Skip to content

@hasura-bot hasura-bot released this Jul 12, 2019 · 13 commits to master since this release

Changelog

Summary

  • Improved logging 📃
  • Support for array operators in permissions 🔐
  • Caching of introspection queries on Remote Schemas ⚡️
  • JWT Analyzer on Console 🔍
  • Set cookies from Remote Schema 🍪
  • Other features & enhancements 🎁
  • Bug Fixes 🐞
  • Other changes 🖥
  • Consolidated list of 🚨 🚨 Breaking changes 🚨 🚨

Improved logging 📃

This release adds many enhancements to the server logs.

  • Logs GraphQL query and corresponding SQL (This is not enabled by default. See docs for instructions). Not that SQL is only logged for queries, not for mutations and subscriptions.
  • Introduces different log types and adds a flag/env-var to configure them
    • startup
    • query-log
    • http-log
    • websocket-log
    • webhook-log
  • Unfortunately, we had to 🚨 break 🚨 some of the existing log structure to support these changes.
    • Migrating to the new structure: If you're analysing logs, check out this migration guide to update your setup.
  • There are other internal log types which cannot be configured. Check out the PR description and docs for more information. (close #507, close #2171) (#1835)

Support for array operators in permissions 🔐

  • Session variables can now be used with operators _in, _nin, _has_keys_any and _has_keys_all.
  • This will let you define permissions like {"org_id": {"_in": "x-hasura-allowed-org-ids"}}
  • Note that the value of "x-hasura-allowed-org-ids" should be in the Postgres array literal format "{1,2,3}".
  • We’ll be adding support for passing session variables as JSON values instead of string literals wherever possible i.e. auth webhook, JWT, etc. but not in HTTP headers from client apps.
  • To implement this feature, we had to 🚨 break 🚨 some of the existing behaviour:
    • The type of input values for _in and _nin operators in the GraphQL schema has changed from [t] (t being the type of the column) to [t!]. Note that even previously, when you had a GraphQL query with say {owner_id: {_in: [1, null]}}, you would only get rows where owner_id is 1 and not rows with owner_id set as NULL. This change makes the previous behaviour explicit. It is higly unlikely that you will be affected by this change.
    • Previously, you could define a permission like {"org_id": {"_in": ["x-hasura-org-id1", "x-hasura-org-id2", ...]}. Such rules don't work as expected any more - array operators now expect a session variable to be present only at the top-level and not inside an array. In the aforementioned example, you should modify the session variables to include all the "allowed org IDs" in a single session variable, say x-hasura-allowed-org-ids, and modify the permission rule to {"org_id": {"_in": "x-hasura-allowed-org-ids"}}.
  • More information can be found in the PR description and docs (close #1333) (#2475)

Caching of introspection queries on Remote Schemas ⚡️

  • The response to introspection query on a remote schema is now cached.
  • Earlier, the remote schema used to be refreshed for every action that modified schema state.
  • Now you will have to explicitly reload the remote schema (from the console or using the API) to reflect remote changes in the Hasura generated schema.
  • The API response while adding or reloading a remote schema is improved to show the status code and response from the remote server separately. This 🚨 breaks 🚨 the previous response format.
    // previous versions
    {
      "path": "$.args[0].args",
      "error": "<Large HTML Response Body from Remote Server>",
      "code": "remote-schema-error"
    }
    
    // this version
    {
      "internal": {
        "raw_body": "<Large HTML Response Body from Remote Server>"
      },
      "path": "$.args[0].args",
      "error": "introspection query to https://remote-schema.com has responded with 404 status code",
      "code": "remote-schema-error"
    }
  • This change is also reflected in the corresponding server logs.
  • This is a huge performance improvement while executing lots of metadata actions at once, like applying migrations or tracking many tables at once. For e.g., tracking around 300 tables through console earlier took 26.31s, but now takes only 1.25s.
  • Read more in the PR description or in the docs. (fix #1679) (#2089)

JWT Analyzer on Console 🔍

  • A JWT analyzer is now part of the Graphiql section of the console - you can use this tool to quickly decrypt and analyze JWTs, especially for checking out Hasura claims, without leaving the console. (closes #1831, #1369) (#1925)

    • In JWT mode, add the JWT to the headers section of Graphiql, to see the analyzer icon:
      JWT-analyzer-icon
    • Click on the analyzer icon to see details:
      decoded-jwt

Set cookies from Remote Schema 🍪

  • Set-Cookie headers are not forwarded from remote schema servers to the clients (fix #1654) (#2305)
  • This is especially useful for auth servers configured as remote schemas

