Merge branch 'master' into addVerticalScrollbars

api/v1/controllers/samples.js

@@ -188,7 +188,7 @@ module.exports = {
    * POST /samples/upsert/bulk
    *
    * Upserts multiple samples. Returns "OK" without waiting for the upserts to
-   * happen. When "useWorkerProcess" is enabled, the bulk upsert is enqueued
+   * happen. When "enableWorkerProcess" is enabled, the bulk upsert is enqueued
    * to be processed by a separate worker process.
    *
    * @param {IncomingMessage} req - The request object
@@ -205,7 +205,7 @@ module.exports = {
     u.getUserNameFromToken(req,
       featureToggles.isFeatureEnabled('enforceWritePermission'))
     .then((userName) => {
-      if (featureToggles.isFeatureEnabled('useWorkerProcess')) {
+      if (featureToggles.isFeatureEnabled('enableWorkerProcess')) {
         const jobType = require('../../../jobQueue/setup').jobType;
         const jobWrapper = require('../../../jobQueue/jobWrapper');
 

api/v1/swagger.yaml

@@ -7213,7 +7213,7 @@ definitions:
     description: >
       Users having write permission to the subject
     properties:
-      aspectId:
+      subjectId:
         type: string
         readOnly: true
         description: >
@@ -7413,6 +7413,7 @@ parameters:
         - isPublished
         - name
         - sortBy
+        - tags
         - parentAbsolutePath
         - parentId
         - relatedLinks

clock/index.js

@@ -11,7 +11,7 @@
  *
  * Defines all the scheduled processes to execute on regular intervals.
  *
- * If a separate clock dyno is enabled ("enableClockDyno"), this is the main
+ * If a separate clock dyno is enabled ("enableClockProcess"), this is the main
  * module to start the clock process. To just start the clock process,
  * use "npm run start-clock". To start both the web and the clock processes
  * locally, use "heroku local".

clock/scheduledJobs/sampleTimeoutJob.js

@@ -44,7 +44,7 @@ function execute() {
 
 module.exports = {
   enqueue() {
-    if (featureToggles.isFeatureEnabled('useWorkerProcess')) {
+    if (featureToggles.isFeatureEnabled('enableWorkerProcess')) {
       const jobWrapper = require('../../jobQueue/jobWrapper');
       const jobType = require('../../jobQueue/setup').jobType;
       const j = jobWrapper.createJob(

config.js

@@ -20,7 +20,7 @@ const pe = process.env; // eslint-disable-line no-process-env
 const nodeEnv = pe.NODE_ENV || 'development';
 const port = pe.PORT || defaultPort;
 const defaultPayloadLimit = '200MB';
-const payloadLimit = pe.payloadLimit || defaultPayloadLimit;
+const payloadLimit = pe.REQUEST_PAYLOAD_LIMIT || defaultPayloadLimit;
 const pgdatabase = pe.PGDATABASE || 'focusdb';
 const pguser = pe.PGUSER || 'postgres';
 const pgpass = pe.PGPASS || 'postgres';
@@ -41,10 +41,10 @@ const DEFAULT_CHECK_TIMEOUT_INTERVAL_MILLIS = 30000;
 const CACHE_EXPIRY_IN_SECS = 60;
 
 // request limiter settings
-const rateLimit = pe.RATE_LIMIT;
-const rateWindow = pe.RATE_WINDOW;
-const endpointToLimit = pe.ENDPOINT_TO_LIMIT;
-const httpMethodToLimit = pe.HTTP_METHOD_TO_LIMIT;
+const rateLimit = pe.DDOS_RATE_LIMIT;
+const rateWindow = pe.DDOS_RATE_WINDOW;
+const endpointToLimit = pe.DDOS_ENDPOINT_TO_LIMIT;
+const httpMethodToLimit = pe.DDOS_HTTP_METHOD_TO_LIMIT;
 
 const DEFAULT_PERSIST_REDIS_SAMPLE_STORE_MILLISECONDS = 120000; // 2min
 

config/toggles.js

@@ -49,25 +49,12 @@ function environmentVariableTrue(processEnv, environmentVariableName) {
  * things from getting out of hand and keeping tons of dead unused code around.
  */
 const longTermToggles = {
-
-  // Disable HTTP, i.e. only use https
-  disableHttp: environmentVariableTrue(pe, 'DISABLE_HTTP'),
+  // Enable api activity logging
+  enableApiActivityLogs:
+    environmentVariableTrue(pe, 'ENABLE_API_ACTIVITY_LOGS'),
 
