* Revert "fix(ratelimit): reduce /graphql limit based on incident (#1505)"
This reverts commit 2a35fe6178.
* Revert helm chart defaults to value in code
- fix typo
- we do not log both the ip if the user is signed in, as this may be a privacy issue
- the ip is only logged if there is no associated user information
* feat(server): authentication middleware should log auth context creation status
- this uses the pino http logger provided via prior express middleware, ensuring a request ID is associated with the log messages
- userID, scopes and roles will be logged
* Appends the authContext to the req.log, which makes it available on all subsequent calls
* fix(helm): network policy should allow egress to analytics.speckle.systems
- previously only allowed DNS lookup
* matchName not matchPattern on analytics.speckle.systems
* fix(helm): fix logic in networkpolicies to check for existence of object
- object must exist before we can query its parameters
- if the 'mp' object is set and it is explicitly set to 'false' then the endpoint is blocked, otherwise it is allowed.
* fix(helm chart): accessing an unset object in the second part of an and statement breaks helm
* fix(helm): cilium network policy updated to put mp within monitoring object
- object must exist before we can query its parameters
- if the 'mp' object is set and it is explicitly set to 'false' then the endpoint is blocked, otherwise it is allowed.
* feat: register flag passed to fe
* feat: mixpanel tracking for all sign ups
* feat: utm first touch & last touch tracking
* feat(helm): Allows Environment Variable for MP to be configured
- default is enabled
- renames environment variable to ENABLE_MP
* feat(helm network policy): allowlist analytics.speckle.systems
---------
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
- helm charts are sorted in descending order. As the commit sha is not an incremented value and is effectively random, it was breaking the Helm Chart index
* fix(server authz): make sure to forbid access with invalid tokens
fix#927
* test(server authz tests): update tests to reflect the changes in the invalid token forbidden flow
* The ObjectLoader and ViewerObjectsLoaders are disposed upon loading complete.
* Added viewer parameter for keeping or discarding original geometry data. Defaults to discarding it. WIP on mesh and point cloud implementation for actual discarding it
* Geometry data from raw nodes is now disposed after building their reder views
* Removed raw geometry data from points and lines
* Removed the float64 array which was persisted pointlessly by the section plane outlines feature. Also fixed a bug for this feature regarding resizing the point buffer and RTE
* Implemented BVHs in local space, relative to world origin. This cuts down on it's redundant memory footprint by half
* Implemented SpeckleMeshBVH which completely hides the RTE-related transformations that we're making to reduce memory footprint.
* Added some clarifications to the SpeckleMeshBVH class
- feat(logging): log all http requests and responses
- the auto logger does not log the body, to ensure sensitive payloads are not logged. Unfortunately this means that error messages are not logged either, so need to be manually logged.
- fix(logging): 400 errors should be info not error severity logging
* Extended the ObjectLayers on a per geometry type basis. We can now restrict intersections and rendering based on geometry type (mesh, line, point)
* Disabled geometry type based filtering of opaque/transparent/stencil objects in the batcher, since we're using separate object layers for the geometry types now
* Fixed and issue with OR-ing layers
Iain Sproat