Allow field names to start with reserved keywords (fix #3597) (#3927) 2020-04-02 00:27:43 -05:00
Antoine Leblanc
5b74b2e2df
server: prevent metadata checks in read-only mode (#4250)
* do not perform the metadata check in read-only mode
* improve the isAltrDropReplace regex
* quote the regex at compile-time to handle syntax errors statically

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-04-01 18:22:55 -05:00
Vamshi Surabhi
114268910a
Merge branch 'master' into issue-4035-check-computed-field 2020-03-27 14:12:59 +05:30
Antoine Leblanc
b7dba573f1
tests: fix stringify function (#4191)
The stackoverflow answer this was copied from has a glaring problem: python really dislikes a dictionary being modified while it is being iterated on. I rewrote the function to instead return a modified copy.
2020-03-26 15:21:32 -05:00
Rakesh Emmadi
fd6535b861
option to reload remote schemas in 'reload metadata' (fix #3792, #4117) (#4141)
* option to reload remote schemas in 'reload_metadata' API, fix #3792, #4117

* add tests

* update changelog

* update docs api reference for 'reload_metadata'

* send reload_remote_schemas: true with the reload_metadata query

* add reload remote schemas checkbox; minor refactor

* Add a Note about cache invalidation and inconsistent metadata objects

* Small pluralization agreement tweak in docs

* Remove duplicated line in CHANGELOG

* no-op refactor

Suggested by Alexis @lexi-lambda

* Update server/src-lib/Hasura/RQL/DDL/RemoteSchema.hs

As suggested by @lexi-lambda

Co-Authored-By: Alexis King <lexi.lambda@gmail.com>

* fix tests

* requested changes

* comment 'replaceMetadataToOrdJson' unit tests

Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-03-26 17:22:20 +05:30
Antoine Leblanc
eb81d6947a
server: add tests for track_table of a materialized view (#4155)
* server: add tests for track_table of a materialized view

In the context of #91, we discovered that materialized views were
already "automagically" supported; to ensure we don't regress on this
accidental but welcome change, this patch adds simple tests.

This is basically just a copy of `track_untrack_table`, but for
materialized views.

* Expand abbreviations

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-03-24 12:35:34 +05:30
Antoine Leblanc
d9fa299750
server: fix all EWKT warnings in python tests (#4154)
The setup in several tests was using `ST_GeomFromText`, which expects
data in the OGC WKT format, but was providing the SRID in the text
itself, which is part of the EWKT format.

The fix was simply to replace all calls to `ST_GeomFromText` to
`ST_GeomFromEWKT`.
2020-03-23 20:48:09 -05:00
Rakesh Emmadi
c12dd1bae1
Merge branch 'master' into issue-4035-check-computed-field 2020-03-23 10:44:48 +05:30
Rakesh Emmadi
f80b69e931
few actions' fixes and improvements (fix #3977, #4061 & close #4021) (#4109)
* add 'ID' to default scalars for custom types, fix #4061

* preserve cookie headers from sync action webhook, close #4021

* validate action webhook response to conform to output type, fix #3977

* fix tests, don't run actions' tests on PG version < 10

* update CHANGELOG.md

* no-op refactor, use types from http-network more

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-03-20 12:16:45 +05:30
rakeshkky
889f375ae2 Merge branch 'master' into issue-4035-check-computed-field
Resolve Conflicts:
	CHANGELOG.md
2020-03-12 10:21:43 +05:30
Rakesh Emmadi
996ce928d4
auto-include __typename field in custom types' objects (fix #4063) (#4074)
* include `__typename` field in custom types' objects, fix #4063

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-03-11 17:09:00 +05:30
rakeshkky
8c2b5ad9d3 mark skip server upgrade test for new tests 2020-03-11 16:11:12 +05:30
rakeshkky
bb2b631fae Merge branch 'master' into issue-4035-check-computed-field
Resolve Conflicts:
	CHANGELOG.md
2020-03-11 12:09:19 +05:30
Brandon Simmons
c425b554b8
server(events): utilize proper backpressure scheme (close #3839) (#4013)
* Test working through a backlog of change events

* Use a slightly more performant threaded http server in eventing pytests

This helped locally but not on CI it seems...

* Rework event processing for backpressure. Closes #3839

With loo low `HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL` and/or slow webhooks
and/or too small `HASURA_GRAPHQL_EVENTS_HTTP_POOL_SIZE` we might
previously check out events from the DB faster than we can service them,
leading to space leaks, weirdness, etc.

Other changes:
- avoid fetch interval sleep latency when we previously did a non-empty
  fetch
- prefetch event batch while http pool is working
- warn when it appears we can't keep up with events being generated
- make some effort to process events in creation order so we don't
  starve older ones.

ALSO NOTE: HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL changes semantics
slightly, since it only comes into play after an empty fetch. The old
semantics weren't documented in detail, so I think this is fine.
2020-03-11 11:57:31 +05:30
rakeshkky
9128c69a80 fix postgres query error when computed fields included in mutation response, fix #4035 2020-03-11 10:23:28 +05:30
Vamshi Surabhi
b84db36ebb
allow custom mutations through actions (#3042)
* basic doc for actions

* custom_types, sync and async actions

* switch to graphql-parser-hs on github

* update docs

* metadata import/export

* webhook calls are now supported

* relationships in sync actions

* initialise.sql is now in sync with the migration file

* fix metadata tests

* allow specifying arguments of actions

* fix blacklist check on check_build_worthiness job

* track custom_types and actions related tables

* handlers are now triggered on async actions

* default to pgjson unless a field is involved in relationships, for generating definition list

* use 'true' for action filter for non admin role

* fix create_action_permission sql query

* drop permissions when dropping an action

* add a hdb_role view (and relationships) to fetch all roles in the system

* rename 'webhook' key in action definition to 'handler'

* allow templating actions wehook URLs with env vars

* add 'update_action' /v1/query type

* allow forwarding client headers by setting `forward_client_headers` in action definition

* add 'headers' configuration in action definition

* handle webhook error response based on status codes

* support array relationships for custom types

* implement single row mutation, see https://github.com/hasura/graphql-engine/issues/3731

* single row mutation: rename 'pk_columns' -> 'columns' and no-op refactor

* use top level primary key inputs for delete_by_pk & account select permissions for single row mutations

* use only REST semantics to resolve the webhook response

* use 'pk_columns' instead of 'columns' for update_by_pk input

* add python basic tests for single row mutations

* add action context (name) in webhook payload

* Async action response is accessible for non admin roles only if
  the request session vars equals to action's

* clean nulls, empty arrays for actions, custom types in export metadata

* async action mutation returns only the UUID of the action

* unit tests for URL template parser

* Basic sync actions python tests

* fix output in async query & add async tests

* add admin secret header in async actions python test

* document async action architecture in Resolve/Action.hs file

* support actions returning array of objects

* tests for list type response actions

* update docs with actions and custom types metadata API reference

* update actions python tests as per #f8e1330

Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com>
Co-authored-by: Aravind Shankar <face11301@gmail.com>
Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-02-13 23:08:23 +05:30
Tirumarai Selvan
f8e133070b
run default tests in test_server_upgrade (#3718)
* run basic tests after upgrade

* terminate before specifying file in pytest cmd

* Move fixture definitions out of test classes

Previously we had abstract classes with the fixtures defined
in them. The test classes then inherits these super classes. This
is creating inheritence problems, especially when you want to just
inherit the tests in class, but not the fixtures. We have now moved
all those fixture definitions outside of the class (in conftest.py).
These fixtures are now used by the test classes when and where they
are required.

