-
Notifications
You must be signed in to change notification settings - Fork 825
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge GraphQL v-next to master (#8287)
* feat(cli-api): improve add and update api * Delete sam.schema.json * Delete cloudformation.schema.json * remove auto apply authmode code from update api workflow * remove unused import * fix lint issues * relative import * fix dependencies * fix lint comments * remove unused code * updated v2 templates * remove unused import * change to use executeProviderUtils * fixed formatting * several minor tweaks to add and update api workflow * update conflict detection label * remove app not deployed message * auto apply auth mode * auto apply authmode for v2 tranformer * add type amplify_global to v2 schemas * Update many-relationship-schema-v2.graphql * Update single-object-auth-schema-v2.graphql * Update single-object-schema-v2.graphql * feat: add @auth (#1) * feat: add @auth base package with Access Control * feat: graphql auth v2 add schemaChanges, iam policy generation, and query/read resolvers * feat: graphql auth v2 add auth on mutation and subscription resolvers * feat(amplify-category-api): add global sandbox mode directive on schema generation (#8074) * feat(amplify-category-api): add global sandbox mode directive on schema generation * test(amplify-e2e-tests): add e2e tests for sandbox mode * test(amplify-category-api): add unit test for generating sandbox mode directive; rm unused method * feat(cli): add sandbox mode warning to amplify status (#8078) * feat(amplify-category-api): prompt api key creation on amplify push (#8124) * feat(amplify-category-api): prompt api key create when invalid with sandbox mode * test(amplify-category-api): add unit tests for provider utils * test(amplify-category-api): fix test for adding api key prompt * refactor(cli): refactor api key prompt * refactor(amplify-category-api): add api key with gql compiled * feat: @model conflict resolution * auth directive support for index, searchable, predictions, functions, and relational directives (#8146) * feat: add support for index and updated unit and e2e tests * feat: directive suport for functions, predictions, searchable, and relational * test: updated unit tests for updated auth on directives * @auth support for datastore and add has auth flag (#8168) * feat: @auth v2 on datastore and updated unit tests * feat: add hasAuthFlag * feat(graphql-model-transformer): set up transformer for sandbox mode directive (#8138) * feat(graphql-model-transformer): add sandbox mode support to model transformer * refactor(graphql-transformer-core): do not persist sandbox mode meta data * fix: add command to show access control and field auth evaluation in access control (#8174) * fix: admin ui app state check and auth transformer index resolver name (#8175) * fix: has auth typo and qref on field conditions for private rule (#8180) * fix(graphql-model-transformer): use hasAuth flag when sandbox mode is disabled (#8179) * fix: update hasMany to use join table name, sync config warning, updated unit test * fix: add empty payload for sandbox mode * fix: snapshot test for @searchable * fix: udpated snapshot for index and relation directives * fix: use same none datasource name as resolver manager * fix: iam resolver check and relational payload (#8234) * fix: add datastore query in config for auth (#8246) * fix: auth filter expression (#8248) * fix: update iam auth to include roles in before template (#8259) * chore: rebase and update auth dependencies * fix(graphql-model-transformer): iam role name does not exceed 64 characters * fix: add base e2e tests with auth fixes Co-authored-by: Danielle Adams <6271256+danielleadams@users.noreply.github.com> Co-authored-by: lazpavel <85319655+lazpavel@users.noreply.github.com> * fix: update dependency versions * feat(amplify-provider-awscloudformation): match env directive field for sandbox mode (#3) * fix(amplify-provider-awscloudformation): invoke api function from invoker plugin (#8274) * fix(amplify-provider-awscloudformation): invoke api function from invoker plugin * fix(graphql-index-transformer): update snapshots for tests * test(amplify-provider-awscloudformation): fix tests for sandbox helpers * fix(amplify-provider-awscloudformation): remove sandbox mode directive from schema before transform (#8272) * chore(graphql-auth-transformer): update deps for auth transformer and api category * fix(graphql-model-transformer): revert code to master version * test(graphql-model-transformer): update the snapshot for the amplify/graphql-model-transformer test * chore: remove showacm as that was for testing purposes only * test(amplify-e2e-tests): update to use correct helpers * test(graphql-transformers-e2e-tests): enable sandbox mode on v2 transforms * test(amplify-e2e-tests): replace updateAPIResolution imports with new methods * fix: get item query for @model and relational directives * auto apply auth fix * auto apply auth modes v2 fix (#4) * test(amplify-e2e-tests): rm sandbox e2e test * fix(amplify-provider-awscloudformation): fix api key creation when sandbox mode enable * test(amplify-e2e-tests): create random app name generator for broken tests * fix api e2e workflow * test(amplify-e2e-core): add random app name generator, update snapshots and imports * chore(graphql-auth-transformer): upgrade deps in auth transformer * update e2e test to use new api workflow (#5) * feat(graphql-model-transformer): fix default value e2e test (#6) * test(amplify-e2e-tests): add missing helper * e2e fix for auth tests using new api workflow (#7) * update e2e test to use new api workflow * fix(test): update auth tests with new api workflow * test(amplify-e2e-tests): add missing helper and fix broken test Co-authored-by: Christopher Sundersingh <sundersc@amazon.com> Co-authored-by: Christopher Sundersingh <83315412+sundersc@users.noreply.github.com> Co-authored-by: Josue Ruiz <7465495+SwaySway@users.noreply.github.com> Co-authored-by: lazpavel <85319655+lazpavel@users.noreply.github.com> Co-authored-by: Colin Ihrig <colihrig@amazon.com>
- Loading branch information
1 parent
385c395
commit b5ba1f0
Showing
166 changed files
with
20,920 additions
and
3,717 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
18 changes: 18 additions & 0 deletions
18
...egory-api/resources/awscloudformation/graphql-schemas/many-relationship-schema-v2.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
type Blog @model { | ||
id: ID! | ||
name: String! | ||
posts: [Post] @hasMany | ||
} | ||
|
||
type Post @model { | ||
id: ID! | ||
title: String! | ||
blog: Blog @belongsTo | ||
comments: [Comment] @hasMany | ||
} | ||
|
||
type Comment @model { | ||
id: ID! | ||
post: Post @belongsTo | ||
content: String! | ||
} |
15 changes: 15 additions & 0 deletions
15
...gory-api/resources/awscloudformation/graphql-schemas/single-object-auth-schema-v2.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
type Task | ||
@model | ||
@auth(rules: [ | ||
{ allow: groups, groups: ["Managers"], operations: [create, update, read, delete] } | ||
{ allow: groups, groups: ["Employees"], operations: [read] } ]) { | ||
id: ID! | ||
title: String! | ||
description: String | ||
status: String | ||
} | ||
|
||
type PrivateNote @model @auth(rules: [{ allow: owner }]) { | ||
id: ID! | ||
content: String! | ||
} |
5 changes: 5 additions & 0 deletions
5
...-category-api/resources/awscloudformation/graphql-schemas/single-object-schema-v2.graphql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
type Todo @model { | ||
id: ID! | ||
name: String! | ||
description: String | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
44 changes: 44 additions & 0 deletions
44
...category-api/src/__tests__/provider-utils/awscloudformation/prompt-to-add-api-key.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
import { $TSContext } from 'amplify-cli-core'; | ||
import * as prompts from 'amplify-prompts'; | ||
import { promptToAddApiKey } from '../../../provider-utils/awscloudformation/prompt-to-add-api-key'; | ||
import * as walkthrough from '../../../provider-utils/awscloudformation/service-walkthroughs/appSync-walkthrough'; | ||
import * as cfnApiArtifactHandler from '../../../provider-utils/awscloudformation/cfn-api-artifact-handler'; | ||
|
||
jest.mock('../../../provider-utils/awscloudformation/service-walkthroughs/appSync-walkthrough', () => ({ | ||