   // Enable heroku clock dyno
-  enableClockDyno: environmentVariableTrue(pe, 'HEROKU_CLOCK_DYNO'),
-
-  // Enforce that all API requests have valid API token
-  enforceApiToken: environmentVariableTrue(pe, 'USE_ACCESS_TOKEN'),
-
-  /*
-   * Use this setting to offload work from web processes to worker processes to
-   * achieve better web process throughput and response times.
-   */
-  useWorkerProcess: environmentVariableTrue(pe, 'USE_WORKER_PROCESS'),
-
-  // Enforce write permission on records
-  enforceWritePermission:
-    environmentVariableTrue(pe, 'ENFORCE_WRITE_PERMISSION'),
+  enableClockProcess: environmentVariableTrue(pe, 'ENABLE_CLOCK_PROCESS'),
 
   // Enable realtime activity logging
   enableRealtimeActivityLogs:
@@ -77,14 +64,26 @@ const longTermToggles = {
   enableRedisSampleStore:
     environmentVariableTrue(pe, 'ENABLE_REDIS_SAMPLE_STORE'),
 
-  // Enable api activity logging
-  enableApiActivityLogs:
-    environmentVariableTrue(pe, 'ENABLE_API_ACTIVITY_LOGS'),
-
   // Enable worker activity logging
   enableWorkerActivityLogs:
     environmentVariableTrue(pe, 'ENABLE_WORKER_ACTIVITY_LOGS'),
 
+  /*
+   * Use this setting to offload work from web processes to worker processes to
+   * achieve better web process throughput and response times.
+   */
+  enableWorkerProcess: environmentVariableTrue(pe, 'ENABLE_WORKER_PROCESS'),
+
+  // Enforce write permission on records
+  enforceWritePermission:
+    environmentVariableTrue(pe, 'ENFORCE_WRITE_PERMISSION'),
+
+  // Enforce that all API requests have valid API token
+  requireAccessToken: environmentVariableTrue(pe, 'REQUIRE_ACCESS_TOKEN'),
+
+  // Disable HTTP, i.e. only use https
+  requireHttps: environmentVariableTrue(pe, 'REQUIRE_HTTPS'),
+
 }; // longTermToggles
 
