Commit Graph

179 Commits

Author SHA1 Message Date
Tirumarai Selvan
c0d2bc6653
Remote Joins: Create relationships across database and remote schemas (#2392)
add remote joins: Create relationships across database and remote schemas (#2392)

Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>

Co-authored-by: Chris Done <chrisdone@gmail.com>
Co-authored-by: Chris Done <github@chrisdone.com>
Co-authored-by: wawhal <rishichandra.wawhal@gmail.com>
Co-authored-by: Aravind Shankar <aravind@hasura.io>
Co-authored-by: Brandon Simmons <brandon.m.simmons@gmail.com>
Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: Brandon Simmons <brandon@hasura.io>
Co-authored-by: nizar-m <19857260+nizar-m@users.noreply.github.com>
Co-authored-by: Praveen Durairaju <praveend.web@gmail.com>
Co-authored-by: rakeshkky <12475069+rakeshkky@users.noreply.github.com>
Co-authored-by: Anon Ray <rayanon004@gmail.com>
Co-authored-by: Shahidh K Muhammed <shahidh@hasura.io>
Co-authored-by: soorajshankar <soorajshankar@users.noreply.github.com>
Co-authored-by: Sooraj Sanker <sooraj@Soorajs-MacBook-Pro.local>
Co-authored-by: Karthikeyan Chinnakonda <karthikeyan@hasura.io>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
2020-05-27 20:32:58 +05:30
rakeshkky
e347ef3e45 fix explain queries with role permissions, fix #4816 2020-05-22 14:40:57 +05:30
Vamshi Surabhi
ff99b24031 fix a security issue with 1.2 2020-05-22 14:40:57 +05:30
Auke Booij
20cbe9cfd3
server: fix an introspection query caching issue (fix #4547) (#4661)
Introspection queries accept variables, but we need to make sure to
also touch the variables that we ignore, so that an introspection
query is marked not reusable if we are not able to build a correct
query plan for it.

A better solution here would be to deal with such unused variables
correctly, so that more introspection queries become reusable.

An even better solution would be to type-safely track *how* to reuse
which variables, rather than to split the reusage marking from the
planning.

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-05-18 14:27:56 +02:00
Tirumarai Selvan
cc8e2ccc78
Scheduled triggers (close #1914) (#3553)
server: add scheduled triggers 

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Karthikeyan Chinnakonda <karthikeyan@hasura.io>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
2020-05-13 18:03:16 +05:30
Auke Booij
2735d284c1
server: use a new version of graphql-parser-hs to avoid loss of precision (#4741)
Fixes #4733.  See also hasura/graphql-parser-hs#29.
2020-05-13 12:10:46 +02:00
Auke Booij
4d10a610f4
server: fix mishandling of GeoJSON inputs in subscriptions (fix #3239) (#4551)
* Add support for multiple top-level fields in a subscription to improve testability of subscriptions

* Add an internal flag to enable multiple subscriptions

* Add missing call to withConstructorFn in live queries (fix #3239)

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-05-13 10:09:44 +02:00
Auke Booij
ad882a93e2
tests: tear down numerics values (fix #4602) (#4604)
Also temporarily disable part of the CI to avoid it becoming confused about tests for/from old versions
2020-04-29 16:56:16 +02:00
Auke Booij
ee7c7b1672
server: allow computed fields to have access to Hasura's session variables (fix #3846) (#4486)
* Allow computed fields to have access to Hasura's session variables

* Inform about session args for computed fields in changelog and docs

* Add tests for session arguments for computed fields (and the respective errors)

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-04-27 17:07:03 +02:00
Rakesh Emmadi
d52bfcda4e
backend only insert permissions (rfc #4120) (#4224)
* move user info related code to Hasura.User module

* the RFC #4120 implementation; insert permissions with admin secret

* revert back to old RoleName based schema maps

An attempt made to avoid duplication of schema contexts in types
if any role doesn't possess any admin secret specific schema

