* Disable the direct `create` methods for pages and applications
* Create differently named versions of create methods to avoid ambiguity
* Removed unused pageService in DatasourceServiceTest
* Rename createPlain method to createDefault to better convey intent
* Bug fixes :
1. Get actions in view mode should be open for unauthorized requests. Fixed that.
2. set transient fields in action is called post fetching all the actions (after taking care of all the permissions). At this point, we shouldnt be using permissions to fetch datasource.
* Added pageId in the ActionViewDTO and NPE check for setting the json path keys.
* Checking for both json path keys being null and not empty before copying the json path keys into action view dto.
The MAIL_FROM & REPLY_TO addresses default to appsmith@localhost. This should be changed in the generated docker.env file during deployment to actual values.
Most email providers will not send emails unless they originate from a valid sender ID.
* Encrypting the password stored in AuthenticationDTO for every db.
* Adding comment to the properties file to denote that adding encryption salt and password are mandatory to the server coming up.
* Added the encryption salt and password to server.yml to allow the github actions to succeed.
* Adding database migration to encrypt the existing passwords for authentication object (used for storing db connection username/password)
Changes to the installation script install.sh:
1. Instead of overwriting the existing encryption password or salt, giving the user an option to conserve the previous encryption credentials to ensure that the developer users do not lose access to their database configurations (passwords).
2. Added another file for writing encryption credentials (encryption.env) to ensure that we dont delete the encryption password and salt by mistake.
* On setting an application to public view, correct permissions are assigned to the application and its pages & actions.
* If anonymous user is allowed a certain permission, the all users (anonymous/logged in) should be allowed the certain permission.
* Bug fix is working. Added a test case which is not working.
* Code cleanup. Test case fixed. Now, when we set the user to enabled, we also store the password that has been passed to the flatMap.
* Minor code cleanup.
* 404 error added for a few API calls which would be specially handled on the frontend to display an ACL 404 error.
* Putting everything except GET actions, GET pages, and GET applications behind authenticated. This ensures that in the future public applications (view only) would not lead to 401 but any other page would.
* Code formatted.
* Move application configuration to be loaded from environment variables
* Remove unused sentry.properties
* Make missing value sentinel a constant and ignore all *.env files
* Removed now-used ACL properties
* Prefix RapidAPI environment variable with APPSMITH_
* Fix application properties not being loaded into static fields
* Remove application-test.properties file
* Add required env variables for test in GitHub
* Quote URLs for MongoDB and Redis in test config
* Change RAPIDAPI to RAPID_API in environment variable names
* Source .env file in the root of repo in start script
* Adding the Github action workflow for the server code
* Modifying the redis endpoint in application-test.properties to point to localhost because the Docker service exposes ports to the host
* Fixing the move action API by removing invocations to subscribe
Calling subscribe() inside function calls is an anti-pattern and we shouldn't be doing it.
The reactiveContext is not called if the subscribe() function is called in the middle of execution flows. This breaks DB queries.
* Added test case for move action.
Co-authored-by: Trisha Anand <trisha@appsmith.com>
When organizationId is null in a datasource, fail with the right error message
The organization id is subsequently used to find a matching plugin (checking for installation essentially), but when organization id is missing, this query never returns. But the error message reads as if the plugin is not installed, whereas it should've been that organization id is missing.
See merge request theappsmith/internal-tools-server!406
Race condition bug caught in remove user from organization flow where multiple applicaitons/pages/actions exist for an organization.
See merge request theappsmith/internal-tools-server!407
Bug fix : Create Organization is failing because the user is read from the session and not from the repository. Now reading the user at appropriate places.
See merge request theappsmith/internal-tools-server!405
Add server-side templates support for plugins
Two main themes in this MR:
1. Add support for saving query templates as resource files inside a plugin. This has been done for both Postgres and MongoDB plugins, based on current template contents.
2. Loading of form JSON is now reactive. The blocking call has been moved inside a `Mono.fromSupplier`.
3. The loading of from JSON as well as the templates is cached and are loaded on-demand. This means that the templates are loaded once for a plugin through the lifetime of the server process, and that they are loaded only at the first time they are needed.
4. If loading of these resources fails, we try again when they are needed the next time.
See merge request theappsmith/internal-tools-server!385
Bug Fix : Application and page can only be deleted if you have manage application/page permissions respectively.
See merge request theappsmith/internal-tools-server!395
Adding the widget names set to the default layout for a page
During action name refactor, we require the widget names to exist in the layout. Hence all default layouts must have the widgetName set.
See merge request theappsmith/internal-tools-server!387
This is to simplify the query pane on the frontend client. The client doesn't need to have separate interfaces for sql and non-sql plugins. All queries will be sent to the server in the form of a String that is parsed in different formats based on the plugin.
Also adding test cases for PostgresPlugin. Used TestContainers to simulate the postgres db in Docker inside the Java test itself. Very useful.
Fix : In getAllApplications, instead of iterating over collections of applications which could be empty, we iterate over organizations where we are guaranteed to have atleast one organization.
Adding the ForwardedHeaderTransform bean to enable spring to parse...
Adding the ForwardedHeaderTransform bean to enable spring to parse X-Forwarded-* headers from Nginx proxy
See merge request theappsmith/internal-tools-server!344
