fullstack-build / soniq Goto Github PK
View Code? Open in Web Editor NEW🚀 soniq - A PostgreSQL centric GraphQL Framework
Home Page: https://soniq.js.org
License: MIT License
🚀 soniq - A PostgreSQL centric GraphQL Framework
Home Page: https://soniq.js.org
License: MIT License
Package
Description / Use Case for a Feature
We need some way limit the number of AuthFactorProofToken - usages.
Eg.:
A user gets an email with an AuthFactorProofToken to reset his password. At the moment he can reset the password again and again as long as the token is valid.
This is not a huge problem, however we should be able to control this.
Proposal:
Package
Describe the bug
In the example below, Project
has a relation to ProjectComment
for the field comments
. Because comments
is decorated with QueryPermissions
the schema-builder
generates the SDL for the subquery for ProjectComment
naming the ProjectCommentFilter
as type for the optional where
parameter of the subquery. Since ProjectComment
does not have a decorator for QueryPermissions
or MutationPermissions
, it does not create the SDL type ProjectCommentFilter
leading to the error, shown below.
Solution: Either withdraw the QueryPermissions
from comments
or give ProjectComment
permissions.
To Reproduce
@Entity()
export default class Project extends BaseEntity {
@PrimaryGeneratedColumn()
public readonly id!: string;
@Column({ type: "varchar", gqlType: "String", nullable: true })
public comment!: string;
@OneToMany((type) => ProjectComment, "project")
@QueryPermissions(anyone())
public comments!: ProjectComment[];
}
@Entity()
export default class ProjectComment extends BaseEntity {
@PrimaryGeneratedColumn()
public readonly id!: string;
@Column({ type: "varchar", gqlType: "String", nullable: true })
public comment!: string;
@ManyToOne((type) => Project, "comments")
public project!: Project;
}
one:b624d9:BootLoader:error 2019-08-07T17:34:34+0300 <error> index.js:80 (BootLoader.<anonymous>) BootLoader.boot.error.caught: Error: Type "ProjectCommentFilter" not found in document.
Expected behavior
To be discussed.
Always Returns "No uuid has been generated in this transaction."
Package
Description / Use Case for a Feature
To avoid possible DDos attacks on the external email and other receiving addresses, a rate-limiter shall be included in all notifications distributed by the system, e.g. 2FA SMS and so on.
Architectural integration (auth or notification) to be discussed.
This is very similar to #18.
When trying to add a computed column of Gql-Type ID
, the migration will try to set the default of the computed column to the uuid-function:
storeId: ID @computed(expression: "StoreIdFromOrder")
Error:
one:d490c7:DbSchemaBuilder:trace 2018-11-22T16:21:27+0100 <trace> index.js:235 (DbSchemaBuilder.<anonymous>) migration.sql.statement ALTER TABLE "public"."Order" ALTER COLUMN "storeId" SET DEFAULT _meta.uuid_generate_v4(); +1ms
one:d490c7:DbSchemaBuilder:warn 2018-11-22T16:21:27+0100 <warn> index.js:256 (DbSchemaBuilder.<anonymous>) migration.rollback +2ms
one:d490c7:AutoMigrate:warn 2018-11-22T16:21:27+0100 <warn> index.js:73 (AutoMigrate.<anonymous>) runMigration.error { error: column "storeId" of relation "Order" does not exist
one:d490c7:AutoMigrate:warn at Connection.parseE (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:554:11)
one:d490c7:AutoMigrate:warn at Connection.parseMessage (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:379:19)
one:d490c7:AutoMigrate:warn at Socket.<anonymous> (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:119:22)
one:d490c7:AutoMigrate:warn at Socket.emit (events.js:182:13)
one:d490c7:AutoMigrate:warn at Socket.EventEmitter.emit (domain.js:442:20)
one:d490c7:AutoMigrate:warn at addChunk (_stream_readable.js:283:12)
one:d490c7:AutoMigrate:warn at readableAddChunk (_stream_readable.js:264:11)
one:d490c7:AutoMigrate:warn at Socket.Readable.push (_stream_readable.js:219:10)
one:d490c7:AutoMigrate:warn at TCP.onStreamRead [as onread] (internal/stream_base_commons.js:94:17)
one:d490c7:AutoMigrate:warn name: 'error',
one:d490c7:AutoMigrate:warn length: 119,
one:d490c7:AutoMigrate:warn severity: 'ERROR',
one:d490c7:AutoMigrate:warn code: '42703',
one:d490c7:AutoMigrate:warn detail: undefined,
one:d490c7:AutoMigrate:warn hint: undefined,
one:d490c7:AutoMigrate:warn position: undefined,
one:d490c7:AutoMigrate:warn internalPosition: undefined,
one:d490c7:AutoMigrate:warn internalQuery: undefined,
one:d490c7:AutoMigrate:warn where: undefined,
one:d490c7:AutoMigrate:warn schema: undefined,
one:d490c7:AutoMigrate:warn table: undefined,
one:d490c7:AutoMigrate:warn column: undefined,
one:d490c7:AutoMigrate:warn dataType: undefined,
one:d490c7:AutoMigrate:warn constraint: undefined,
one:d490c7:AutoMigrate:warn file: 'tablecmds.c',
one:d490c7:AutoMigrate:warn line: '5853',
one:d490c7:AutoMigrate:warn routine: 'ATExecColumnDefault' } +3ms
In general db-migrations should just ignore columns with the @computed
directive completely.