askApiKeyQuestions: jest.fn(), | ||
})); | ||
|
||
jest.mock('../../../provider-utils/awscloudformation/cfn-api-artifact-handler', () => ({ | ||
getCfnApiArtifactHandler: jest.fn(() => { | ||
return { updateArtifacts: jest.fn() }; | ||
}), | ||
})); | ||
|
||
jest.mock('amplify-prompts', () => ({ | ||
prompter: { | ||
confirmContinue: jest.fn().mockImplementation(() => true), | ||
}, | ||
})); | ||
|
||
describe('prompt to add Api Key', () => { | ||
it('runs through expected user flow: print info, update files', async () => { | ||
const envName = 'envone'; | ||
const ctx = { | ||
amplify: { | ||
getEnvInfo() { | ||
return { envName }; | ||
}, | ||
}, | ||
} as unknown as $TSContext; | ||
|
||
jest.spyOn(prompts.prompter, 'confirmContinue'); | ||
jest.spyOn(walkthrough, 'askApiKeyQuestions'); | ||
jest.spyOn(cfnApiArtifactHandler, 'getCfnApiArtifactHandler'); | ||
|
||
await promptToAddApiKey(ctx); | ||
|
||
expect(prompts.prompter.confirmContinue).toHaveBeenCalledWith('Would you like to create an API Key?'); | ||
expect(walkthrough.askApiKeyQuestions).toHaveBeenCalledTimes(1); | ||
expect(cfnApiArtifactHandler.getCfnApiArtifactHandler).toHaveBeenCalledTimes(1); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
21 changes: 21 additions & 0 deletions
21
...gory-api/src/__tests__/provider-utils/awscloudformation/utils/global-sandbox-mode.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
import { defineGlobalSandboxMode } from '../../../../provider-utils/awscloudformation/utils/global-sandbox-mode'; | ||
import { $TSContext } from 'amplify-cli-core'; | ||
|
||
describe('global sandbox mode GraphQL directive', () => { | ||
it('returns AMPLIFY_DIRECTIVE type with code comment, directive, and env name', () => { | ||
const envName = 'envone'; | ||
const ctx = <$TSContext>{ | ||
amplify: { | ||
getEnvInfo() { | ||
return { envName }; | ||
}, | ||
}, | ||
}; | ||
|
||
expect(defineGlobalSandboxMode(ctx)) | ||
.toBe(`# This allows public create, read, update, and delete access for a limited time to all models via API Key. | ||
# To configure PRODUCTION-READY authorization rules, review: https://docs.amplify.aws/cli/graphql-transformer/auth | ||
type AMPLIFY_GLOBAL @allow_public_data_access_with_api_key(in: \"${envName}\") # FOR TESTING ONLY!\n | ||
`); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
6 changes: 5 additions & 1 deletion
6
packages/amplify-category-api/src/provider-utils/api-artifact-handler.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,10 @@ | ||
import { AddApiRequest, UpdateApiRequest } from 'amplify-headless-interface'; | ||
|
||
export interface ApiArtifactHandlerOptions { | ||
skipCompile?: boolean; | ||
} | ||
|
||
export interface ApiArtifactHandler { | ||
createArtifacts(request: AddApiRequest): Promise<string>; | ||
updateArtifacts(request: UpdateApiRequest): Promise<void>; | ||
updateArtifacts(request: UpdateApiRequest, opts?: ApiArtifactHandlerOptions): Promise<void>; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
packages/amplify-category-api/src/provider-utils/awscloudformation/prompt-to-add-api-key.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
import { $TSContext } from 'amplify-cli-core'; | ||
import { askApiKeyQuestions } from './service-walkthroughs/appSync-walkthrough'; | ||
import { authConfigToAppSyncAuthType } from './utils/auth-config-to-app-sync-auth-type-bi-di-mapper'; | ||
import { getCfnApiArtifactHandler } from './cfn-api-artifact-handler'; | ||
import { prompter } from 'amplify-prompts'; | ||
|
||
export async function promptToAddApiKey(context: $TSContext): Promise<any> { | ||
if (await prompter.confirmContinue('Would you like to create an API Key?')) { | ||
const apiKeyConfig = await askApiKeyQuestions(); | ||
const authConfig = [apiKeyConfig]; | ||
|
||
await getCfnApiArtifactHandler(context).updateArtifacts( | ||
{ | ||
version: 1, | ||
serviceModification: { | ||
serviceName: 'AppSync', | ||
additionalAuthTypes: authConfig.map(authConfigToAppSyncAuthType), | ||
}, | ||
}, | ||
{ | ||
skipCompile: true, | ||
}, | ||
); | ||
|
||
return apiKeyConfig; | ||
} | ||
} |
Oops, something went wrong.