* fix(object upload): provide guard of expectation of an array
* additional logging to understand what is occurring
* adds tests for object not json and object not json array
* Fixed an issue with curves doubling up on geometry and also not being selectable after the last filtering changes. Added the options to make lines transparent. Added lines to diffing
* Points now are diff-able and support proper visual diff-ing. Visual diff filters are now chosen internally by the Differ. Fixed an issue with LineBatch and transparency
* Implemented PLAIN visual diff mode, where all objects keep their original materil, but opacity is manipulated via the diff time. Added API member function to switch between the PLAIN and COLORED visual diff modes
* feat(fe2): diffs wip
* Diffing fixes for instances and blocks. Things seem to be working fine, but there are some caveats. Additionally, some older issues were fixed and diffing now works better on all the rest of the streams
* feat(fe2): de-dupes diff results
* feat(fe2): wip diffs
* feat(fe2): diff transparency goes from 0 to 1
* feat(fe2): diff results display work
* feat(fe2): diff results display work
* feat(fe2): diff panel work
* feat(fe2): diff work: various display changes, coloring toggle, selection logic, selection object display wip
* feat(fe2): diff work: cleaned up old/new version, fixed minor bug in viewer diff time when swapping color mode
* feat(fe2): diff work: implements custom selection logic and selection display for modified objects (they come in pairs now)
* feat(fe2): diff minor fix in selected object display
* feat(fe2): wip; trying to fix diff order to be consistent (ordered by date)
* feat(fe2): wip, broken state right now
* feat(fe2): fixes scrollbars in viewer
* feat(fe2): fixes slider sync with diff time
* feat(fe2): WIP syncs of diffs (threads, refreshes, etc.)
* feat(fe2): diffing polish
* speckle shared fix
* speckle shared fix
* more bugfixes
* linter fixess
* more CI fixes
* fix viewerState serialization
* more linting fixess
* template fixes
* moving tailwind classes to theme package
* migrated away from diffString + simplified postSetup
* moved diff new/old version resolution to use state.resources
* cleanup
* updating url threadId & diff command correctly
* minor improvements to diff state
---------
Co-authored-by: AlexandruPopovici <alexandrupopoviciioan@gmail.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
* fix(fe2): unfollow on camera move
* WIP new state hydration function
* WIP sync state
* minor cleanup
* fix coloring not being tracked
* fix for post thread close camera pos restore
* supporting duplicate users
* preventing guest commenting + state reset fixes
* fixed guests not receiving viewer comment updates
* post-thread creation opens new thread
* removing gap between 'X is typing' and bubble appearing
* reset filters will also reset colors now
* fixed thread full context
* camera reset fix
* thread reset fix
* fixed router concurrency issues
* followed user avatar fix
* TONS OF DEBUGGING FOR ROUTER QUEUING
* removing queued routing debugging stuff + disabling spotlight cancelation
* WIP async URL updates
* missing authLogger fixed
* fix for broken projection
* fix for bubbles positions not updating correctly
* queued routing cleanup
* fixed spotlight mode disabling unnecessarily
* added back stoplight stop on ctrl
* undid spotlight debugging
commit authorId-s can be null, if a server user is deleted.
We keep the commit on the server, so we need to be able to
return null values for commit author name and avatar
Co-authored-by: CI <devops+circleci@speckle.systems>
* Revert "fix(ratelimit): reduce /graphql limit based on incident (#1505)"
This reverts commit 2a35fe6178.
* Revert helm chart defaults to value in code
- fix typo
* feat: register flag passed to fe
* feat: mixpanel tracking for all sign ups
* feat: utm first touch & last touch tracking
* feat(helm): Allows Environment Variable for MP to be configured
- default is enabled
- renames environment variable to ENABLE_MP
* feat(helm network policy): allowlist analytics.speckle.systems
---------
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
* fix(server authz): make sure to forbid access with invalid tokens
fix#927
* test(server authz tests): update tests to reflect the changes in the invalid token forbidden flow
- feat(logging): log all http requests and responses
- the auto logger does not log the body, to ensure sensitive payloads are not logged. Unfortunately this means that error messages are not logged either, so need to be manually logged.
- fix(logging): 400 errors should be info not error severity logging
- chore(server): adds endpoint parameter to some log messages
- and any other relevant parameters we have to hand (streamId, userId etc..)
- logging severity is info for `400` status codes, error for `500` status codes or equivalent.
- errors should be logged to stdout in a structured format
- currently still throws errors which are ultimately unhandled, this matches existing behaviour
- Consolidate redis creation and error handling in a shared module
* remove unused 'redis' module, in favour of 'ioredis'
* feat(server): add switchable admin authz override
* fix(server): make sure tests work with the new admin override
* feat(server authz): make sure to add all requested roles to server admins in admin override mode
* fix(logging): user input errors should be logged as info severity
* Tidy the code to use a constant and a specific error type
* Attempting to remove the last admin user is invalid user input and should not be logged as error severity
* Missing passwords are user input errors
* Improves error logging
- use pino error logger correctly by passing in error as first argument
* monitor deployment: Filter logging at INFO level and above
* Use structured logging to create parameters for monitoring results
* Add structured logging to obj fileimport service
* Fileimport service, fix and improve logging
- use child logger with additional context where possible
- select appropriate logging level
- fix duplicated context in log statement
* REST endpoints, add context to structured logging and remove same context from message
* Webhook service provides context to bound logger to properly use structured logging
- Pass bound logger containing context to `makeNetworkRequest`
- do not log url, as it may contain a secret (like Discord's webhook urls), instead log the webhook Id
- log error message when network call fails
* upload: make better use of structured logging when recording data
* pino-pretty when in dev or test mode
- pino-pretty configured to send to stderr
* LOG_PRETTY env var
* Silence structured logging during testing
- can not rely on determining the port number by reading from stdout/stderr
- instead we determine which port is free, then create our server on that port
- we then poll that port until the server is ready before commencing tests
* Allow puppeteer to install chromium
* Do not need to install chromium separately
* Revert "Revert structured logging 2 (#1240)"
This reverts commit 78ecaeffcb.