* Run pytests on server upgrade

Server upgrade tests are run by
  1) Run pytest with schema/metadata setup but do not do schema/metadata
teardown
  2) Upgrade the server
  3) Run pytest using the above schema and teardown at the end of the
tests
  4) Cleanup hasura metadata and start again with next set of tests

We have added options --skip-schema-setup and --skip-schema-teardown to
help running server upgrade tests.

While running the tests, we noticed that error codes and messages for
some of the tests have changed. So we have added another option to
pytest `--avoid-error-message-checks`. If this flag is set, and if
comparing expected and response message fails, and if the expected
response has an error message, Pytest will throw warnings instead of an
error.

* Use marks to specify server-upgrade tests

Not all tests can be run as serve upgrade tests, particularly those
which themselves change the schema. We introduce two pytest markers.
Marker allow_server_upgrade_test will add the test into the list of
server  upgrade  tests  that  can  be run. skip_server_upgrade_test
removes it from the list.

With this we have added tests for queries, mutations, and selected
event trigger and remote schema tests to the list of server upgrade
tests.

* Remove components not needed anymore

* Install curl

* Fix error in query validation

* Fix error in test_v1_queries.py

* install procps for server upgrade tests

* Use postgres image which has postgis installed

* set pager off with psql

* quote the bash variable WORKTREE_DIR

Co-authored-by: nizar-m <19857260+nizar-m@users.noreply.github.com>
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-02-13 14:44:02 +05:30
Phil Freeman
f615abd2f2
Add check expresion to update permissions (close #384) (#3804)
* Add check expresion to update permissions (close #384)

* wip on conflict behavior

* Handle upserts for views properly

* Use insert check if there is no update check

* Fix the test

* Improve error message slightly

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-02-13 13:08:49 +05:30
Rakesh Emmadi
3a07228525
fix casting citext column type (fix #2818) (#3861) 2020-02-11 16:02:13 +05:30
Vamshi Surabhi
2de663d2a8
Merge branch 'master' into 3759-3791-minor-metadata-build-bugfixes 2020-02-05 18:25:46 +05:30
Anon Ray
c6e34baad8
fix parsing JWK expiry time from headers on startup (fix #3655) (#3779) 2020-02-05 12:37:30 +05:30
Rakesh Emmadi
53b9cabd88
fix few bugs related to nested insert returning (fix #3609, #3642, #3271) (#3618)
* fix nested insert with returning computed fields gives error, fix #3609

* revert using ordered hashmaps, sort columns based on ordinal postion

* fix 1. keys order 2. json/jsonb column value in nested insert returning

* add a note for sorted columns

* cast 'VALUES' expression as table row type

* use single CTE expression for generating returning for nested inserts
2020-02-04 21:04:17 +05:30
Alexis King
8ef205fba5 Explicitly invalidate enum values when metadata is reloaded
This fixes #3759. Also, while we’re at it, also improve the way
invalidations are synced across instances so enums and remote schemas
are appropriately reloaded by the schema syncing process.
2020-01-30 18:17:29 -06:00
Alexis King
3cdb3841e6 Build the GraphQL context after pruning dangling dependents
fixes #3791
2020-01-30 18:17:29 -06:00
Karthikeyan Chinnakonda
b344e7f39c disable explain end-points when metadata API is disabled, fix #3717 (#3751) 2020-01-22 16:20:49 +05:30
Rakesh Emmadi
319606b5ff include scalars types returning by computed fields in generated schema (fix #3650) (#3651) 2020-01-10 22:05:07 -06:00
Tirumarai Selvan
66beb02f7b remove brotli from packaging and CI images (#3673)
* Revert "add brotli shared lib to packager image (#2924)"
This reverts commit 79414cb225.
* remove unneeded dockerfile
* remove brotli traces in ci images and compression test
Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-01-10 15:15:47 -06:00
Alexis King
06df174e8a Add missing check in SetTableCustomFields; update various test cases 2020-01-08 16:45:54 -06:00
Alexis King
25c5f97de2 Fix new hdb_table_info_agg query to fetch column base types
We mostly want to do this to make queries against information_schema
tables work, which the console cares about. information_schema tables
use types like sql_identifier, which have no corresponding array types
defined! Therefore, in order to generate valid queries for _in and _nin
conditions, we need to treat them as their base types, instead.
2020-01-08 16:45:54 -06:00
Alexis King
e2eabcd54e Properly check that custom field names do not conflict with other fields 2020-01-08 16:45:53 -06:00
Alexis King
c322e8a5d4 Use a significantly more efficient table_info_agg view
Also, use the view in Schema.Diff to share some more logic.
2020-01-08 16:45:46 -06:00
Alexis King
5b969208c6 Use arrows instead of monads to define the schema cache construction 2020-01-08 16:43:06 -06:00
Alexis King
1387722970 Refactor schema cache construction to avoid imperative updates
wip: fix error codes in remote schema tests
2020-01-08 16:43:06 -06:00
Phil Freeman
9e2c8b420b Report errors in parallel when batching (#3605)
* Report errors in parallel when batching
* Add some more test cases
2019-12-30 17:18:20 -06:00
Rakesh Emmadi
181902cc6c fix absence of "args" input field omits session variable argument, fix #3576 (#3585) 2019-12-26 16:32:48 -06:00
nizar-m
1fca7591c1 Show request id on test failures (#3556)
Right now on errors, only the expected and the actual responses are
shown. The actual response sometimes may not have all the information,
and you may have to look at the logs. In this case, request id would be
of great help to get the extra information from the logs.
2019-12-24 21:35:32 -06:00
Phil Freeman
c766881125 Support batched queries (fix #1812) (#3490) 2019-12-20 10:04:02 -06:00
Phil Freeman
b3e0595a9d Test with postgis 3.0.0 (#3519) 2019-12-18 19:32:15 -06:00
Rakesh Emmadi
421a182f64 export metadata without nulls, empty arrays & default values (#3393)
* export metadata without nulls, empty arrays
* property tests for 'ReplaceMetadata' using QuickCheck
-> Derive Arbitrary class for 'ReplaceMetadata' dependant types

* reduce property test cases number to 30
QuickCheck generates the `ReplaceMetadata` value really large
for higher number test cases. Encoded JSON for such values is large and
consumes more memory. Thus, CI is giving up while running property
tests.

