Skip to content

Commit aefb56f

Browse files
VincentMolinieVincentMolinie
authored
chore: release beta branch (#1033)
2 parents d7db5a9 + 8b1ae9a commit aefb56f

13 files changed

+267
-150
lines changed

CHANGELOG.md

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,38 @@
1+
# [9.0.0-beta.4](https://github.com/ForestAdmin/forest-express-sequelize/compare/v9.0.0-beta.3...v9.0.0-beta.4) (2022-11-09)
2+
3+
4+
### Features
5+
6+
* **chart:** add support for context variables inside SQL query ([#1028](https://github.com/ForestAdmin/forest-express-sequelize/issues/1028)) ([6bf678e](https://github.com/ForestAdmin/forest-express-sequelize/commit/6bf678ead766a202908c0bf8f5376e9c45d9ef6f))
7+
8+
# [9.0.0-beta.3](https://github.com/ForestAdmin/forest-express-sequelize/compare/v9.0.0-beta.2...v9.0.0-beta.3) (2022-11-02)
9+
10+
11+
### Features
12+
13+
* **chart:** add support for context variables used by Workspaces ([#1029](https://github.com/ForestAdmin/forest-express-sequelize/issues/1029)) ([dc3009a](https://github.com/ForestAdmin/forest-express-sequelize/commit/dc3009acf395292cf28a8d7b481d36f78bb9d829))
14+
15+
# [9.0.0-beta.2](https://github.com/ForestAdmin/forest-express-sequelize/compare/v9.0.0-beta.1...v9.0.0-beta.2) (2022-10-28)
16+
17+
18+
### Bug Fixes
19+
20+
* **chart:** improve security on chart and rename charts' properties ([#1027](https://github.com/ForestAdmin/forest-express-sequelize/issues/1027)) ([2e4c54e](https://github.com/ForestAdmin/forest-express-sequelize/commit/2e4c54e4b66295451e97c873b3cfa3043e1864e3))
21+
22+
# [9.0.0-beta.1](https://github.com/ForestAdmin/forest-express-sequelize/compare/v8.5.14...v9.0.0-beta.1) (2022-10-28)
23+
24+
25+
### Bug Fixes
26+
27+
* **security:** validate that smart action approvals are launched with the same parameters than the initial trigger ([#1026](https://github.com/ForestAdmin/forest-express-sequelize/issues/1026)) ([928865e](https://github.com/ForestAdmin/forest-express-sequelize/commit/928865e9299d1ef9680e9b33ce33ecd8f4c9d077))
28+
29+
30+
### BREAKING CHANGES
31+
32+
* **security:** drop support of projects that are not using roles
33+
34+
Co-authored-by: Guillaume Gautreau <[email protected]>, Morgan Perre <[email protected]>
35+
136
## [8.5.14](https://github.com/ForestAdmin/forest-express-sequelize/compare/v8.5.13...v8.5.14) (2022-10-25)
237

338

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "forest-express-sequelize",
33
"description": "Official Express/Sequelize Liana for Forest",
4-
"version": "8.5.14",
4+
"version": "9.0.0-beta.4",
55
"author": "Sandro Munda <[email protected]>",
66
"contributors": [
77
"Arnaud Besnier <[email protected]>",
@@ -28,7 +28,7 @@
2828
"@babel/runtime": "7.15.4",
2929
"bluebird": "2.9.25",
3030
"core-js": "3.6.5",
31-
"forest-express": "9.5.6",
31+
"forest-express": "10.0.0",
3232
"http-errors": "1.6.1",
3333
"lodash": "4.17.21",
3434
"moment": "2.29.4",

src/services/leaderboard-stat-getter.js

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,14 +26,15 @@ async function getSequelizeOptionsForModel(model, user, timezone) {
2626
* @param {import('sequelize').Model} childModel
2727
* @param {import('sequelize').Model} parentModel
2828
* @param {{
29-
* label_field: string;
30-
* aggregate: string;
31-
* aggregate_field: string;
29+
* labelFieldName: string;
30+
* aggregator: string;
31+
* aggregateFieldName: string;
32+
* limit: number;
3233
* }} params
3334
*/
3435
function LeaderboardStatGetter(childModel, parentModel, params, user) {
35-
const labelField = params.label_field;
36-
const aggregate = params.aggregate.toUpperCase();
36+
const labelField = params.labelFieldName;
37+
const aggregate = params.aggregator.toUpperCase();
3738
const { limit } = params;
3839
const childSchema = Schemas.schemas[childModel.name];
3940
const parentSchema = Schemas.schemas[parentModel.name];
@@ -44,7 +45,7 @@ function LeaderboardStatGetter(childModel, parentModel, params, user) {
4445
);
4546

4647
const aggregateField = getAggregateField({
47-
aggregateField: params.aggregate_field,
48+
aggregateField: params.aggregateFieldName,
4849
parentSchema,
4950
parentModel,
5051
});

src/services/line-stat-getter.js

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,18 +7,18 @@ import QueryOptions from './query-options';
77