query: CREATE TYPE "User_size_enum" AS ENUM('small', 'medium', 'large')
Geht im Prinzip schon (siehe log). Aber wenn XXX_CREATE_ME und XXX_READ_AUTH (/_PUBLIC) existiert, passiert QueryFailedError: cannot alter type of a column used by a view or rule.
query: START TRANSACTION
query: ALTER TYPE "public"."User_size_enum" RENAME TO "User_size_enum_old"
query: CREATE TYPE "User_size_enum" AS ENUM('small', 'medium', 'large', 'superLarge')
query: ALTER TABLE "User" ALTER COLUMN "size" TYPE "User_size_enum" USING "size"::"text"::"User_size_enum"
query: DROP TYPE "User_size_enum_old"
query: COMMIT
@entity({ schema: "other" })
export default class Photo extends typeorm.BaseEntity
creates
type Photo @table(schemaName: "other")
db
Paket
Fehler: Bei Create GraphQLError: No uuid has been generated in this transaction.
Fehlermeldungen ergänzen: bspw. wenn enumName da ist aber enum fehlt.
Migrations sollten auch nach dem npm run build ausführbar sein, jedes one paket registriert seine migrations
Migrations von fullstack paketen sollte beim booten programatisch gestartet werden.
inverSide argument for both OneToMany and ManyToOne. Are self-referencing relations possible?
Unique over multiple Columns -> @unique from typeorm
Indices
Completly hide typeorm behind db
rename migration table to "_migrations"
Fix: QueryFailedError: relation "Photo" already exists (Die Synchronisation failed)
events
do not work (at least on Davids Ubuntu if he uses his Docker Postgres)
Auth Decorators (privacyAgreementAcceptedVersion, ...)
Schema Builder decorators (computed, ...)
Documentation: orm-example/README.md db/ORM/README.md
Default values are not set when migrating an enum
filed.
Just a list of Ideas to not forget them: (Please add more)
Query-Builder
Permission-System
Package
Describe the bug
If a field is added to an entitiy and at the same time permissions are added, one fails on startup, because gql views are created before typeorm synchronizes the database. Ergo, column is missing during view creation.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Should not fail. (1) typeorm migrations (2) typeorm syncronization (3) graphql view and trigger migrations
https://github.com/fullstack-build/fullstack-one/blob/master/packages/db/lib/index.ts#L67
current_user_id()
call. Flag them with authRequired = true
if they do.Currently we return
{
"data": {
"createFile": null
},
"errors": [
{
"message": "jwt must be provided",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"createFile"
]
}
]
}
when the user is not authenticated.
I would prefer something more direct.
Package
Describe the bug
getUserAuthentication has no queryRunner
https://github.com/fullstack-build/fullstack-one/blob/master/packages/auth/lib/index.ts#L250
https://fullstackone.slack.com/archives/CKJJWLF17/p1564736159005500
The graphql endpoint should detect if the queries contains user-specific data.
If none of the queries include that the cache-control can be set to public
. Otherwise it's private.