* circle-ci: Add property tests as saperate job
* add no command mode to tests
* add yaml.v2 to go mod
* remove indirect comment for yaml.v2 dependency
2019-12-14 00:47:38 -06:00
Rakesh Emmadi
60acf7c081 fix json/jsonb columns as String values in nested returning of a mutation (fix #3365) (#3375) 2019-12-10 17:20:55 -06:00
Rakesh Emmadi
3f8a1d9ebf fix insert permission views are not unique for long role names (fix #3444) (#3486)
* fix insert permission views are not unique for long role names, fix #3444
* Use GHC notes reference and improve comments
2019-12-09 17:23:06 -06:00
Tirumarai Selvan
ff4b2bf8b0 bulk query should not care about access mode of select or count queries (#3467) 2019-12-04 13:16:37 -06:00
Anon Ray
afd6f30e72 read cache control header to refresh JWK (fix #3301) (#3446) 2019-12-03 14:56:59 -06:00
Rakesh Emmadi
cb682e2539 fix updating a column with multiple operators causing postgres query error (fix #3432) (#3458) 2019-12-03 14:00:37 -06:00
nizar-m
9faadec005 remove usage of deprecated 'pytest.config' (#3434)
pytest is now at version 5.3
2019-11-29 10:44:26 +05:30
Anon Ray
490b639981 refactor some internal components (#3414) 2019-11-26 17:44:21 +05:30
Rakesh Emmadi
c4c5dd87ac allow identical fields in custom column names configuration (fix #3137) & improve root fields validation (#3154)
* allow identical column fields in 'custom_column_names'
* improve validation of custom column names
* improve 'checkForFieldConflicts' & validate custom column names with non column fields
* split `validateTableConfig` into two isolated validation logic
* improve validation of root fields
* improve validating custom root fields and duplicate root fields
* move 'validateCustomRootFields' to 'buildSchemaCache'
2019-11-20 06:40:56 -06:00
Rakesh Emmadi
9b8e6b42d1 functions can access session info via input arg (close #2322) (#3143) 2019-11-20 12:17:06 +05:30
Alexis King
ec6df7c884
Merge pull request #3356 from jberryman/issue-3312-dev.sh-support-python-3.7 2019-11-15 10:39:46 -06:00
Tirumarai Selvan
d2b2a58c0e add read_only to run_sql metadata api (#3191) 2019-11-14 18:20:18 -06:00
Brandon Simmons
a1da8bcfdd Fix product_mul_price test
The intention was to make this two cases, using a top-level YAML list.
The result was one test with duplicate keys (effectively only running
the second test). This is an error that's now flagged by newer ruamel.

Both tests needed to be "corrected" to pass and need review.
2019-11-14 18:53:33 -05:00
Brandon Simmons
92b1f9c93d In tests: fix extraneous extra keys in yaml 2019-11-14 18:53:33 -05:00
Brandon Simmons
da78a77fb2 In tests/dev.sh: upgrade ruamel to support python 3.7. Closes #3312
Tested on python 3.5 and 3.7

We make light use of pyenv to set an appropriate python version if
installed. We could easily install a correct version too if we wanted
but that seemed invasive.

The newer ruamel was an annoying upgrade but also offers some
improvements that exposed some test suite issues (fixed later).
2019-11-14 18:53:33 -05:00
Tirumarai Selvan
ffeda35ff7 add few x-forwarded- headers (close #2572) (#3347) 2019-11-13 14:25:11 -06:00
Rakesh Emmadi
3888ceb24a computed fields in export/import metadata, other fixes (#3211) 2019-11-07 20:09:48 +05:30
Rakesh Emmadi
37dd0966d0 fix insert with nested returning clause fails alongside text[] column (fix #3148 & #2520) (#3198) 2019-11-06 23:14:36 -06:00
Rakesh Emmadi
1b96ebc7d2 deterministic ordering of objects in exported metadata (close #3125) (#3230)
* deterministic ordering of objects in exported metadata, close #3125
* refactor 'Hasura.RQL.DDL.Metadata'
2019-11-05 20:11:03 -06:00
Brandon Simmons
008a3df359 Comment flaky test_jsonb_has_all test 2019-11-05 15:15:25 -06:00
Brandon Simmons
a89777c808 Fix result ordering in some incorrect tests
These were generated with `--accept` and inspected individually.

Mark failing cases as xfail: #3271
2019-11-05 15:15:25 -06:00
Brandon Simmons
91aee7fdeb Test result ordering, add --accept test mode to automatically accept changed test cases
We add a new pytest flag `--accept` that will automatically write back
yaml files with updated responses. This makes it much easier and less
error-prone to update test cases when we expect output to change, or
when authoring new tests.

Second we make sure to test that we actually preserve the order of the
selection set when returning results. This is a "SHOULD" part of the
spec but seems pretty important and something that users will rely on.

To support both of the above we use ruamel.yaml which preserves a
certain amount of formatting and comments (so that --accept can work in
a failry ergonomic way), as well as ordering (so that when we write yaml
the order of keys has meaning that's preserved during parsing).

Use ruamel.yaml everywhere for consistency (since both libraries have
different quirks).

Quirks of ruamel.yaml:
- trailing whitespace in multiline strings in yaml files isn't written
  back out as we'd like: https://bitbucket.org/ruamel/yaml/issues/47/multiline-strings-being-changed-if-they
- formatting is only sort of preserved; ruamel e.g. normalizes
  indentation. Normally the diff is pretty clean though, and you can
  always just check in portions of your test file after --accept

fixup
2019-11-05 15:15:25 -06:00
Brandon Simmons
81fe4a23cf Test fixup: 'yes' being YAML synonym for 'true' is dubious
See: https://stackoverflow.com/q/57682657/176841

I don't think this is something we care about, and we need to fix this
for ruamel which uses the more sane v1.2 spec.
2019-11-05 15:15:25 -06:00
Shahidh K Muhammed
31e0225230
add tests with postgres 12 (close #2749) (#3102) 2019-10-26 11:09:57 +05:30
nizar-m
842913f566 Add tests for directives skip and include and basic tests for fragments (fix #3180) (#3185)
* Add tests for directives include and skip
* Add basic tests for fragments
2019-10-20 06:59:41 -05:00
Rakesh Emmadi
d8d21c1487 support computed fields returning scalars or set of tables (close #1387) (#2917) 2019-10-18 13:59:47 +05:30
Alexis King
e01008413e
Track variable uses within query validation for caching (fix #3097) (#3135)
This fix is a little ugly, but it’s the only simple solution without a
significant refactoring that restructures the relationship between
GraphQL/Validate and GraphQL/Resolve. The ugliness should go away if we
implement something like #2801.
2019-10-16 09:33:34 -05:00
Alexis King
c0d7402e15
Fix two enum table reference bugs (fix #2820 and #3010) (#3074)
* Include enum types in schema whenever references are visible (fix #2820)
* Fix RQL parsing for nullable enum table references (fix #3010)
2019-10-10 21:22:16 -05:00
Rakesh Emmadi
b0d60ec14f fix hdb_catalog.hdb_column view (fix #3083) (#3084) 2019-10-10 10:11:17 -05:00
Alexis King
3ef6feb394
server: Fix flaky logging test (#3081)
The changes in 0c74839934 adjusted the
format of error logs slightly to omit fields instead of including them
with null values. However, this was rarely triggered by this test
because it only looks at the first log message, but log messages can
sometimes be written out of order. This makes the test order-agnostic.
2019-10-10 08:40:19 -05:00
Rakesh Emmadi
f3b418c631 support where clause in on_conflict of insert mutation (close #2795) (#3002) 2019-10-09 05:09:20 -05:00
Toan Nguyen
0c74839934 add raw query field for error http log (close #2963) (#3020) 2019-10-07 13:04:33 -05:00
Rakesh Emmadi
8972dfb018 remove brotli compression (#2967)
Although brotli itself is MIT-licensed, the Haskell brotli library that provides bindings to it is GPL-licensed, so we cannot use it unless we get a response on haskell-hvr/brotli#1.
2019-10-05 02:20:50 -05:00
Rakesh Emmadi
084439db7e fix SQL generation if more than one aggregate order_by items present, fix #2981 (#2998) 2019-10-04 23:00:53 -05:00
Rakesh Emmadi
55a788594b update custom column names on renaming/dropping columns (#2933) 2019-10-03 13:15:52 +05:30
nizar-m
44da458c81 fix hpc combine error (close #2946) (#2947)
* Fix hpc combine error