* fix compile errors in haskell test

* keep 'user_vars' for session variables in http-logs

* no-op refacto

* tests for admin only inserts

* update docs for admin only inserts

* updated CHANGELOG.md

* default behaviour when admin secret is not set

* fix x-hasura-role to X-Hasura-Role in pytests

* introduce effective timeout in actions async tests

* update docs for admin-secret not configured case

* Update docs/graphql/manual/api-reference/schema-metadata-api/permission.rst

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* a complete iteration

backend insert permissions accessable via 'x-hasura-backend-privilege'
session variable

* console changes for backend-only permissions

* provide tooltip id; update labels and tooltips;

* requested changes

* requested changes

- remove className from Toggle component
- use appropriate function name (capitalizeFirstChar -> capitalize)

* use toggle props from definitelyTyped

* fix accidental commit

* Revert "introduce effective timeout in actions async tests"

This reverts commit b7a59c19d6.

* generate complete schema for both 'default' and 'backend' sessions

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* remove unnecessary import, export Toggle as is

* update session variable in tooltip

* 'x-hasura-use-backend-only-permissions' variable to switch

* update help texts

* update docs

* update docs

* update console help text

* regenerate package-lock

* serve no backend schema when backend_only: false and header set to true

- Few type name refactor as suggested by @0x777

* update CHANGELOG.md

* Update CHANGELOG.md

* Update CHANGELOG.md

* fix a merge bug where a certain entity didn't get removed

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: rikinsk <rikin.kachhia@gmail.com>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 14:40:53 +05:30
Rakesh Emmadi
6f100e0009
improve debug information in actions errors response (close #4031) (#4432)
* config options for internal errors for non-admin role, close #4031

More detailed action debug info is added in response 'internal' field

* add docs

* update CHANGELOG.md

* set admin graphql errors option in ci tests, minor changes to docs

* fix tests

Don't use any auth for sync actions error tests. The request body
changes based on auth type in session_variables (x-hasura-auth-mode)

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* use a new sum type to represent the inclusion of internal errors

As suggested in review by @0x777
-> Move around few modules in to specific API folder
-> Saperate types from Init.hs

* fix tests

Don't use any auth for sync actions error tests. The request body
changes based on auth type in session_variables (x-hasura-auth-mode)

* move 'HttpResponse' to 'Hasura.HTTP' module

* update change log with breaking change warning

* Update CHANGELOG.md

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 13:25:51 +05:30
Karthikeyan Chinnakonda
a8affc2cda
fix intermittent errors occur when query actions used with variables (#4527)
* don't add query actions to the plan cache

Co-authored-by: rakeshkky <12475069+rakeshkky@users.noreply.github.com>
2020-04-24 11:39:00 +05:30
Rakesh Emmadi
b51a8ece4d
fix creating relationships for custom object types with fields reusing Postgres scalars (fix #4447) (#4455)
* fix creating relationships for custom object types with fields reusing Postgres scalars, close #4447

* fix changelog entry

* rearrange entries

Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 10:58:42 +05:30
Rakesh Emmadi
e983b1596e
fix recreating action's permission, fix #4377 (#4495)
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-04-22 11:29:14 +05:30
Auke Booij
b2ad3ee2ee
server: avoid integer overflows (fix #576) (fix #4368) (#4435)
* Update graphql-parser-hs and hence use `Scientific` directly

The new version of graphql-parser-hs returns Scientific and Integer
rather than Double and Int32, respectively.  So we now need to do less
work in graphql-engine, and we can process larger numbers.

In practice, this means that when inserting a bigint, we no longer
need to specify the inserted integer as text.  This is also
represented in the updated tests.

* Generate int overflow error on insert

* Document bigint insertion support in changelog
2020-04-21 15:56:15 +02:00
Auke Booij
cd2e09c6ad
server: add support for timestamps without timezone to graphql-engine (fix #1217) (#4452)
* Add support for timestamps without timezone to graphql-engine

* Add tests for aggregations on timestamps without timezones
2020-04-21 14:30:48 +02:00
Toan Nguyen
5f84669568
server: support single $ as root json path (#4482)
* support single $ json path

* support sql query with root json path

* update changelog

* update changelog

Co-authored-by: Karthikeyan Chinnakonda <karthikeyan@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-21 13:36:11 +05:30
Toan Nguyen
15c0ebf1ef
allow special characters in json path's property name (close #3890) (#3892)
* allow underscore prefix and special characters in json path

* server: Rewrite/refactor JSONPath parser

The JSONPath parser is also rewritten, the previous implementation
was written in a very explicitly “recursive descent” style, but the whole
point of using attoparsec is to be able to backtrack! Taking advantage
of the combinators makes for a much simpler parser.

