diff --git a/CHANGES.md b/CHANGES.md index 49b0f5d1fc..b9429c94e4 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -39,6 +39,9 @@ - Fixed OAuth redirect when using the self-hosted instance default success URL ([#454](https://github.com/appwrite/appwrite/issues/454)) - Fixed bug denying authentication with Github OAuth provider +## Breaking Changes +- **Deprecated** `first` and `last` query params for documents list route in the database API + ## Security - Access to Health API now requires authentication with an API Key with access to `health.read` scope allowed diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 516a2a258d..8ba5784412 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -78,9 +78,8 @@ $utopia->post('/v1/account') } } - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -162,9 +161,8 @@ $utopia->post('/v1/account/sessions') ->action( function ($email, $password) use ($response, $request, $projectDB, $audit, $webhook) { $protocol = Config::getParam('protocol'); - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -417,9 +415,8 @@ $utopia->get('/v1/account/sessions/oauth2/:provider/redirect') $projectDB->deleteDocument($current); //throw new Exception('User already logged in', 401); } - $user = (empty($user->getId())) ? $projectDB->getCollection([ // Get user by provider id + $user = (empty($user->getId())) ? $projectDB->getCollectionFirst([ // Get user by provider id 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'oauth2'.\ucfirst($provider).'='.$oauth2ID, @@ -430,9 +427,8 @@ $utopia->get('/v1/account/sessions/oauth2/:provider/redirect') $name = $oauth2->getUserName($accessToken); $email = $oauth2->getUserEmail($accessToken); - $user = $projectDB->getCollection([ // Get user by provider email address + $user = $projectDB->getCollectionFirst([ // Get user by provider email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -808,9 +804,8 @@ $utopia->patch('/v1/account/email') throw new Exception('Invalid credentials', 401); } - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -1072,9 +1067,8 @@ $utopia->post('/v1/account/recovery') ->param('url', '', function () use ($clients) { return new Host($clients); }, 'URL to redirect the user back to your app from the recovery email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.') ->action( function ($email, $url) use ($request, $response, $projectDB, $mail, $audit, $project) { - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -1178,9 +1172,8 @@ $utopia->put('/v1/account/recovery') throw new Exception('Passwords must match', 400); } - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, '$id='.$userId, @@ -1330,9 +1323,8 @@ $utopia->put('/v1/account/verification') ->param('secret', '', function () { return new Text(256); }, 'Valid verification token.') ->action( function ($userId, $secret) use ($response, $user, $projectDB, $audit) { - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, '$id='.$userId, diff --git a/app/controllers/api/database.php b/app/controllers/api/database.php index 0e4867a06b..af0e358a64 100644 --- a/app/controllers/api/database.php +++ b/app/controllers/api/database.php @@ -483,13 +483,9 @@ $utopia->get('/v1/database/collections/:collectionId/documents') ->param('orderType', 'ASC', function () { return new WhiteList(array('DESC', 'ASC')); }, 'Order direction. Possible values are DESC for descending order, or ASC for ascending order.', true) ->param('orderCast', 'string', function () { return new WhiteList(array('int', 'string', 'date', 'time', 'datetime')); }, 'Order field type casting. Possible values are int, string, date, time or datetime. The database will attempt to cast the order field to the value you pass here. The default value is a string.', true) ->param('search', '', function () { return new Text(256); }, 'Search query. Enter any free text search. The database will try to find a match against all document attributes and children.', true) - ->param('first', false, function () { return new Boolean(true); }, 'Return only the first document. Pass 1 for true or 0 for false. The default value is 0. This option refers to the first element in your current documents range (limit/offset), and not the entire collection.', true) - ->param('last', false, function () { return new Boolean(true); }, 'Return only the last document. Pass 1 for true or 0 for false. The default value is 0. This option refers to the last element in your current documents range (limit/offset), and not the entire collection.', true) ->action( - function ($collectionId, $filters, $offset, $limit, $orderField, $orderType, $orderCast, $search, $first, $last) use ($response, $projectDB, $utopia) { + function ($collectionId, $filters, $offset, $limit, $orderField, $orderType, $orderCast, $search) use ($response, $projectDB, $utopia) { $collection = $projectDB->getDocument($collectionId, false); - $first = ($first === '1' || $first === 'true' || $first === 1 || $first === true); - $last = ($last === '1' || $last === 'true' || $last === 1 || $last === true); if (\is_null($collection->getId()) || Database::SYSTEM_COLLECTION_COLLECTIONS != $collection->getCollection()) { throw new Exception('Collection not found', 404); @@ -502,38 +498,32 @@ $utopia->get('/v1/database/collections/:collectionId/documents') 'orderType' => $orderType, 'orderCast' => $orderCast, 'search' => $search, - 'first' => (bool) $first, - 'last' => (bool) $last, 'filters' => \array_merge($filters, [ '$collection='.