* Do not perform ciignore

* xfail test jsonb_has_all

* Bring back ciignore

* Refer jsonb_has_all xfaul to the corresponding issue in graphql-engine-internal
2019-10-02 12:06:27 +05:30
Alexis King
18e8fbab1b
Parameterize all SQL values when multiplexing subscription queries (#2942)
Also, add support for explaining subscriptions while we’re at it.
2019-09-30 14:50:57 -05:00
Rakesh Emmadi
8a0615ff70 add gzip brotli compression to http responses (close #2674) (#2751) 2019-09-19 18:24:40 +05:30
Rakesh Emmadi
9bd5826020 allow customising graphql schema for a table (close #981) (#2509)
* allow customizing GraphQL root field names, close #981

* document v2 track_table API in reference

* support customising column field names in GraphQL schema

* [docs] add custom column fields doc in API reference

* add tests

* rename 'ColField' to 'ColumnField'

* embed column's graphql field in 'PGColumnInfo'

-> Value constructor of 'PGCol' is not exposed
-> Using 'parseJSON' to construct 'PGCol' in 'FromJSON' instances

* avoid using 'Maybe TableConfig'

* refactors & 'custom_column_fields' -> 'custom_column_names'

* cli-test: add configuration field in metadata export test

* update expected keys in `FromJSON` instance of `TableMeta`

* use `buildSchemaCacheFor` to update configuration in v2 track_table

* remove 'GraphQLName' type and use 'isValidName' exposed from parser lib

* point graphql-parser-hs library git repo to hasura

* support 'set_table_custom_fields' query API & added docs and tests
2019-09-19 10:17:36 +05:30
Alexis King
54e6439579 Change the way we determine whether or not queries are reusable
This fixes an issue where queries could incorrectly be considered
reusable if a variable was used in two positions: one where it affected
SQL generation and one where it did not.
2019-09-16 22:00:46 -05:00
Rakesh Emmadi
e5eb0c4f34 fix row comparison operator in event triggers (fix #2036) (#2868)
Update trigger is failing if any json/geometry columns are present in
event payload rows. Use '*<>' operator instead of '<>' to compare the
internal binary representation of rows if '<>' doesn’t work.
2019-09-12 18:22:01 -05:00
Rakesh Emmadi
c148e5753a support optional parameters in database url (close #1709) (#2344) 2019-09-05 15:59:26 -07:00
Rakesh Emmadi
de1ab241f8 allow creating permissions with conditions spanning tables (close #2512) (#2701) 2019-09-05 13:04:53 +05:30
Rakesh Emmadi
f7c99689da support intersect filters on raster columns (close #2613) (#2704)
* initial raster support

* _st_intersects_geom -> _st_intersects_geom_nband

* add tests

* update docs

* improve docs

As requested by @marionschleifer

* new type for raster values

Suggested by @lexi-lambda

* replace `SEUnsafe "NULL"` with SENull
2019-08-29 18:37:05 +05:30
Rakesh Emmadi
d9fb0f8780 use named notation for function arguments if any argument is not specified (fix #2730) (#2777)
* use positional arguments in SQL functions
* only allow omitting set of last arguments in functions
* disallow omitting of a non default argument in functions
2019-08-28 14:27:15 -05:00
Alexis King
ed26da59a6 Add support for GraphQL enum types via enum table references
These changes also add a new type, PGColumnType, between PGColInfo and
PGScalarType, and they process PGRawColumnType values into PGColumnType
values during schema cache generation.
2019-08-26 00:54:56 -05:00
Tirumarai Selvan
98784212e2 allow configuring timeout for remote schema calls (close #2501) (#2753) 2019-08-23 14:27:19 +05:30
Rakesh Emmadi
8ac78fdaec accept null values in order_by input field (fix #2754) (#2755) 2019-08-22 03:14:27 -05:00
Rakesh Emmadi
3527b085fd allow altering type of a column whose permissions defined only with session variables (close #2070) (#2683)
* allow altering type of a column iff session vars are defined in permissions
* use a sum type to define dependency reason
* set jwt expiry test's expiry time to 4 seconds
* derive Data instance for necessary types to simplify 'hasStaticExp'
2019-08-16 16:35:22 -05:00
Alexis King
2aa66ca6f5 Fix websocket race condition in server test suite (fix #2710) (#2712) 2019-08-12 15:14:29 +05:30
Rakesh Emmadi
a03c78854d capture Postgres error code 22025 as HTTP 400 bad request (close #2486) (#2671) 2019-08-08 15:57:42 -05:00
Vamshi Surabhi
a5a07634a5
Merge branch 'master' into dev-scripts-and-doc-tweaks 2019-08-07 12:08:46 +05:30
Anon Ray
b4a0a03631 log when request body parsing fails (fix #2555) (#2556) 2019-08-01 16:21:59 +05:30
Rakesh Emmadi
6b8a6ca48f dont use sub-query for perm limit if aggregations are absent (#2630) 2019-08-01 05:09:52 +00:00
Brandon Simmons
3a4071af09 Remove some output noise from tests 2019-07-26 01:17:55 -04:00
Brandon Simmons
bc4456eccc Add local development swiss army knife script scripts/dev.sh
At the moment we can...

...run tests in isolation, generating coverage report:

    $ dev.sh test

You can pass args to pytest as well. e.g. to run a specific test:

    $ dev.sh test -k "test_jsonb_has_all"

Launch a postgres container with useful dev defaults, with PostGIS,
cleaning up afterwards:

    $ dev.sh postgres

Build and launch graphql-engine in dev mode, connecting with a
`postgres` launched above

    $ dev.sh graphql-engine
2019-07-26 01:17:35 -04:00
Brandon Simmons
04f90dd35d pytest.exit breaks pytest-xdist and produces a misleading error 2019-07-26 01:16:17 -04:00
Vamshi Surabhi
4facb3c780 remove support for query templates (#2560)
query templates is a little known feature that lets you template rql
queries and serve them as rest apis. This is not relevant anymore
given the GraphQL interface and getting rid of it reduces the dev
time when adding features in few subsystems.