Other features & enhancements 🎁

  • server: support null and default values for function arguments (close #2176, close #2250) (#2282)
  • server: use all CPU cores by default (#2511) (#2233)
  • console: add all PG column types in table add / modify (close #223, #2035, #394, #2038) (#1933)
  • console: add json editor for json data type (fix #504) (#1181)
  • console: optimize sql used to fetch schema information on console (fix #2273) (#2280)
  • console: better change detection when altering foreign key constraints (fix #2060) (#2252)
  • console: support multi-column manual relationships from console (close #2007) (#2332)
  • console: suggest default values for columns (#2352)
  • console: add graphql-voyager to console (close #314) (#2369)
  • console: infer relationship type using uniqueness constraint of foreign key (close #969) (#2347)

Bug Fixes 🐞

  • server: fix response for remote schema queries over ws (fix #2246) (#2248)
  • server: better change detection when altering foreign key constraints (fix #2060) (#2252)
  • server: fixes a bug that caused renaming of columns to fail if it was used in an insert permission (fix #2398) (#2414)
  • server: fail on tracking table/function with name conflict (close #2020) (#2383)
  • server: check input for empty strings in metadata api action arguments (close #2302) (#2300)
  • cli, console: create down migration when a column is dropped (close #2291) (#2385)
  • console: fix handling tables with capitals in name (close #2266) (#2267)
  • server: fix server tests (#2510)
  • console: handle empty recommended type casts for some pg types (close #2258) (#2262)
  • console: fix console logging (#2268)
  • console: fix breadcrumbs and pKey unique handling (#2281)
  • console: fix loadSchema to fetch currentSchema if schemas is empty (#2283)
  • console: fix console schema update quirks (#2286)
  • console: fix head to home console error from error page (#2304)
  • console: fix console bugs (#2309)
  • console: fix fk name generation (#2320)
  • console: change events success code from 200 to 2xx (close #2335) (#2342)
  • console: fix query to fetch list of postgres types, change filter (close #2314) (#2339)
  • console: quote SQL appropriately while modifying PK (#2289)
  • console: set console subscriptions protocol based only on graphql endpoint (close #2330) (#2374)
  • console: enable add/modify/delete for event triggers and remote schemas in disabled migration mode (fix #1875) (#2366)
  • console: fix postgres query to fetch pg_types default functions (close #2399) (#2402)
  • console: clear header state for remote-schema (close #2396) (#2401)
  • console: change browse rows action buttons heading id (close #2403) (#2413)
  • console: fix browse rows query error handling + boolean filter value (close #2421) (#2440)
  • console: fix to show error notification when run sql fails in cli mode (close #2438) (#2446)
  • console: refactor AddTable validation on console (close #1712) (#2408)
  • console: change default type placeholder from 'text' to type (fix 2394) (#2458)
  • console: fix type placeholders in console insert/edit row (#2460)
  • console: fix relationship page error if array fk relationship exists with table in another schema (#2459)
  • console: handle table with no columns in console (close #2481) (#2484)
  • console: fix multiple introspection queries (#2492)
  • console: handle missing columns in permission rules (fix #2506) (#2507)
  • console: refactor schema management in console and misc fixes (#2016)
  • console: quote SQL appropriately while modifying PK (#2289)

Other changes 🖥

  • server: fix and improve help description for stripes and connections (#2278)
  • server, cli, console: update console favicons to png (#2287)
  • server: add name of ci environment to telemetry data (#2382)
  • server: add a make rule to build server docker image locally (#2410)
  • server: freeze requirements.txt for server tests (#2450)
  • server: add server version to console html (close #2444) (#2452)
  • server: Support Node v12.x and fix tests on macOS (#2455)
  • server: Clarify a few steps involved in running the server test suite (#2467)
  • server: improve code for release channel detection (#2456)
  • server: update server cabal file to reflect the correct license (#2471)
  • server: Remove obsolete/unmaintained server Haskell test suite (#2472)
  • server: allow fetching gc stats through dev api (#2489)
  • server: Merge pull request from GHSA-2j98-fw5g-j43v
  • cli: add server version to console html (close #2444) (#2452)
  • console: update modify table tests (#2245)
  • console: update console feature support checks (#2202)
  • console: render 404 for nonexistent resources (#2341)
  • console: update console dev logging + add logging disable instructions to README (#2388)
  • console: update table rename handling (#2393)
  • console: add new column row during add table only after completed prev column def (#2428)
  • console: use server version from console html (#2464)
  • console: Support Node v12.x and fix tests on macOS (#2455)
  • console: fix console license (#2470)

Consolidated list of 🚨 🚨 Breaking changes 🚨 🚨

  • Existing log structure has changed to support enhancements to logging.
  • The type of input values for _in and _nin operators in the GraphQL schema has changed from [t] (t being the type of the column) to [t!].
  • Array operators now expect a session variable to be present only at the top-level and not inside an array.
  • The API response while adding or reloading a remote schema has changed.
Assets 5
You can’t perform that action at this time.