Package
Description / Use Case for a Feature
Based on the proposal by @dustin https://gist.github.com/dustin-H/da58e0e831cbaabeb806b4b62920faa8
Should also have a minimal example
When I create a computed column like this
finishedProduction: Boolean! @computed(expression: "FinishedProduction", params: {})
the migration will try to add a NOT NULL Constraint to a not existing column:
one:3407d7:DbSchemaBuilder:trace 2018-11-22T00:31:37+0100 <trace> index.js:235 (DbSchemaBuilder.<anonymous>) migration.sql.statement ALTER TABLE "public"."Order" ALTER COLUMN "finishedProduction" SET NOT NULL; +1ms
one:3407d7:DbSchemaBuilder:warn 2018-11-22T00:31:37+0100 <warn> index.js:256 (DbSchemaBuilder.<anonymous>) migration.rollback +1ms
one:3407d7:AutoMigrate:warn 2018-11-22T00:31:37+0100 <warn> index.js:73 (AutoMigrate.<anonymous>) runMigration.error { error: column "finishedProduction" of relation "Order" does not exist
one:3407d7:AutoMigrate:warn at Connection.parseE (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:554:11)
one:3407d7:AutoMigrate:warn at Connection.parseMessage (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:379:19)
one:3407d7:AutoMigrate:warn at Socket.<anonymous> (/Users/hex0r/GitLab/doenastie/backend/node_modules/pg/lib/connection.js:119:22)
one:3407d7:AutoMigrate:warn at Socket.emit (events.js:182:13)
one:3407d7:AutoMigrate:warn at Socket.EventEmitter.emit (domain.js:442:20)
one:3407d7:AutoMigrate:warn at addChunk (_stream_readable.js:283:12)
one:3407d7:AutoMigrate:warn at readableAddChunk (_stream_readable.js:264:11)
one:3407d7:AutoMigrate:warn at Socket.Readable.push (_stream_readable.js:219:10)
one:3407d7:AutoMigrate:warn at TCP.onStreamRead [as onread] (internal/stream_base_commons.js:94:17)
one:3407d7:AutoMigrate:warn name: 'error',
one:3407d7:AutoMigrate:warn length: 127,
one:3407d7:AutoMigrate:warn severity: 'ERROR',
one:3407d7:AutoMigrate:warn code: '42703',
one:3407d7:AutoMigrate:warn detail: undefined,
one:3407d7:AutoMigrate:warn hint: undefined,
one:3407d7:AutoMigrate:warn position: undefined,
one:3407d7:AutoMigrate:warn internalPosition: undefined,
one:3407d7:AutoMigrate:warn internalQuery: undefined,
one:3407d7:AutoMigrate:warn where: undefined,
one:3407d7:AutoMigrate:warn schema: undefined,
one:3407d7:AutoMigrate:warn table: undefined,
one:3407d7:AutoMigrate:warn column: undefined,
one:3407d7:AutoMigrate:warn dataType: undefined,
one:3407d7:AutoMigrate:warn constraint: undefined,
one:3407d7:AutoMigrate:warn file: 'tablecmds.c',
one:3407d7:AutoMigrate:warn line: '5796',
one:3407d7:AutoMigrate:warn routine: 'ATExecSetNotNull' } +3ms
However, without !
everything works fine:
finishedProduction: Boolean @computed(expression: "FinishedProduction", params: {})
Example:
type Station @table @versioning {
id: ID! @unique
parentStation: Station @relation(name: "Station_Parent")
childStations: [Station!] @relation(name: "Station_Parent")
name: String
}
The second part of the relation (childStations
) will not be in dbMeta. However, it should.
all
Github says that we have vulnerability issues. We need to update some packages.
When Aiven is switching the Database due to automatic maintenance one seems not to be able to reconnect properly.
Also, the server does not crash, which would trigger a restart and thus a reconnect.
Currently it just loses the database-connection and gets unresponsive.
Package
Description / Use Case for a Feature
Enable custom column.
Package
Description / Use Case for a Feature
E.g. an entity has a column address. In postgres the data type for address shall be json
, but in the graphql endpoint address shall be type Address { street: String!, postalCode: String!, ... }
and in Typescript this property shall have a similar interface as for the graphql endpoint.
SchemaBuilder is generating invalid SQL when running a mutation without changing anything.
Package
Description / Use Case for a Feature
https://fullstackone.slack.com/archives/CBW1A9CU9/p1564954934001000
db
@david Was mir schonmal auffällt ist, dass am @manytomany keine Parameter erlaubt sind. Aktuell nutze ich:
@ManyToOne((type) => User, { eager: true, onDelete: "CASCADE", onUpdate: "CASCADE" })
David [vor 2 Stunden]
FYI: kann sein, dass du ein bisschen Zeug vom DbGeneralPool zum ORM migrieren musst.
David [vor 2 Stunden]
onDelete: "CASCADE", onUpdate: "CASCADE"
funktionieren nicht für Postgres.
Used only in MySQL
https://typeorm.io/#/decorator-reference/column
Eugene [vor 2 Stunden]
ich habe mich vertippt, @manytoone
Und Postgres unetrstützt es und bisher hatten wir das auch und fide ich mega wichtig
Typeorm leaves out JoinColumns like userId
when creating tables for @OneToOneJoinColumn
and for @ManyToOne
if the entity file is not imported. See orm-example
in https://github.com/fullstack-build/fullstack-one/blob/0ca8b3709d5ca772351c38c57b871742992bfaa6/examples/orm-example/index.ts
The reason is probably this: https://www.heise.de/newsticker/meldung/Firefox-59-verschleiert-Referrer-fuer-besseren-Datenschutz-3960175.html
So we need to create a security hole for this by ignoring missing referrer header.
Package
Description / Use Case for a Feature
Include the currently logged in userId as extra column in the auditing table. If no user is logged store null
.