This feature has never been used outside hasura's internal projects or
documented or exposed through console and hence can safely be removed.
2019-07-23 19:11:34 +00:00
Alexis King
8f9a41ff88 Support casting between PostGIS geometry and geography types in where expressions (close #1983) (#2495)
* server: Bump dependencies to allow Haddock to run successfully

* Support casting between PostGIS geometry and geography types in filters
2019-07-15 14:22:45 +05:30
Anon Ray
c797d23a14 fix server tests (#2510) 2019-07-11 10:55:34 +00:00
Anon Ray
f2f14e727b Merge pull request from GHSA-2j98-fw5g-j43v
* fix bug in audience check while verifying JWT

  - previously the check was converting the audience type into a string
  and then comparing with the conf value. all audience types (as it is a
  string or URI) will convert to plain strings
  - use the Audience type from the jose library for comparing

* add docs for audience

* add issuer check as well

* docs minor syntax fix

* skip audience check if not given in conf

* minor docs update

* qualify import jose library
2019-07-11 09:58:39 +00:00
Ajeet D'Souza
92c4cff79e check input for empty strings for metadata api (close #2302) (#2300) 2019-07-11 09:00:45 +00:00
Ajeet D'Souza
605f8633f3 fail on tracking table/function with name conflict (close #2020) (#2383)
Currently, we allow tracking of a table with the same name as an already tracked function, and vice-versa. This causes an issue when querying from GraphQL since it will only query the table and not the function. I've made changes to disallow this by throwing an error.
2019-07-11 07:41:20 +00:00
Anon Ray
8f1e7dbc8d breaking: server logging changes (close #507, close #2171) (#1835) 2019-07-11 05:37:06 +00:00
Vamshi Surabhi
f1cf6d0b17
allow session variables in operators which expect array input (#2475) 2019-07-10 15:49:58 +05:30
Rakesh Emmadi
9eb38e6c96 cache remote schema's introspection query response (fix #1679) (#2089) 2019-07-08 11:21:41 +05:30
Anon Ray
f31c3b2887 freeze requirements.txt for server tests (#2450) 2019-07-01 13:34:48 +00:00
Rakesh Emmadi
dc84bb4e77 fix renaming of columns used in insert permission (fix #2398) (#2414) 2019-06-21 16:34:21 +05:30
Shahidh K Muhammed
a8dd3b3deb add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 18:59:03 +05:30
Rakesh Emmadi
c3c01beccc support null and default values for function arguments (close #2176, close #2250) (#2282) 2019-06-04 18:13:28 +05:30
Anon Ray
278f26b073 forward set-cookie headers from remote servers (fix #1654) (#2305) 2019-06-04 15:40:28 +05:30
Rakesh Emmadi
31cf7314e2 better change detection when altering foreign key constraints (fix #2060) (#2252)
foreign keys are considered to be dropped only if constraint oid changes
2019-06-03 15:51:55 +05:30
Anon Ray
95a27fba89 fix response for remote schema queries over ws (fix #2246) (#2248) 2019-05-29 17:21:09 +05:30
Rakesh Emmadi
2e19cbee8d keep allowed queries in sync when collections are changed, fix #2221 (#2230) 2019-05-20 15:59:32 +05:30
Rakesh Emmadi
0b210cc245 support allow-list for graphql queries (closes #989) (#2075) 2019-05-16 11:43:25 +05:30
Anon Ray
7d03e7af2f fix non-200 response for authorization errors on /v1/graphql (#2173) 2019-05-14 16:50:55 +05:30
Rakesh Emmadi
c6f40df6d5 close websocket connection on JWT expiry (fix #578) (#2156) 2019-05-14 11:54:46 +05:30
Anon Ray
ee783e142e fix sending duplicate content-type header to remote schemas (fix #2159) (#2170) 2019-05-13 18:17:01 +05:30
Tirumarai Selvan
36e49ea75b manual event triggers (close #1687) (#2077) 2019-05-13 15:11:07 +05:30
Anon Ray
a21f6cd648 introduce v1/graphql (fix #1368) (#2064)
Changes compared to `/v1alpha1/graphql`

* Changed all graphql responses in **/v1/graphql** endpoint to be 200. All graphql clients expect responses to be HTTP 200. Non-200 responses are considered transport layer errors. 

* Errors in http and websocket layer are now consistent and have similar structure.
2019-05-10 11:35:10 +05:30
Anon Ray
dfaf7d3a1f fix duplicate headers being sent to remote schema (#2118) 2019-05-06 16:57:34 +05:30
Rakesh Emmadi
b436948e7f update schema cache on a column's null-ability or type changes (fix #2101) (#2106) 2019-05-02 18:01:32 +05:30
Shahidh K Muhammed
71cf017197 add an api to dump postgres schema (close #1939) (#1967) 2019-04-30 14:04:08 +05:30
Rakesh Emmadi
7779198f54 do not enforce permission limit in aggregations (fix #1837) (#2027) 2019-04-26 13:49:59 +05:30
Rakesh Emmadi
733101bf85 compute dependencies for column operators in permissions (close #2054) (#2055) 2019-04-24 15:58:10 +05:30
Vamshi Surabhi
7151f1387f
fix validation of null values, closes #1981 (#2057) 2019-04-24 13:19:39 +05:30
Vamshi Surabhi
83c3094936
add variable name to the path when there is an error, closes #2050 (#2051) 2019-04-24 12:02:53 +05:30
Rakesh Emmadi
1d7cbc7f24 recover from inconsistent database state (closes #231) (#1863) 2019-04-17 21:59:39 +05:30
Vamshi Surabhi
ce243f5899
multiplexed subscriptions (#1934)
* add types to represent unparsed http gql requests

This will help when we add caching of frequently used ASTs

* query plan caching

* move livequery to execute

* add multiplexed module

* session variable can be customised depending on the context

Previously the value was always "current_setting('hasura.user')"

* get rid of typemap requirement in reusable plan

* subscriptions are multiplexed when possible

* use lazytx for introspection to avoid acquiring a pg connection

* refactor to make execute a completely decoupled module

* don't issue a transaction for a query

* don't use current setting for explained sql

* move postgres related types to a different module

* validate variableValues on postgres before multiplexing subs

* don't user current_setting for queries over ws

* plan_cache is only visible when developer flag is enabled

* introduce 'batch size' when multiplexing subscriptions

* bump stackage to 13.16

* fix schema_stitching test case error code

* store hashes instead of actual responses for subscriptions

* internal api to dump subscriptions state

* remove PlanCache from SchemaCacheRef

* allow live query options to be configured on server startup

* capture metrics for multiplexed subscriptions

* more metrics captured for multiplexed subs

* switch to tvar based hashmap for faster snapshotting

* livequery modules do not expose internal details

* fix typo in live query env vars

* switch to hasura's pg-client-hs
2019-04-17 15:18:41 +05:30
nizar-m
a40bf10b9f run graphql tests on both http and websocket; add parallelism (close #1868) (#1921)
Examples 
1)  `
pytest --hge-urls "http://127.0.0.1:8080" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests" -vv
`
2)  `pytest --hge-urls "http://127.0.0.1:8080"   "http://127.0.0.1:8081" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests"  "postgresql://admin@127.0.0.1:5432/hge_tests2" -vv
`
### Solution and Design
<!-- How is this issue solved/fixed? What is the design? -->
<!-- It's better if we elaborate -->
#### Reducing execution time of tests
- The Schema setup and teardown, which were earlier done per test method, usually takes around 1 sec. 
- For mutations, the model has now been changed to only do schema setup and teardown once per test class.
-  A data setup and teardown will be done once per test instead (usually takes ~10ms).
- For the test class to get this behaviour, one can can extend the class `DefaultTestMutations`. 
    - The function  `dir()` should be define which returns the location of the configuration folder.
    - Inside the configuration folder, there should be 
        - Files `<conf_dir>/schema_setup.yaml` and `<conf_dir>/schema_teardown.yaml`, which has the metadata query executed during schema setup and teardown respectively
        - Files named `<conf_dir>/values_setup.yaml` and `<conf_dir>/values_teardown.yaml`. These files are executed to setup and remove data from the tables respectively. 