 /*

docs/docs/01-quickstart.md

@@ -296,7 +296,7 @@ POST to `v1/subjects/USA/child` using the following body:
 ```
 ### Request Rate Limiting
 
-Refocus lets you limit requests based on IP address using environment variables. Set `RATE_WINDOW` to the time interval in milliseconds after which the limits are reset and set `RATE_LIMIT` to the total number of requests allowed per IP. When the request limit is exceeded, the request is rejected with HTTP status code 429.
-For example, if you set `RATE_WINDOW=300000` and `RATE_LIMIT=250`, then only 250 requests will be allowed from any individual IP address over any rolling five minute period.
+Refocus lets you limit requests based on IP address using environment variables. Set `DDOS_RATE_WINDOW` to the time interval in milliseconds after which the limits are reset and set `DDOS_RATE_LIMIT` to the total number of requests allowed per IP. When the request limit is exceeded, the request is rejected with HTTP status code 429.
+For example, if you set `DDOS_RATE_WINDOW=300000` and `DDOS_RATE_LIMIT=250`, then only 250 requests will be allowed from any individual IP address over any rolling five minute period.
 
 *Built with love by the Site Reliability Tools team @ Salesforce.*

docs/docs/04-quickstartlocal.md

@@ -16,12 +16,12 @@ title: Quick Start Local
 1. Run `lunchy start redis` to start redis.
 1. Run `npm start` to start your Node.js server at http://localhost:3000.
 1. If you want to run the sample timeout check in a separate background process:
-    1. Start the server with environment variable (i.e. config setting) `HEROKU_CLOCK_DYNO` set to `true`.
+    1. Start the server with environment variable (i.e. config setting) `ENABLE_CLOCK_PROCESS` set to `true`.
     1. Run `npm run start-clock` to start the clock process.
 1. If you want to offload expensive work from your web process to separate worker process:
-    1. Start the server with environment variable (i.e. config setting) `USE_WORKER_PROCESS ` set to `true`.
+    1. Start the server with environment variable (i.e. config setting) `ENABLE_WORKER_PROCESS ` set to `true`.
     1. Run `npm run start-worker` to start the worker process.
-1. If you intend to deploy this on heroku and have heroku toolbelt installed, run `heroku local` to start the web, clock and worker processes all together. Make sure that the `HEROKU_CLOCK_DYNO` and `USE_WORKER_PROCESS` environment variables are set to true.  Note that the node server will be listening on port 5000 when you start it using the `heroku local` command.
+1. If you intend to deploy this on heroku and have heroku toolbelt installed, run `heroku local` to start the web, clock and worker processes all together. Make sure that the `ENABLE_CLOCK_PROCESS` and `ENABLE_WORKER_PROCESS` environment variables are set to true.  Note that the node server will be listening on port 5000 when you start it using the `heroku local` command.
 
 ### Updates
 Whenever you pull down a new version of Refocus from the git repository:

docs/docs/10-security.md

@@ -10,9 +10,9 @@ title: Security
 
 ## Admin: Turn on API Token Enforcement
 
-If you want to enforce that every request has a valid API token, start your node.js server with environment variable `USE_ACCESS_TOKEN=true`.
+If you want to enforce that every request has a valid API token, start your node.js server with environment variable `REQUIRE_ACCESS_TOKEN=true`.
 
-In heroku, [add a config variable](https://devcenter.heroku.com/articles/config-vars) called `USE_ACCESS_TOKEN` and set its value to `true`.
+In heroku, [add a config variable](https://devcenter.heroku.com/articles/config-vars) called `REQUIRE_ACCESS_TOKEN` and set its value to `true`.
 
 ## Creating a New API Token
 

index.js

@@ -98,7 +98,7 @@ function start() { // eslint-disable-line max-statements
    * attempt to do a redirect 301 to https. Reject all other requests (DELETE,
    * PATCH, POST, PUT, etc.) with a 403.
    */
-  if (featureToggles.isFeatureEnabled('disableHttp')) {
+  if (featureToggles.isFeatureEnabled('requireHttps')) {
     app.enable('trust proxy');
     app.use(enforcesSSL());
   }
@@ -134,7 +134,7 @@ function start() { // eslint-disable-line max-statements
    * If the clock dyno is NOT enabled, schedule all the scheduled jobs right
    * from here.
    */
-  if (!featureToggles.isFeatureEnabled('enableClockDyno')) {
+  if (!featureToggles.isFeatureEnabled('enableClockProcess')) {
     require('./clock/index'); // eslint-disable-line global-require
   }
 
@@ -176,7 +176,7 @@ function start() { // eslint-disable-line max-statements
     app.use(mw.swaggerMetadata());
 
     // Use token security in swagger api routes
-    if (featureToggles.isFeatureEnabled('enforceApiToken')) {
+    if (featureToggles.isFeatureEnabled('requireAccessToken')) {
       app.use(mw.swaggerSecurity({
         jwt: (req, authOrSecDef, scopes, cb) => {
           jwtUtil.verifyToken(req, cb);