Package
Description / Use Case for a Feature
Add triggers to entities via decorator, e.g. @Entity( trigger: { ... } )
. Add some predefined options like updatable
, deletable
and validate
.
Package
Description / Use Case for a Feature
Make the old @version
directive work again. Or more general, provide a way to provide versioning on tables, e.g. using JSON diff.
Somewhere LoggerFactory is Injected, which injects Config, which does not find a config/default.js
in .../node_modules/ava/...
.
Package
Description / Use Case for a Feature
TypeGraphql's approach can be used as inspiration. https://typegraphql.ml/docs/resolvers.html
Package
Describe the bug
When user is not logged in, createFile
mutation fails with a technical error.
To Reproduce
Execute mutation without being logged in.
Expected behavior
Not authenticated exception.
Additional context
one:42095f:Auth:warn 2019-07-26T16:06:57+0300 <warn> AuthQueryHelper.js:189 (AuthQueryHelper.<anonymous>) authenticateTransaction.error { TypeError: Cannot read property 'split' of undefined
When moved to different schemas, we need to allow the USAGE
to the general db-user:
GRANT USAGE ON SCHEMA ${schemaName} TO ${applicationUserName};
When running multiple mutations without a surrounding transaction it fails with an UNAUTHENTICATED
error:
{ code: 'INTERNAL_SERVER_ERROR',
exception:
{ message: 'AUTH.THROW.AUTHENTICATION_ERROR',
name: 'QueryFailedError',
length: 153,
severity: 'ERROR',
code: 'P0001',
detail: undefined,
hint: undefined,
position: undefined,
internalPosition: undefined,
internalQuery: undefined,
where: 'PL/pgSQL function _auth.current_user_id() line 28 at RAISE',
schema: undefined,
table: undefined,
column: undefined,
dataType: undefined,
constraint: undefined,
file: 'pl_exec.c',
line: '3323',
routine: 'exec_stmt_raise',
query:
'UPDATE "_graphql"."Some" SET "foo" = $1, "bar" = $2 WHERE id = $3;',
parameters:
[ '1',
'2,
'3',
[length]: 3 ],
stacktrace:
[ 'QueryFailedError: AUTH.THROW.AUTHENTICATION_ERROR',
' at new QueryFailedError (/root/backend/src/error/QueryFailedError.ts:9:9)',
' at Query.callback (/root/backend/src/driver/postgres/PostgresQueryRunner.ts:178:30)',
' at Query.handleError (/root/backend/node_modules/pg/lib/query.js:142:17)',
' at Connection.connectedErrorMessageHandler (/root/backend/node_modules/pg/lib/client.js:211:17)',
' at Connection.emit (events.js:182:13)',
' at Connection.EventEmitter.emit (domain.js:441:20)',
' at TLSSocket.<anonymous> (/root/backend/node_modules/pg/lib/connection.js:126:12)',
' at TLSSocket.emit (events.js:182:13)',
' at TLSSocket.EventEmitter.emit (domain.js:441:20)',
' at addChunk (_stream_readable.js:283:12)',
' at readableAddChunk (_stream_readable.js:264:11)',
' at TLSSocket.Readable.push (_stream_readable.js:219:10)',
' at TLSWrap.onStreamRead [as onread] (internal/stream_base_commons.js:94:17)',
[length]: 14 ] } } }
Package
Description / Use Case for a Feature
Currently, one has to define the type for postgres, graphql and typescript explicitly like @Column({ type: "integer", gqlType: "Int" }) public count: number;
.
Basic types like, number
string
boolean
or any
might be detected automatically using reflections and the postgres and graphql types will be set respectively. In contrasts, if the types do not match up, e.g. @Column({ type: "boolean", gqlType: "Int" }) public name: string;
,, warnings or errors can be logged or thrown.
We decided to rename permissions/_typenames
to views/_viewnames
.
Package
Description / Use Case for a Feature
Currently it is not possible to define a default expression for relations. This was possible with GQL-Type-Definitions.
Example:
@Entity()
export default class Post extends BaseEntity {
@PrimaryGeneratedColumn()
public id: string;
@Column({ gqlType: "String", type: "character varying" })
public title: string;
@ManyToOne((type) => User, "posts", { default: () => { return "_auth.current_user_id()" } })
public owner: User;
}
If I don't allow to set the owner
over GQL the post will be owned by the current user by default without forcing the user to submit an ownerId
.
Maybe this is relevant: typeorm/typeorm#2427
Package
Description / Use Case for a Feature
An empty schema.gql
should not be required to make the framework start. The framework currently fails because type Mutation
is inserted into the complete SDL but does not hold any mutation.
extend type Mutation {
"""
Some Mutation
"""
someMutation: String! @custom(resolver: "someMutation")
}
extend type Query {
"""
Some Query
"""
someQuery: String! @custom(resolver: "someQuery")
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.