$collectionId, ]), ]); - if ($first || $last) { - $response->json((!empty($list) ? $list->getArrayCopy() : [])); - } else { - if ($utopia->isDevelopment()) { - $collection - ->setAttribute('debug', $projectDB->getDebug()) - ->setAttribute('limit', $limit) - ->setAttribute('offset', $offset) - ->setAttribute('orderField', $orderField) - ->setAttribute('orderType', $orderType) - ->setAttribute('orderCast', $orderCast) - ->setAttribute('filters', $filters) - ; - } - + if ($utopia->isDevelopment()) { $collection - ->setAttribute('sum', $projectDB->getSum()) - ->setAttribute('documents', $list) + ->setAttribute('debug', $projectDB->getDebug()) + ->setAttribute('limit', $limit) + ->setAttribute('offset', $offset) + ->setAttribute('orderField', $orderField) + ->setAttribute('orderType', $orderType) + ->setAttribute('orderCast', $orderCast) + ->setAttribute('filters', $filters) ; - - /* - * View - */ - $response->json($collection->getArrayCopy(/*['$id', '$collection', 'name', 'documents']*/[], ['rules'])); } + + $collection + ->setAttribute('sum', $projectDB->getSum()) + ->setAttribute('documents', $list) + ; + + /* + * View + */ + $response->json($collection->getArrayCopy(/*['$id', '$collection', 'name', 'documents']*/[], ['rules'])); } ); diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index 67b4599b2d..e0cf3f8d2a 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -236,9 +236,8 @@ $utopia->post('/v1/teams/:teamId/memberships') ], ]); - $invitee = $projectDB->getCollection([ // Get user by email address + $invitee = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, @@ -484,9 +483,8 @@ $utopia->patch('/v1/teams/:teamId/memberships/:inviteId/status') } if (empty($user->getId())) { - $user = $projectDB->getCollection([ // Get user + $user = $projectDB->getCollectionFirst([ // Get user 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, '$id='.$userId, diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index d1744bf48a..74a257d299 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -34,9 +34,8 @@ $utopia->post('/v1/users') ->param('name', '', function () { return new Text(100); }, 'User name.', true) ->action( function ($email, $password, $name) use ($response, $projectDB) { - $profile = $projectDB->getCollection([ // Get user by email address + $profile = $projectDB->getCollectionFirst([ // Get user by email address 'limit' => 1, - 'first' => true, 'filters' => [ '$collection='.Database::SYSTEM_COLLECTION_USERS, 'email='.$email, diff --git a/app/workers/certificates.php b/app/workers/certificates.php index b04c7409c0..22c3a14e63 100644 --- a/app/workers/certificates.php +++ b/app/workers/certificates.php @@ -77,7 +77,7 @@ class CertificatesV1 } } - $certificate = $consoleDB->getCollection([ + $certificate = $consoleDB->getCollectionFirst([ 'limit' => 1, 'offset' => 0, 'orderField' => 'id', @@ -87,7 +87,6 @@ class CertificatesV1 '$collection='.Database::SYSTEM_COLLECTION_CERTIFICATES, 'domain='.$domain->get(), ], - 'first' => true, ]); // $condition = ($certificate diff --git a/src/Appwrite/Database/Database.php b/src/Appwrite/Database/Database.php index e75eb01b51..45b61cd089 100644 --- a/src/Appwrite/Database/Database.php +++ b/src/Appwrite/Database/Database.php @@ -130,8 +130,6 @@ class Database 'orderField' => '$id', 'orderType' => 'ASC', 'orderCast' => 'int', - 'first' => false, - 'last' => false, 'filters' => [], ], $options); @@ -141,17 +139,31 @@ class Database $node = new Document($node); } - if ($options['first']) { - $results = \reset($results); - } - - if ($options['last']) { - $results = \end($results); - } - return $results; } + /** + * @param array $options + * + * @return Document + */ + public function getCollectionFirst(array $options) + { + $results = $this->getCollection($options); + return \reset($results); + } + + /** + * @param array $options + * + * @return Document + */ + public function getCollectionLast(array $options) + { + $results = $this->getCollection($options); + return \end($results); + } + /** * @param int $id * @param bool $mock is mocked data allowed? diff --git a/tests/e2e/Services/Database/DatabaseBase.php b/tests/e2e/Services/Database/DatabaseBase.php index 60dc1f81cc..7e68940104 100644 --- a/tests/e2e/Services/Database/DatabaseBase.php +++ b/tests/e2e/Services/Database/DatabaseBase.php @@ -317,41 +317,6 @@ trait DatabaseBase return []; } - /** - * @depends testCreateDocument - */ - public function testListDocumentsFirstAndLast(array $data):array - { - $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $data['moviesId'] . '/documents', array_merge([ - 'content-type' => 'application/json', - 'x-appwrite-project' => $this->getProject()['$id'], - ], $this->getHeaders()), [ - 'limit' => 1, - 'orderField' => 'releaseYear', - 'orderType' => 'ASC', - 'orderCast' => 'int', - 'first' => true, - ]); - - $this->assertEquals(1944, $documents['body']['releaseYear']); - - $documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $data['moviesId'] . '/documents', array_merge([ - 'content-type' => 'application/json', - 'x-appwrite-project' => $this->getProject()['$id'], - ], $this->getHeaders()), [ - 'limit' => 2, - 'offset' => 1, - 'orderField' => 'releaseYear', - 'orderType' => 'ASC', - 'orderCast' => 'int', - 'last' => true, - ]); - - $this->assertEquals(2019, $documents['body']['releaseYear']); - - return []; - } - /** * @depends testCreateDocument */