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
Co-authored-by: Shahidh K Muhammed <shahidh@hasura.io>
2020-04-20 14:25:09 +05:30
Auke Booij
b2d65d16d3
server: _inc for non-integer numeric types (fix #3573) (#4429)
* Allow `_inc` to update other numeric types in addition to integers

* Add support for PostgreSQL's `money` field type

* Add support for _inc on money types

* Add note of generalized `_inc` support to changelog
2020-04-17 11:32:09 +02:00
Karthikeyan Chinnakonda
5116e16e18
server(actions): add support for queries (close #4032) (#4309)
* add support for action queries

* a new parameter `type` is added in the ArgumentDefinition, its value
  can be either `query` or `mutation` and it defaults to the latter

* throw 400 when a query action is tried to explain

* update the actions docs to include query actions

* refactor the ToJSON and ToOrdJSON of ActionDefinition

Co-authored-by: Rishichandra Wawhal <rishi@hasura.io>
Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-16 12:55:19 +05:30
Karthikeyan Chinnakonda
a26bc80496
accept a new argument claims_namespace_path in JWT config (#4365)
* add new optional field `claims_namespace_path` in JWT config

* return value when empty array is found in executeJSONPath

* update the docs related to claims_namespace_path

* improve encodeJSONPath, add property tests for parseJSONPath

* throw error if both claims_namespace_path and claims_namespace are set

* refactor the Data.Parser.JsonPath to Data.Parser.JSONPathSpec

* update the JWT docs

Co-Authored-By: Marion Schleifer <marion@hasura.io>

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: rakeshkky <12475069+rakeshkky@users.noreply.github.com>
Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com>
2020-04-16 12:15:21 +05:30
Rakesh Emmadi
dc31b835e1
allow reusing Postgres scalars in custom types & actions (close #4125) (#4333)
* allow re-using Postgres scalars in custom types, close #4125

* add pytest tests

* update CHANGELOG.md

* add a doc pointer for reusable postgres scalars

* document the code, improve the CHANGELOG entry

As suggested by @lexi-lambda

* a bit more source code documentation, use WriterT to collect reused scalars

* Apply suggestions from code review

Co-Authored-By: Marion Schleifer <marion@hasura.io>

* improve doc for Postgres scalars in custom graphql types

* Add some more references to Note; fix Haddock syntax

Also a few very minor tweaks:
  * Use HashSet instead of [] more pervasively
  * Export execWriterT from Hasura.Prelude
  * Use pattern guards in multi-way if
  * Tweak a few names/comments

* Pull buildActions out of buildAndCollectInfo, use buildInfoMap

* Tweak wording in documentation

* incorporate changes in console code

* account Postgres scalars for action input arguments

-> Avoid unnecessary 'throw500' in making action schema

* Review changes

Co-authored-by: Marion Schleifer <marion@hasura.io>
Co-authored-by: Alexis King <lexi.lambda@gmail.com>
Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
Co-authored-by: Aleksandra Sikora <ola.zxcvbnm@gmail.com>
2020-04-15 17:33:13 +05:30
Lyndon Maydwell
85b7c552af
Allow field names to start with reserved keywords (fix #3597) (#3927) 2020-04-02 00:27:43 -05:00
Antoine Leblanc
5b74b2e2df
server: prevent metadata checks in read-only mode (#4250)
* do not perform the metadata check in read-only mode
* improve the isAltrDropReplace regex
* quote the regex at compile-time to handle syntax errors statically

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-04-01 18:22:55 -05:00
Vamshi Surabhi
114268910a
Merge branch 'master' into issue-4035-check-computed-field 2020-03-27 14:12:59 +05:30
Antoine Leblanc
eb81d6947a
server: add tests for track_table of a materialized view (#4155)
* server: add tests for track_table of a materialized view

In the context of #91, we discovered that materialized views were
already "automagically" supported; to ensure we don't regress on this
accidental but welcome change, this patch adds simple tests.