package.json

@@ -40,8 +40,8 @@
     "start-worker": "node worker/jobProcessor.js",
     "test-api": "mocha -R dot --recursive tests/api",
     "test-api-log": "ENABLE_API_ACTIVITY_LOGS=true mocha -R dot --recursive tests/api",
-    "test-disablehttp": "DISABLE_HTTP=true mocha -R dot --recursive tests/disableHttp",
-    "test-enforced": "USE_ACCESS_TOKEN=true mocha -R dot --recursive tests/enforceToken",
+    "test-disablehttp": "REQUIRE_HTTPS=true mocha -R dot --recursive tests/disableHttp",
+    "test-enforced": "REQUIRE_ACCESS_TOKEN=true mocha -R dot --recursive tests/enforceToken",
     "test-db": "npm run checkdb && mocha -R dot --recursive tests/db",
     "test-cache" : "mocha -R dot --recursive tests/cache",
     "test-view": "NODE_ENV=build mocha -R dot --recursive --compilers js:babel-core/register --require ./tests/view/setup.js tests/view",

tests/api/v1/subjects/get.js

@@ -395,10 +395,25 @@ describe(`api: GET ${path}`, () => {
     });
   });
 
+  it('returns expected fields when requesting tags field', (done) => {
+    api.get(`${path}?fields=isPublished,name,tags`)
+    .set('Authorization', token)
+    .expect(constants.httpStatus.OK)
+    .end((err, res) => {
+      if (err) {
+        done(err);
+      }
+
+      expect(res.body[ZERO]).to.have.property('tags');
+      expect(res.body[ZERO]).to.have.property('name');
+      expect(res.body[ZERO]).to.have.property('isPublished');
+      done();
+    });
+  });
+
   it('pagination tests');
   it('childCount, descendentCount');
   it('by id');
   it('by abs path');
   it('returns expected fields when NOT passing ?fields=...');
-  it('sort order');
 });

tests/cache/jobQueue/bulkUpsert.js

@@ -27,7 +27,7 @@ describe('api: POST using worker process' + path, () => {
   let token;
 
   before((done) => {
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
     tu.toggleOverride('enableRedisSampleStore', true);
     tu.createToken()
     .then((returnedToken) => {
@@ -74,7 +74,7 @@ describe('api: POST using worker process' + path, () => {
 
   after(rtu.forceDelete);
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
     tu.toggleOverride('enableRedisSampleStore', false);
   });
 

tests/jobQueue/v1/bulkUpsert.js

@@ -26,7 +26,7 @@ describe('api: POST using worker process' + path, () => {
   let token;
 
   before((done) => {
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
     tu.createToken()
     .then((returnedToken) => {
       token = returnedToken;
@@ -71,7 +71,7 @@ describe('api: POST using worker process' + path, () => {
   after(u.forceDelete);
   after(tu.forceDeleteUser);
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
   });
 
   it('sample bulkUpsert should be sent to the queue', (done) => {

tests/jobQueue/v1/jobWrapper.js

@@ -18,12 +18,12 @@ const path = '/v1/samples/upsert/bulk';
 
 describe('api: POST ' + path, () => {
   before(() => {
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
   });
   after(u.forceDelete);
   after(tu.forceDeleteUser);
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
   });
 
   it('jobWrapper should let you create any job type of job', (done) => {

tests/logging/enableWorkerLog.js

@@ -31,7 +31,7 @@ describe('enableWorkerLog: api: POST ' + path, () => {
 
   before((done) => {
     jobQueue.testMode.enter();
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
     tu.toggleOverride('enableWorkerActivityLogs', true);
     tu.createToken()
     .then((returnedToken) => {
@@ -56,7 +56,7 @@ describe('enableWorkerLog: api: POST ' + path, () => {
   after(u.forceDelete);
   after(tu.forceDeleteUser);
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
     tu.toggleOverride('enableWorkerActivityLogs', false);
     jobQueue.testMode.clear();
   });
@@ -137,7 +137,7 @@ describe('enableWorkerLog: db: sample: timeout: ', () => {
 
   beforeEach((done) => {
     jobQueue.testMode.enter();
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
     tu.toggleOverride('enableWorkerActivityLogs', true);
     Aspect.create({
       isPublished: true,
@@ -205,7 +205,7 @@ describe('enableWorkerLog: db: sample: timeout: ', () => {
   });
 
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
     tu.toggleOverride('enableWorkerActivityLogs', false);
     jobQueue.testMode.clear();
   });

tests/logging/jobWrapperLogFuncs.js

@@ -23,7 +23,7 @@ describe('jobWrapper: functions ', () => {
   let token;
 
   before((done) => {
-    tu.toggleOverride('useWorkerProcess', true);
+    tu.toggleOverride('enableWorkerProcess', true);
     tu.toggleOverride('enableWorkerActivityLogs', true);
     tu.createToken()
     .then((returnedToken) => {
@@ -36,7 +36,7 @@ describe('jobWrapper: functions ', () => {
   after(u.forceDelete);
   after(tu.forceDeleteUser);
   after(() => {
-    tu.toggleOverride('useWorkerProcess', false);
+    tu.toggleOverride('enableWorkerProcess', false);
     tu.toggleOverride('enableWorkerActivityLogs', false);
   });