88
function LineStatGetter(model, params, options, user) {
99
const schema = Schemas.schemas[model.name];
10-
const timeRange = params.time_range.toLowerCase();
10+
const timeRange = params.timeRange.toLowerCase();
1111

1212
function getAggregateField() {
1313
// NOTICE: As MySQL cannot support COUNT(table_name.*) syntax, fieldName cannot be '*'.
14-
const fieldName = params.aggregate_field
14+
const fieldName = params.aggregateFieldName
1515
|| schema.primaryKeys[0]
1616
|| schema.fields[0].field;
1717
return `${schema.name}.${Orm.getColumnName(schema, fieldName)}`;
1818
}
1919

2020
function getGroupByDateField() {
21-
return `${schema.name}.${Orm.getColumnName(schema, params.group_by_date_field)}`;
21+
return `${schema.name}.${Orm.getColumnName(schema, params.groupByFieldName)}`;
2222
}
2323

2424
const groupByDateField = getGroupByDateField();
@@ -133,7 +133,7 @@ ${groupByDateFieldFormated}), 'yyyy-MM-dd 00:00:00')`);
133133
'to_char',
134134
options.Sequelize.fn(
135135
'date_trunc',
136-
params.time_range,
136+
params.timeRange,
137137
options.Sequelize.literal(`"${getGroupByDateField().replace('.', '"."')}" at time zone '${params.timezone}'`),
138138
),
139139
'YYYY-MM-DD 00:00:00',
@@ -181,7 +181,7 @@ ${groupByDateFieldFormated}), 'yyyy-MM-dd 00:00:00')`);
181181
function getAggregate() {
182182
return [
183183
options.Sequelize.fn(
184-
params.aggregate.toLowerCase(),
184+
params.aggregator.toLowerCase(),
185185
options.Sequelize.col(getAggregateField()),
186186
),
187187
'value',
@@ -197,11 +197,11 @@ ${groupByDateFieldFormated}), 'yyyy-MM-dd 00:00:00')`);
197197
}
198198

199199
this.perform = async () => {
200-
const { filters, timezone } = params;
200+
const { filter, timezone } = params;
201201
const scopeFilters = await scopeManager.getScopeForUser(user, model.name, true);
202202

203203
const queryOptions = new QueryOptions(model, { includeRelations: true });
204-
await queryOptions.filterByConditionTree(filters, timezone);
204+
await queryOptions.filterByConditionTree(filter, timezone);
205205
await queryOptions.filterByConditionTree(scopeFilters, timezone);
206206

207207
const sequelizeOptions = {

src/services/live-query-checker.js

Lines changed: 0 additions & 21 deletions
This file was deleted.

src/services/pie-stat-getter.js

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,10 @@ function PieStatGetter(model, params, options, user) {
1919
let associationSchema;
2020
let field;
2121

22-
if (params.group_by_field.indexOf(':') === -1) {
23-
field = _.find(schema.fields, (currentField) => currentField.field === params.group_by_field);
22+
if (params.groupByFieldName.indexOf(':') === -1) {
23+
field = _.find(schema.fields, (currentField) => currentField.field === params.groupByFieldName);
2424
} else {
25-
associationSplit = params.group_by_field.split(':');
25+
associationSplit = params.groupByFieldName.split(':');
2626
associationCollection = model.associations[associationSplit[0]].target.name;
2727
[, associationField] = associationSplit;
2828
associationSchema = Schemas.schemas[associationCollection];
@@ -33,22 +33,22 @@ function PieStatGetter(model, params, options, user) {
3333
}
3434

3535
function getGroupByField() {
36-
if (params.group_by_field.includes(':')) {
37-
const [associationName, fieldName] = params.group_by_field.split(':');
36+
if (params.groupByFieldName.includes(':')) {
37+
const [associationName, fieldName] = params.groupByFieldName.split(':');
3838
return `${associationName}.${Orm.getColumnName(associationSchema, fieldName)}`;
3939
}
40-
return `${schema.name}.${Orm.getColumnName(schema, params.group_by_field)}`;
40+
return `${schema.name}.${Orm.getColumnName(schema, params.groupByFieldName)}`;
4141
}
4242

4343
const groupByField = getGroupByField();
4444

4545
function getAggregate() {
46-
return params.aggregate.toLowerCase();
46+
return params.aggregator.toLowerCase();
4747
}
4848

4949
function getAggregateField() {
5050
// NOTICE: As MySQL cannot support COUNT(table_name.*) syntax, fieldName cannot be '*'.
51-
const fieldName = params.aggregate_field
51+
const fieldName = params.aggregateFieldName
5252
|| schema.primaryKeys[0]
5353
|| schema.fields[0].field;
5454
return `${schema.name}.${Orm.getColumnName(schema, fieldName)}`;
@@ -81,11 +81,11 @@ function PieStatGetter(model, params, options, user) {
8181
}
8282