This is basically just a copy of `track_untrack_table`, but for
materialized views.

* Expand abbreviations

Co-authored-by: Alexis King <lexi.lambda@gmail.com>
2020-03-24 12:35:34 +05:30
Antoine Leblanc
d9fa299750
server: fix all EWKT warnings in python tests (#4154)
The setup in several tests was using `ST_GeomFromText`, which expects
data in the OGC WKT format, but was providing the SRID in the text
itself, which is part of the EWKT format.

The fix was simply to replace all calls to `ST_GeomFromText` to
`ST_GeomFromEWKT`.
2020-03-23 20:48:09 -05:00
Rakesh Emmadi
c12dd1bae1
Merge branch 'master' into issue-4035-check-computed-field 2020-03-23 10:44:48 +05:30
Rakesh Emmadi
f80b69e931
few actions' fixes and improvements (fix #3977, #4061 & close #4021) (#4109)
* add 'ID' to default scalars for custom types, fix #4061

* preserve cookie headers from sync action webhook, close #4021

* validate action webhook response to conform to output type, fix #3977

* fix tests, don't run actions' tests on PG version < 10

* update CHANGELOG.md

* no-op refactor, use types from http-network more

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-03-20 12:16:45 +05:30
rakeshkky
889f375ae2 Merge branch 'master' into issue-4035-check-computed-field
Resolve Conflicts:
	CHANGELOG.md
2020-03-12 10:21:43 +05:30
Rakesh Emmadi
996ce928d4
auto-include __typename field in custom types' objects (fix #4063) (#4074)
* include `__typename` field in custom types' objects, fix #4063

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-03-11 17:09:00 +05:30
rakeshkky
9128c69a80 fix postgres query error when computed fields included in mutation response, fix #4035 2020-03-11 10:23:28 +05:30
Vamshi Surabhi
b84db36ebb
allow custom mutations through actions (#3042)
* basic doc for actions

* custom_types, sync and async actions

* switch to graphql-parser-hs on github

* update docs

* metadata import/export

* webhook calls are now supported

* relationships in sync actions

* initialise.sql is now in sync with the migration file

* fix metadata tests

* allow specifying arguments of actions

* fix blacklist check on check_build_worthiness job

* track custom_types and actions related tables

* handlers are now triggered on async actions

* default to pgjson unless a field is involved in relationships, for generating definition list

* use 'true' for action filter for non admin role

* fix create_action_permission sql query

* drop permissions when dropping an action

* add a hdb_role view (and relationships) to fetch all roles in the system

* rename 'webhook' key in action definition to 'handler'

* allow templating actions wehook URLs with env vars

* add 'update_action' /v1/query type

* allow forwarding client headers by setting `forward_client_headers` in action definition

* add 'headers' configuration in action definition

* handle webhook error response based on status codes

* support array relationships for custom types

* implement single row mutation, see https://github.com/hasura/graphql-engine/issues/3731

* single row mutation: rename 'pk_columns' -> 'columns' and no-op refactor

* use top level primary key inputs for delete_by_pk & account select permissions for single row mutations

* use only REST semantics to resolve the webhook response

* use 'pk_columns' instead of 'columns' for update_by_pk input

* add python basic tests for single row mutations

* add action context (name) in webhook payload

* Async action response is accessible for non admin roles only if
  the request session vars equals to action's

* clean nulls, empty arrays for actions, custom types in export metadata

* async action mutation returns only the UUID of the action

* unit tests for URL template parser

* Basic sync actions python tests

* fix output in async query & add async tests

* add admin secret header in async actions python test

* document async action architecture in Resolve/Action.hs file

* support actions returning array of objects

* tests for list type response actions

* update docs with actions and custom types metadata API reference

* update actions python tests as per #f8e1330

Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com>
Co-authored-by: Aravind Shankar <face11301@gmail.com>
Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-02-13 23:08:23 +05:30
Phil Freeman
f615abd2f2
Add check expresion to update permissions (close #384) (#3804)
* Add check expresion to update permissions (close #384)