#### Running Graphql queries on both http and websockets
- Each GraphQL query/mutation is run on the both HTTP and websocket protocols
- Pytests test parameterisation is used to achieve this
- The errors over websockets are slightly different from that on HTTP
   - The code takes care of converting the errors in HTTP to errors in websockets

#### Parallel executation of tests.
- The plugin pytest-xdist helps in running tests on parallel workers.
- We are using this plugin to group tests by file and run on different workers.
- Parallel test worker processes operate on separate postgres databases(and separate graphql-engines connected to these databases). Thus tests on one worker will not affect the tests on the other worker.
- With two workers, this decreases execution times by half, as the tests on event triggers usually takes a long time, but does not consume much CPU.
2019-04-08 12:52:38 +05:30
Rakesh Emmadi
3708f95036 fix input argument types for custom SQL functions (close #1952) (#1953) 2019-04-08 12:28:56 +05:30
Tirumarai Selvan
cab1aa0cb1 fix update_event_trigger query not persisting the changes (#1950)
fix #1949
2019-04-05 17:50:46 +05:30
Tirumarai Selvan
36781199d0 breaking: drop id from event_triggers table (fix #1840) (#1857) 2019-03-25 22:40:52 +05:30
Toan Nguyen
560c31f9fd add a json path argument to query values inside json columns (close #1598) (#1661) 2019-03-25 19:15:35 +05:30
Shahidh K Muhammed
b8700cce70
add spatial predicates for geography columns (close #1674) (#1735)
This PR adds support for PostGIS spatial predicates on geography columns. The predicates are _st_d_within and _st_intersects.
2019-03-25 17:59:52 +05:30
Rakesh Emmadi
5bafdce9a3 fix delete mutation returning incorrect data (fix #1794) (fix #1763) (#1827)
From `alpha-40` we've been using a `WHERE` clause to fetch required rows and generate mutation response. This has a few limitations like the requirement of a primary key/unique constraint. This also returns inconsistent data on `delete` mutation as mentioned in #1794. 
Now, we're using `VALUES (..)` (refer [here](https://www.postgresql.org/docs/current/sql-values.html)) expression to form virtual table rows in `SQL` to generate mutation response.

Internal changes:-
- Not to use primary key/unique constraint columns:-
  - Revert back to `ConstraintName` from `TableConstraint` in `TableInfo` type
  - Remove `tcCols` field in `TableConstraint` type
  - Modify `table_info.sql` and `fetchTableMeta` function `SQL`
- A test case to perform `delete` mutation and returning relational objects.
2019-03-22 12:38:42 +05:30
Vamshi Surabhi
ac1749c764 add type, variable information to input value's ast (close #21) (#1809) 2019-03-20 12:01:49 +05:30
Rakesh Emmadi
e32f5a1fb1 sync metadata cache across multiple instances connected to same db (closes #1182) (#1574)
1. Haskel library `pg-client-hs` has been updated to expose a function that helps listen to `postgres` notifications over a `channel` in this [PR](https://github.com/hasura/pg-client-hs/pull/5)
2. The server records an event in a table `hdb_catalog.hdb_cache_update_event` whenever any `/v1/query` (that changes metadata) is requested. A trigger notifies a `cache update` event via `hasura_cache_update` channel
3. The server runs two concurrent threads namely `listener` and `processor`. The `listener` thread listens to events on `hasura_cache_update` channel and pushed into a `Queue`. The `processor` thread fetches events from that `Queue` and processes it. Thus server rebuilds schema cache from database and updates.
2019-03-12 11:16:27 +05:30
Rakesh Emmadi
5f274b5527 fix mutation returning when relationships are present (fix #1576) (#1703)
If returning field contains nested selections then mutation is performed in two steps
1. Mutation is performed with returning columns of any primary key and unique constraints
2. returning fields are queried on rows returned by selecting from table by filtering with column values returned in Step 1.

Since mutation takes two courses based on selecting relations in returning field, it is hard to maintain sequence of prepared arguments (PrepArg) generated while resolving returning field. So, we're using txtConverter instead of prepare to resolve mutation fields.
2019-03-07 15:54:07 +05:30
Anon Ray
d9882fcb03 fix remote queries/mutations to work over websocket (fix #1619) (#1621) 2019-03-05 16:39:02 +05:30
Anon Ray
02d80c9ac6 read cookie while initialising websocket connection (fix #1660) (#1668)
* read cookie while initialising websocket connection (fix #1660)

* add tests for cookie on websocket init

* fix logic for tests

* enforce cors, and flag to force read cookie when cors disabled

  - as browsers don't enforce SOP on websockets, we enforce CORS policy
  on websocket handshake
  - if CORS is disabled, by default cookie is not read (because XSS
  risk!). Add special flag to force override this behaviour

* add log and forward origin header to webhook

  - add log notice when cors is disabled, and cookie is not read on
  websocket handshake
  - forward origin header to webhook in POST mode. So that when CORS is
  disabled, webhook can also enforce CORS independently.

* add docs, and forward all client headers to webhook
2019-03-04 13:16:53 +05:30
Rakesh Emmadi
377290a058 breaking: correct (de)serialisation of postgres numeric types in json (fix #1523) (#1662) 2019-03-01 17:15:04 +05:30
Rakesh Emmadi
6c20ca8a55 allow renaming tables, columns and relationships (close #79) (#1542) 2019-03-01 14:47:22 +05:30
nizar-m
1fa66dc622 add option to disable metadata and graphql apis (close #1088) (#1650) 2019-02-28 19:23:03 +05:30
Shahidh K Muhammed
097bfb6bfa revert "forward response headers from remote servers (#1664)"
This reverts commit c19fe35f4e.
2019-02-28 17:20:56 +05:30
Anon Ray
c19fe35f4e forward response headers from remote servers (fix #1654) (#1664) 2019-02-28 17:15:07 +05:30
Rakesh Emmadi
c731fde1e3 enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 16:06:42 +05:30
Rakesh Emmadi
0833d35088 generate scalar types for SQL function arguments (fix #1632) (#1633)
Also involved a refactor of the internals to localise the context needed for each field
2019-02-22 15:57:38 +05:30
nizar-m
f83a8e591f rename access-key to admin-secret (close #1347) (#1540)
Rename the admin secret key header used to access GraphQL engine from X-Hasura-Access-Key to X-Hasura-Admin-Secret.

