This ensures that the client can change the config at will without depending on the platform team to add the field to the POJO.
Also deleting redundant classes and controllers for propertyPane and Widget. These are no longer required and can be removed from the codebase.
2. Add to Page changes : Documentation object has been added in Action to handle the extra Template documentation for actions that have been imported from 3p marketplace
3. Added basic structure for rapid api plugin by copy pasting the rest api plugin
Correcting the writeKey for Segment in Staging
Also adding Mono.cache in the user invite flow to ensure that the same Mono is not executed multiple times.
See merge request theappsmith/internal-tools-server!224
2. Add to Page changes : Documentation object has been added in Action to handle the extra Template documentation for actions that have been imported from 3p marketplace
3. Added basic structure for rapid api plugin by copy pasting the rest api plugin
2. Add to Page changes : Documentation object has been added in Action to handle the extra Template documentation for actions that have been imported from 3p marketplace
3. Added basic structure for rapid api plugin by copy pasting the rest api plugin
Also adding the Origin header to the BaseController create function. This is required by the user creation flow in order to customize the links in the email. For most of the controllers overriding the BaseController, the request header parameter is non-mandatory and can be skipped for testing or otherwise.
This is to ensure that setting the createdAt nad updatedAt properties by spring-data will still succeed even if the client doesn't provide us with the datasource details.
Creating an embedded datasource for the action
Now the user can create an embedded datasource as well as a saved datasource for the action.
This MR also fixes the import for a curl command by setting defaults when an action is created via the curl command. For now, the curl command only accepts short flags and not the long form flags.
See merge request theappsmith/internal-tools-server!204
We now create another list from the value provided in the properties file. All checks in the codebase are performed against this list. This ensures that there are no NPE and exceptions when the property oauth2.allowed-domains is removed from the properties file.
Correcting the error response returned by the AclFilter to match the ErrorDTO...
Correcting the error response returned by the AclFilter to match the ErrorDTO returned from controller functions
This ensures consistent responses from different parts of our application. The client can then rely on the server to provide a constistent response structure.
See merge request theappsmith/internal-tools-server!194
This ensures consistent responses from different parts of our application. The client can then rely on the server to provide a constistent response structure.
Renaming isPaginated to PaginationType to support different types of pagination on the frontend
If the API is paginated via the table's page number, then the next and prev URLs in the action don't play any role. Those fields are only required when the paginationType is of type URL. In all other scenarios, the action is executed normally.
See merge request theappsmith/internal-tools-server!192
If the API is paginated via the table's page number, then the next and prev URLs in the action don't play any role. Those fields are only required when the paginationType is of type URL. In all other scenarios, the action is executed normally.
Now, regardless of the route with which an organization is created (invitation, signup or self-create by user), the correct groups and permissions are assigned to the user.
We override the SimpleReactiveMongoRepository with our custom implementation to add criteria for filtering soft deleted records.
Also, adding a new function to archive record instead of a hard delete.
/actions should return all the actions of the current organization only.
Added organizationId to Action. This gets set only during create operation. Whenever get is performed on actions, it is filtered using organizationId.
See merge request theappsmith/internal-tools-server!164
At the moment, reactive Spring does not support AuditorAware implementation which also inserts the username of the user making the changes. Reference: https://jira.spring.io/browse/DATACMNS-1231.
This is to ensure that when we deploy in production, we can add redirect rules on Nginx. Now /api and /oauth2 urls will proxy to the API server while all other URLs will proxy to the frontend server.
Cleaning up the Github OAuth2 login flow by adding userNameAttribute to properties
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
See merge request theappsmith/internal-tools-server!156
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
The domain restriction has been done by adding parameter `hd` in the function CustomServerOAuth2AuthorizationRequestResolver#authorizationRequest. We still verify if the OAuth2 response has the parameter `hd` to ensure that no client side manipulation has been performed.
This property helps the spring security library derive the host name, protocol and port accurately even while running behind a Nginx load balancer. This is because nginx adds X-Forward-* headers that are parsed by Spring security library.
This is required for OAuth2 failure handling. When the client makes an OAuth2 request, we don't receive an origin header. If the OAuth2 login fails for some reason, our failure handler will not redirect correctly unless we also check for the referer header.
This is required because when we host inside a docker container, the default host and port picked up by the code is the docker container's name & port. This will not work when Google (for example) needs to redirect back to our server after authentication is complete. Hence, we need to customize the default redirect uri for all OAuth2 endpoints.
The issue was that the chain would receive a mono instead of an object. This would cause it to not persist the token in the DB. Moving to flatMap fixes this problem as we then deal with the actual object instead of the Mono.
Also fixing the url encoding in the email to ensure that the links generated are correct. By default mustache does HTML escaping and not URL encoding.
Also refactoring the code to use the MultiValueMap for filter params which is a generic implementation and can support filtering on multiple fields of the domain object groups. This can be replicated to other domain objects as well.
Ensuring that a user's personal workspace name is their first name by default.
This is because the full name makes the entire workspace name very long. If we just use the first name, it'll be a shorter string and easier to read by the end user as well.
See merge request theappsmith/internal-tools-server!142
