* fix(errors): all error should define a status code (default is 500)
- rename NoInviteFoundError to InviteNotFoundError to match xNotFoundError pattern
* remove unused errors
* blocking workspace project invites from incorrect resolver
* invite create validation fixes + tests
* fix for email added on decline
* doing init validation on finalization as well
* more tests
* fix(server): allow accepting an email invite even if already a member
* fix(fe2): support accepting invites even if a workspace member already
* blocking workspace project invites from incorrect resolver
* invite create validation fixes + tests
* fix for email added on decline
* doing init validation on finalization as well
* more tests
* list invites table
* invites list works
* update last reminded date on resend
* fix FE
* WIP invitedialog + updated debounced utility
* invite create works
* exclude users correctly
* more adjustments
* minor cleanup
* using workspace invite server role
* test fix
* fixed multiple root eslint issues
* minor adjustments
* prep for new resources algo
* typescriptifying stuff
* minor types fix
* migrate to resources col
* repo & creation updated, WIP processing/retrieval
* WIP invite processing
* finished finalization refactor
* project invite management
* transformed all invites services
* fixed up projects & core serverinvites resolvers
* test fixes
* WIP workspace create GQL & test
* basic invite creation test works
* a buncha working tests
* more tests
* cancelation tests
* minor invite use refactor
* invite retrieval tasks
* invite use() works as expected
* filtering out broken invites
* enabled invite retrieval by token irregardless of who is it for
* minor adjustments
* tests fix
* test config improvements
* test env adjustment
* extra test case
* making resource access limits harder to ignore
* linter fixes
* eventBus type cleanup
* better generic names
* refactored serverinvites resource migration
* fix(server): better error message in project invite edge case
* chore(serverinvites): repository refactor for multiregion
* chore(serverinvites): remove migrated functions from old repository
* chore(serverinvites): refactor serverInviteForToken resolver for multiregion
* chore(serverinvites): invite processing service refactor for multiregion
* chore(serverinvites): subscription refactor for multiregion
* chore(serverinvites): move buildEmailContents to dedicated file
* chore(serverinvites): deleteAllStreamInvites function multiregion refactor
* chore(serverinvites): refactor deleteServerOnlyInvites multiregion repository
* chore(serverinvites): complete repository refactor for multiregion
* feat(serverinvites): create domain module in server invites
* fix(serverinvites): no relative imports
* feat(serverinvites): extract individual types from repository
* feat(serverinvites): move interfaces to operations
* fix(serverinvites): update imports referencing old interfaces file
* fix(serverinvites): type mismatch for insert invite and delete old
* chore(serverinvites): refactor to single repo function
* test(serverinvites): fix tests
* fix(serverinvites): use domain types in all places
* feat(serverinvites): WIP unity
* feat(serverinvites): move to new facory names and types
* feat(serverinvites): fix tests
* fix(serverinvites): use factory name
---------
Co-authored-by: Alessandro Magionami <alessandro.magionami@gmail.com>
* feat(fe2): project invite auto accept
* fix(fe2): improved CSR error logging
* feat(fe1): auto accept stream invite on email link click
* minor type fix
* tests fix
* feat: user guest role switching in FE1
* removed stream create buttons
* fe1 done
* fe1 - specifying role in invite dialogs
* fe1 - bulk invites
* WIP FE2 changes
* fe1: allow role select condition fixes
* xtra limitations on createForOnboarding
* more invite creation validations
* no longer able to set guest as project owner in invite
* preparations for server role select in invite dialog
* team management dialog done
* server invite dialog updated
* hiding invite dialog
* fixed mocks
* feat(admin): add users email to the admin user list query
* feat(admin): WIP invite list
* feat(admin): fix server invites resolver typing
* fix(admin): slim down admin user list item data
* Revert "Revert structured logging 2 (#1240)"
This reverts commit 78ecaeffcb.
* Logging should not be bundled into core shared directory
* making sure observability stuff isnt bundled into frontend
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
* Revert "'@' shortcut must come after it is configured in bootstrap (#1239)"
This reverts commit 967329473f.
* Revert "Structured logging (attempt 2) (#1234)"
This reverts commit 444d2ca7dd.
* Revert "Revert "feat(structured logging): implements structured logging for backend (#1217)" (#1227)"
This reverts commit 63e6581162.
* Use pino-http instead of express pino logger
* Use correct reference to knex and do not instantiate HttpLogger prematurely
* Adds missing dependency for pino to webhook-service
* Do not instantiate middleware when passed to express
* Refactor to move logging into shared
* Copy shared packages into dockerfiles
* Build shared workspace in docker build-stage for fileimport & webhook
* Demonstration of bug to test when middleware added
- Adding middleware, even no-op, causes test to fail
* Make middleware async, but introduce delay.
Revert test back to original.
* Revert tests
* Add a 1ms sleep to the test to reduce likelihood of flakiness
* Rate limiting on all express endpoints using middleware
* Adds all configuration for existing rate limited endpoints
* It is helpful to add the package to yarn first
* Implements respectsLimits using Redis rate limiter
* Fix for test `Should rate-limit user creation`
- if rate limit error, post to `/auth/local/register` will return a 429 status code
* All rate limiting provided by new ratelimiter.ts
* Consolidate typescript interfaces
* Amend signature of function to require source to be passed in, and not try to guess it from the request
* Rename respectsLimits to isWithinRateLimits
* Throw within catch of Promise
* Replace rejectsRequestWithRatelimitStatusIfNeeded throughout code
* Sending rate limit response should deal with other types of error
- Sentry notified of the error
* Express middleware rate limits by a 3 second burst or a daily rate
- Provide action when generating 429 response
* Prevent DOS of Redis
* Add 'Retry-After' for all cases when responding with 429 status code
- default of 1 day, but dynamic based on available information
* Generate rate limiters once, on init
- Improved and consistent handling of exit from functions
- fixed environment variable names
* WIP Refactor rate limiting setup
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
* WIP: fixed references, now runs but tests fail
* Use getSourceFromRequest where possible
* WIP: unit tests for rate limiter
* Unit tests for ratelimiter
* feat(IFC): WIP IFC parser improvements
* Revert "feat(IFC): WIP IFC parser improvements"
This reverts commit 093089a2c4.
* refactor authz, rate limiting middleware to global
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
* invites tests fix
* fix(server ratelimiter): export public interfaces
* Unit test for rate limiter use in memory rate limiter
- in memory rate limiter is configured with zero limit by default
* Fixed#1219 (#1221)
* WIP: improve auth test for rate limiting user creation
* ci(circleci config): publishing was broken when main branch was tagged (i.e. for releases) (#1224)
* Gitignore CPU profiles
* All tests are now passing locally
* Fixed an issue in the frontend which was causing the views not to work. Fixed an issue with object selection camera animation where the dolly lerp factor was much too high for smooth animation (#1225)
* feat(structured logging): implements structured logging for backend (#1217)
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
* Revert "feat(structured logging): implements structured logging for backend (#1217)" (#1227)
This reverts commit 84cb74e8b3.
* Move error to core/errors
- augmented typescript types moved to type-augmentations
* Added a missing wait in the screenshot generation loop (#1228)
* refactor(server rest api): remove duplicate rate limit requests
* feat(server rate limits): increase rate limits for the upload endpoints
* chore(server rate limits): final cleanup
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
Co-authored-by: Dimitrie Stefanescu <didimitrie@gmail.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
Co-authored-by: Alexandru Popovici <alexandrupopoviciioan@gmail.com>
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
Kristaps Fabians Geikins