Server CLI and console all support the older flag but marks it as deprecated.
2019-02-14 15:07:47 +05:30
Tirumarai Selvan
51dd6157e1 remove wreq and set response timeout (close #1477) (#1501) 2019-02-14 13:07:59 +05:30
Anon Ray
199a24d050 add support for multiple domains in cors config (close #1436) (#1536)
Support for multiple domains (as CSV) in the `--cors-domain` flag and `HASURA_GRAPHQL_CORS_DOMAIN` env var.

Following are all valid configurations (must include scheme and optional port):
```shell
HASURA_GRAPHQL_CORS_DOMAIN="https://*.foo.bar.com:8080"
HASURA_GRAPHQL_CORS_DOMAIN="https://*.foo.bar.com, http://*.localhost, https://example.com"
HASURA_GRAPHQL_CORS_DOMAIN="*"
HASURA_GRAPHQL_CORS_DOMAIN="http://example.com, http://*.localhost, http://localhost:3000, https://*.foo.bar.com, https://foo.bar.com"
```

**Note**: top-level domains are not considered as part of wildcard domains. You have to add them separately. E.g - `https://*.foo.com` doesn't include `https://foo.com`.

The default (if the flag or env var is not specified) is `*`. Which means CORS headers are sent for all domains.
2019-02-14 11:28:38 +05:30
Rakesh Emmadi
2054bdc44e do not allow overloading already tracked functions (#1563) 2019-02-14 09:35:18 +05:30
Rakesh Emmadi
cba732d439 support column presets in update mutation (closes #1449, closes #1464) (#1473)
Also restricts altering type of columns which are used in presets
2019-02-11 18:15:30 +05:30
Anon Ray
4f6462e98f add config for stringified hasura claims in JWT (fix #1176) (#1538) 2019-02-05 17:34:16 +05:30
Rakesh Emmadi
96f8b05326 don't allow altering tracked SQL functions type to VOLATILE (fix #1546) (#1547) 2019-02-05 11:27:03 +05:30
nizar-m
68da491d9d Improve error message when no operation specs are provided during event trigger creation (close #998) (#1541) 2019-02-01 15:07:38 +05:30
Rakesh Emmadi
3caff9b924 support jsonb and postgis operators in permissions (#1461)
* support jsonb and geometry operators on RQL bool exps, close #1408

* add tests for jsonb operators in /v1/query

TODO:-
-> add tests for geometry (postgis) operators

* support parsing session variables for st_d_within and has_key ops

-> Add tests for boolExp operators and select permissions

* improve parsing $st_d_within op's json value logic
2019-01-28 23:16:31 +05:30
Anon Ray
91c19ecf3d test jwt with invalid signtaure and expired token (#1492) 2019-01-28 22:22:43 +05:30
nizar-m
32387ba964 support union and interface types in remote schema (close #1276) (#1361) 2019-01-28 22:15:10 +05:30
Anon Ray
39bc3acffd fix conversion when merging remote schema scalars with hasura (fix #1244) (#1497) 2019-01-28 21:01:37 +05:30
Shahidh K Muhammed
11e7c3f9d6 add anonymous telemetry (#1401) 2019-01-28 19:25:28 +05:30
nizar-m
8e3b8f51c9 Support default values (in inputvalue) from the remote schema (close #1491) (#1493) 2019-01-28 18:08:38 +05:30
Rakesh Emmadi
fc73d4d30a handle the absence of any update operators, fix #1448 (#1475) 2019-01-28 12:54:24 +05:30
Tirumarai Selvan
e590144d02 send session variables in event trigger payload (close #1328) (#1458) 2019-01-28 11:42:52 +05:30
Rakesh Emmadi
0bf2457e23 allow exposing postgres functions through GraphQL interface (close #333) (#1073) 2019-01-25 09:01:54 +05:30
Vamshi Surabhi
5514b40de2
dependencies of object relationship now includes remote table, closes #1441 (#1442) 2019-01-24 18:56:13 +05:30
Rakesh Emmadi
7ff1c8829a add PostGIS operators in boolean expressions (closes #1051) (#1372) 2019-01-17 11:51:38 +05:30
Rakesh Emmadi
1008c08420 accept null and empty values for relationships during insert, closes #1352 2019-01-11 12:52:58 +05:30
Vamshi Surabhi
be1d9414f8
diff's query should account for table having no columns (#1256) 2018-12-21 15:24:22 +05:30
Vamshi Surabhi
8feff0daca
clear event_triggers when clear_metadata is called, closes #1232 (#1233) 2018-12-19 12:04:27 +05:30
Rakesh Emmadi
3026c49087 apply update permissions for upsert mutations (#628) 2018-12-15 21:40:29 +05:30
Tirumarai Selvan
6de17b303f drop trigger functions on updating event triggers (#1214) 2018-12-15 10:35:29 +05:30
Rakesh Emmadi
ff6c95c2f8 allow ordering with aggregated fields (close #1039) (#1042) 2018-12-12 18:28:39 +05:30
Anon Ray
77cbf12bb7 merge types with same structure in remote schema (closes #1112, #1135) (#1145) 2018-12-12 17:31:18 +05:30
Rakesh Emmadi
9fbd407374 parse graphql input objects and arrays as scalar values (close #1132) (#1137) 2018-12-04 19:51:58 +05:30
Rakesh Emmadi
29ba490296 conform to graphql subscription and error spec (close #1056, close #1059) (#1126) 2018-12-04 19:07:38 +05:30
Rakesh Emmadi
3ea20bc4d7 allow authentication webhook with POST (close #1138) (#1147) 2018-12-03 16:49:08 +05:30
Rakesh Emmadi
1e896a9c42 handle null values for input arguments, fix #1113 (#1123) 2018-11-27 17:54:51 +05:30
Anon Ray
0d14c13f98 metadata should be backwards compatible for remote schemas (fix #1120) (#1121) 2018-11-27 16:56:10 +05:30
Anon Ray
a509a86eaa implement internal graphql server for remote schema tests (#1117)
* implement internal graphql server for remote schema tests

* add one more graphql endpoint and more tests

* add missing dependency
2018-11-26 18:38:16 +05:30
Rakesh Emmadi
8df23ad6c9 use postgres IN experssion for _in operator (fix #1109) (#1111) 2018-11-26 15:39:55 +05:30
Anon Ray
512ee6fb9f adds basic support for remote schemas/schema stitching (#952) 2018-11-23 18:32:46 +05:30
Rakesh Emmadi
58fe579497 support Postgres's DISTINCT ON (close #1040) (#1099) 2018-11-23 07:23:56 +05:30
Rakesh Emmadi
030f094de9 handle empty array for _in and _nin operators, fix #1075 (#1076) 2018-11-21 12:28:29 +05:30
Vamshi Surabhi
47dcae1614
fix sql generation for boolean expressions, closes #853 (#1037)
When using self referential relationships in boolean expressions, the exists clause incorrectly uses the table names to qualify columns which will be the same for parent table and the child table. This is now fixed by generating unique aliases as we traverse down the relationships.
2018-11-16 18:10:23 +05:30
Rakesh Emmadi
b719e82e89 add statistical aggregate operations and count on columns (close #1028) (#1029) 2018-11-14 18:29:59 +05:30
Tirumarai Selvan
317efb81f1 event triggers: take webhook url from env (close #966) (#968) 2018-11-14 12:43:01 +05:30
Rakesh Emmadi
80de0e019a do not generate prefix for column identifiers in agg select, fix #1004 (#1005) 2018-11-12 12:58:46 +05:30
Abhinav Srivastava
c776cd84a6 update multiple files (#943) 2018-11-08 12:02:57 +05:30
Rakesh Emmadi
999580481c allow specifying a list of columns that can be inserted (close #250) (#917) 2018-11-02 20:38:38 +05:30
Rakesh Emmadi
0e9d6994ac refactor nested insert mutation and fix returning (fix #844) (#852)
* improved nested insert execution logic