* wip on conflict behavior

* Handle upserts for views properly

* Use insert check if there is no update check

* Fix the test

* Improve error message slightly

Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-02-13 13:08:49 +05:30
Rakesh Emmadi
3a07228525
fix casting citext column type (fix #2818) (#3861) 2020-02-11 16:02:13 +05:30
Vamshi Surabhi
2de663d2a8
Merge branch 'master' into 3759-3791-minor-metadata-build-bugfixes 2020-02-05 18:25:46 +05:30
Rakesh Emmadi
53b9cabd88
fix few bugs related to nested insert returning (fix #3609, #3642, #3271) (#3618)
* fix nested insert with returning computed fields gives error, fix #3609

* revert using ordered hashmaps, sort columns based on ordinal postion

* fix 1. keys order 2. json/jsonb column value in nested insert returning

* add a note for sorted columns

* cast 'VALUES' expression as table row type

* use single CTE expression for generating returning for nested inserts
2020-02-04 21:04:17 +05:30
Alexis King
8ef205fba5 Explicitly invalidate enum values when metadata is reloaded
This fixes #3759. Also, while we’re at it, also improve the way
invalidations are synced across instances so enums and remote schemas
are appropriately reloaded by the schema syncing process.
2020-01-30 18:17:29 -06:00
Rakesh Emmadi
319606b5ff include scalars types returning by computed fields in generated schema (fix #3650) (#3651) 2020-01-10 22:05:07 -06:00
Alexis King
06df174e8a Add missing check in SetTableCustomFields; update various test cases 2020-01-08 16:45:54 -06:00
Alexis King
25c5f97de2 Fix new hdb_table_info_agg query to fetch column base types
We mostly want to do this to make queries against information_schema
tables work, which the console cares about. information_schema tables
use types like sql_identifier, which have no corresponding array types
defined! Therefore, in order to generate valid queries for _in and _nin
conditions, we need to treat them as their base types, instead.
2020-01-08 16:45:54 -06:00
Alexis King
e2eabcd54e Properly check that custom field names do not conflict with other fields 2020-01-08 16:45:53 -06:00
Alexis King
c322e8a5d4 Use a significantly more efficient table_info_agg view
Also, use the view in Schema.Diff to share some more logic.
2020-01-08 16:45:46 -06:00
Alexis King
5b969208c6 Use arrows instead of monads to define the schema cache construction 2020-01-08 16:43:06 -06:00
Alexis King
1387722970 Refactor schema cache construction to avoid imperative updates
wip: fix error codes in remote schema tests
2020-01-08 16:43:06 -06:00
Phil Freeman
9e2c8b420b Report errors in parallel when batching (#3605)
* Report errors in parallel when batching
* Add some more test cases
2019-12-30 17:18:20 -06:00
Rakesh Emmadi
181902cc6c fix absence of "args" input field omits session variable argument, fix #3576 (#3585) 2019-12-26 16:32:48 -06:00
Phil Freeman
c766881125 Support batched queries (fix #1812) (#3490) 2019-12-20 10:04:02 -06:00
Phil Freeman
b3e0595a9d Test with postgis 3.0.0 (#3519) 2019-12-18 19:32:15 -06:00
Rakesh Emmadi
421a182f64 export metadata without nulls, empty arrays & default values (#3393)
* export metadata without nulls, empty arrays
* property tests for 'ReplaceMetadata' using QuickCheck
-> Derive Arbitrary class for 'ReplaceMetadata' dependant types

* reduce property test cases number to 30
QuickCheck generates the `ReplaceMetadata` value really large
for higher number test cases. Encoded JSON for such values is large and
consumes more memory. Thus, CI is giving up while running property
tests.

* circle-ci: Add property tests as saperate job
* add no command mode to tests
* add yaml.v2 to go mod
* remove indirect comment for yaml.v2 dependency
2019-12-14 00:47:38 -06:00