* Logging should not be bundled into core shared directory
* making sure observability stuff isnt bundled into frontend
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
* Revert "'@' shortcut must come after it is configured in bootstrap (#1239)"
This reverts commit 967329473f.
* Revert "Structured logging (attempt 2) (#1234)"
This reverts commit 444d2ca7dd.
* Revert "Revert "feat(structured logging): implements structured logging for backend (#1217)" (#1227)"
This reverts commit 63e6581162.
* Use pino-http instead of express pino logger
* Use correct reference to knex and do not instantiate HttpLogger prematurely
* Adds missing dependency for pino to webhook-service
* Do not instantiate middleware when passed to express
* Refactor to move logging into shared
* Copy shared packages into dockerfiles
* Build shared workspace in docker build-stage for fileimport & webhook
* Demonstration of bug to test when middleware added
- Adding middleware, even no-op, causes test to fail
* Make middleware async, but introduce delay.
Revert test back to original.
* Revert tests
* Add a 1ms sleep to the test to reduce likelihood of flakiness
* Rate limiting on all express endpoints using middleware
* Adds all configuration for existing rate limited endpoints
* It is helpful to add the package to yarn first
* Implements respectsLimits using Redis rate limiter
* Fix for test `Should rate-limit user creation`
- if rate limit error, post to `/auth/local/register` will return a 429 status code
* All rate limiting provided by new ratelimiter.ts
* Consolidate typescript interfaces
* Amend signature of function to require source to be passed in, and not try to guess it from the request
* Rename respectsLimits to isWithinRateLimits
* Throw within catch of Promise
* Replace rejectsRequestWithRatelimitStatusIfNeeded throughout code
* Sending rate limit response should deal with other types of error
- Sentry notified of the error
* Express middleware rate limits by a 3 second burst or a daily rate
- Provide action when generating 429 response
* Prevent DOS of Redis
* Add 'Retry-After' for all cases when responding with 429 status code
- default of 1 day, but dynamic based on available information
* Generate rate limiters once, on init
- Improved and consistent handling of exit from functions
- fixed environment variable names
* WIP Refactor rate limiting setup
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
* WIP: fixed references, now runs but tests fail
* Use getSourceFromRequest where possible
* WIP: unit tests for rate limiter
* Unit tests for ratelimiter
* feat(IFC): WIP IFC parser improvements
* Revert "feat(IFC): WIP IFC parser improvements"
This reverts commit 093089a2c4.
* refactor authz, rate limiting middleware to global
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
* invites tests fix
* fix(server ratelimiter): export public interfaces
* Unit test for rate limiter use in memory rate limiter
- in memory rate limiter is configured with zero limit by default
* Fixed#1219 (#1221)
* WIP: improve auth test for rate limiting user creation
* ci(circleci config): publishing was broken when main branch was tagged (i.e. for releases) (#1224)
* Gitignore CPU profiles
* All tests are now passing locally
* Fixed an issue in the frontend which was causing the views not to work. Fixed an issue with object selection camera animation where the dolly lerp factor was much too high for smooth animation (#1225)
* feat(structured logging): implements structured logging for backend (#1217)
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
* Revert "feat(structured logging): implements structured logging for backend (#1217)" (#1227)
This reverts commit 84cb74e8b3.
* Move error to core/errors
- augmented typescript types moved to type-augmentations
* Added a missing wait in the screenshot generation loop (#1228)
* refactor(server rest api): remove duplicate rate limit requests
* feat(server rate limits): increase rate limits for the upload endpoints
* chore(server rate limits): final cleanup
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Iain Sproat <iainsproat@users.noreply.github.com>
Co-authored-by: Dimitrie Stefanescu <didimitrie@gmail.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
Co-authored-by: Alexandru Popovici <alexandrupopoviciioan@gmail.com>
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
* Update to new specklepy (#1173)
* Publish images for all branches but limit tagging
* only tag 'latest' and '2' when 'SHOULD_PUBLISH' variable is 'true'
* Publishing helm chart should check for `SHOULD_PUBLISH`
* Move blocking step to publish-helm chart, and allow images to be published
* Pin python requirements and bump to latest versions
* Fix EOL whitespace
* use valid version for psycopg2-binary (the clue is in the 2!)
* fix(fileimports): add exception printing to file imports
* fix(fileimports): bump specklepy version
move to a specklepy version that contains a fix for send without writing to disk
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
* Fixes liveness and readiness checks to prevent CSRF error message (#1169)
- provides content-type header
- check that status code is 200
* Fixes broken helm template by adding quotation marks around liveness probe command (#1171)
* fix(server activities): make sure the stream events are properly dispatched
* feat(server webhooks): add scheduled orphaned webhook cleanup
* test(server webhooks): add test to webhook cleanup service
* feat(server webhooks): drop foreign key reference for webhooks schema to streams
* refactor(server req context): refactor req context to have the ip attribute for all requests
* feat(server objects rest api): add ratelimits to objects rest api endpoints
* fix(server rest api): properly handle returning 419
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
Gergő Jedlicska