8383
this.perform = async () => {
84-
const { filters, timezone } = params;
84+
const { filter, timezone } = params;
8585
const scopeFilters = await scopeManager.getScopeForUser(user, model.name, true);
8686

8787
const queryOptions = new QueryOptions(model, { includeRelations: true });
88-
await queryOptions.filterByConditionTree(filters, timezone);
88+
await queryOptions.filterByConditionTree(filter, timezone);
8989
await queryOptions.filterByConditionTree(scopeFilters, timezone);
9090

9191
const sequelizeOptions = {

src/services/query-options.js

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@ import QueryUtils from '../utils/query';
66
import SequelizeCompatibility from '../utils/sequelize-compatibility';
77
import { ErrorHTTP422 } from './errors';
88
import FiltersParser from './filters-parser';
9-
import LiveQueryChecker from './live-query-checker';
109
import PrimaryKeysManager from './primary-keys-manager';
1110
import QueryBuilder from './query-builder';
1211
import SearchBuilder from './search-builder';
@@ -231,8 +230,6 @@ class QueryOptions {
231230
const primaryKey = _.values(this._model.primaryKeys)[0].field;
232231
const queryToFilterRecords = query.trim();
233232

234-
new LiveQueryChecker().perform(queryToFilterRecords);
235-
236233
try {
237234
const options = { type: this._Sequelize.QueryTypes.SELECT };
238235
const records = await this._model.sequelize.query(queryToFilterRecords, options);

src/services/query-stat-getter.js

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,19 @@
1-
const LiveQueryChecker = require('./live-query-checker');
21

32
function QueryStatGetter(params, opts) {
4-
const QUERY_OPTIONS_SELECT = { type: opts.Sequelize.QueryTypes.SELECT };
5-
63
this.perform = function perform() {
74
let rawQuery = params.query.trim();
5+
const bind = params.contextVariables || {};
86

9-
new LiveQueryChecker().perform(rawQuery);
10-
11-
if (params.record_id) {
12-
rawQuery = rawQuery.replace(new RegExp('\\?', 'g'), params.record_id);
7+
if (bind.recordId && !rawQuery.includes('$recordId')) {
8+
rawQuery = rawQuery.replace(/\?/g, '$recordId');
139
}
1410

1511
// WARNING: Choosing the first connection might generate issues if the model
1612
// does not belongs to this database.
17-
return Object.values(opts.connections)[0].query(rawQuery, QUERY_OPTIONS_SELECT);
13+
return Object.values(opts.connections)[0].query(rawQuery, {
14+
type: opts.Sequelize.QueryTypes.SELECT,
15+
bind,
16+
});
1817
};
1918
}
2019

src/services/value-stat-getter.js

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -22,25 +22,25 @@ class ValueStatGetter {
2222

2323
/** Function used to aggregate results (count, sum, ...) */
2424
get _aggregateFunction() {
25-
return this._params.aggregate.toLowerCase();
25+
return this._params.aggregator.toLowerCase();
2626
}
2727

2828
/** Column name we're aggregating on */
2929
get _aggregateField() {
3030
// NOTICE: As MySQL cannot support COUNT(table_name.*) syntax, fieldName cannot be '*'.
31-
const fieldName = this._params.aggregate_field
31+
const fieldName = this._params.aggregateFieldName
3232
|| this._schema.primaryKeys[0]
3333
|| this._schema.fields[0].field;
3434

3535
return `${this._schema.name}.${Orm.getColumnName(this._schema, fieldName)}`;
3636
}
3737

3838
async perform() {
39-
const { filters, timezone } = this._params;
39+
const { filter, timezone } = this._params;
4040
const scopeFilters = await scopeManager.getScopeForUser(this._user, this._model.name, true);
4141

4242
const queryOptions = new QueryOptions(this._model, { includeRelations: true });
43-
await queryOptions.filterByConditionTree(filters, timezone);
43+
await queryOptions.filterByConditionTree(filter, timezone);
4444
await queryOptions.filterByConditionTree(scopeFilters, timezone);
4545

4646
// No attributes should be retrieved from relations for the group by to work.
@@ -74,13 +74,13 @@ class ValueStatGetter {
7474
* - when scopes use the same field as the filter
7575
*/
7676
async _getCountPrevious(options) {
77-
const { filters, timezone } = this._params;
78-
if (!filters) {
77+
const { filter, timezone } = this._params;
78+
if (!filter) {
7979
return undefined;
8080
}
8181

8282
const conditionsParser = new FiltersParser(this._schema, timezone, this._options);
83-
const rawInterval = conditionsParser.getPreviousIntervalCondition(filters);
83+
const rawInterval = conditionsParser.getPreviousIntervalCondition(filter);
8484
if (!rawInterval) {
8585
return undefined;
8686
}

0 commit comments

Comments
 (0)