* integrate error path, improve executing 'withExp' and improve tests

* add more readable types in '/Resolve/Insert.hs'

* set conflict context just before executing WITH expression
2018-11-02 19:31:01 +05:30
Rakesh Emmadi
1a91399298 extract session variables from relational bool expression (fix #960) (#961) 2018-11-02 15:06:33 +05:30
Mohammed Rishad
58ccddc76e pep8 fixes for python files (#875) 2018-10-30 14:51:58 +05:30
nizar-m
4f091e5e5b gitignore generated .tix files in pytest folder (#924) 2018-10-29 19:55:37 +05:30
nizar-m
0ffb0478b9 Tests for server with access control, and some more tests (#710)
* 1) Tests for creating permissions
2) Test for constraint_on with GraphQL insert on_conflict

* Run tests with access key and webhook

* Tests for GraphQL query with quoted columns

* Rewrite test-server.sh so that it can be run locally

* JWT based tests

* Tests with various postgres types

* For tests on select queries, run setup only once per class

* Tests for v1 count queries

* Skip teardown for tests that does not modify data

* Workaround for hpc 'parse error when reading .tix file'

* Move GeoJson tests to the new structure

* Basic tests for v1 queries

* Tests for column, table or operator not found error cases on GraphQL queries

* Skip test teardown for mutation tests which does not change database state, even when it returns 200.
2018-10-28 23:57:49 +05:30
Rakesh Emmadi
fb842fde6f optional 'set' field in insert permissions, closes #216 (#622) 2018-10-26 20:28:20 +05:30
Rakesh Emmadi
f6ed169219 allow ordering using columns from object relationships (closes #463) (#672)
* allow ordering using columns from object relationships, close #463

* validate table fields in nested insert

* add tests

* add docs

* change 'table_order_by' type from enums to ordered map

* remove unwanted code from 'Schema.hs' file

* 'AnnGObject' is not list of field name and value tuple

* update docs for new order_by type

* use 'InsOrdHashMap' for 'AnnGObj'

* handle empty fields in order_by

* remove '_' prefixes for asc/desc

* fix the changed order_by syntax across the repo
2018-10-26 17:27:33 +05:30
Rakesh Emmadi
a8cee16ab5 support aggregations (closes #786) (#787)
* support for count and aggregations on columns, close #786

* support explain query for aggregations

* '<arr-rel>_agg' in '<table>' type, fix order by for aggregations

* add 'allow_aggregations' key in select permissions

* Add checkbox to toggle count and aggregations on columns on select permission

* align aggregation checkbox with columns div

* improve readability of the generated sql

* alias is needed at the top level aggregation

* throw internal errors for unexpected fields

* rename SelFld to more readable TableAggFld

* rename agg to aggregate
2018-10-26 14:32:43 +05:30
Tirumarai Selvan
810b440089 trigger webhooks on column level changes instead of row (close #547, close #680) (#550) 2018-10-25 12:52:51 +05:30
nizar-m
cd030068c2 GeoJSON: Fix MultiPolygon parse error (closes #840) 2018-10-24 13:51:37 +05:30
Rakesh Emmadi
45691e3509 for views consider only insertable ones in generating nested insert input objects (fix #773) (#774) 2018-10-16 15:55:41 +05:30
Rakesh Emmadi
37e848ccca fix input object validation logic (fix #693) (#711) 2018-10-12 16:06:47 +05:30
Vamshi Surabhi
ecf8c760ec workaround postgres default limit of 63 chars for identifiers (close #688) (#707) 2018-10-12 14:58:43 +05:30
Rakesh Emmadi
00d5a5c1a3 insert mutations can now handle nested-data/relationsips (close #343) (#429) 2018-10-05 20:43:51 +05:30
Vamshi Surabhi
32ae105279 improved sql generation for select queries (closes #6, #121, #278) (#643)
Better SQL generation for select queries (the query plans will be the same but much more readable). This closes some long standing issues (#6, #121, #278).
2018-10-05 14:26:47 +05:30
Rakesh Emmadi
91376316f2 breaking: encode bigint and bigserial postgres types as strings in response (fix #633) (#640)
This is breaking change where bigint and bigserial Postgres types will be encoded as GraphQL String types, as opposed to Int as present in earlier releases.

Input types were already encoded as String.

This is achieved by selecting `bigint` and `bigserial` columns as `text`s in the SQL query: `select "big_id"::text ..` instead of `select "big_id" .. `.

Reason for that change is outlined in #633 where JavaScript cannot decode 64 bit Integers.
2018-10-05 10:46:21 +05:30
nizar-m
596bccde49 add python based tests, remove haskell tests
this does not generate coverage report yet
2018-10-04 18:14:15 +05:30
Rakesh Emmadi
fc7ea9213c fix non-admin insert returns null column values when query affects zero rows in postgres (fix #563) (#565)
Insert trigger function: If query affects no rows then return `null`

Insert trigger function is modified to have 
 `IF r IS NULL THEN RETURN null; ELSE RETURN r; END IF;` in return statement.
2018-09-29 11:12:47 +05:30
Tirumarai Selvan
2cd2b23b2d add custom headers for webhooks, refactor retry logic (#419) 2018-09-24 17:20:11 +05:30
Rakesh Emmadi
8f6b19d6f1 quote constraint name for non-admin inserts (fix #494) (#497)
### Description
What component does this PR affect? 

- [x] Server
### Related Issue
#494 

### Solution and Design
Use `quote_ident()` SQL function over `constraint_name` in insert trigger function definition.

### Type
- [x] Bug fix (non-breaking change which fixes an issue)
2018-09-20 20:54:20 +05:30
Aravind Shankar
729b56dd20 live queries tests for subscription (#487) 2018-09-20 07:16:03 +05:30
Tirumarai Selvan
c42af444f7 implement query to update an event trigger (#367) 2018-09-19 17:42:57 +05:30
Rakesh Emmadi
ec516ce55b allow _is_null operator for filter/check permissions (close #456) (#477) 2018-09-18 17:15:35 +05:30
nizar-m
cde559fe58 dont set non-null constraint for manual object relationships (close #462) 2018-09-18 17:01:16 +05:30
Vamshi Surabhi
85df9ac1e8 payload is now optional in connection_init message (close #470) (#471) 2018-09-18 13:13:30 +05:30
Vamshi Surabhi
534f23d1a6 python based tests (#387) 2018-09-18 11:51:57 +05:30