Elgato_dark/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite synced 2026-05-21 16:08:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch '1.7.x' of github.com:appwrite/appwrite into 1.7.x

Browse source
This commit is contained in:
Khushboo Verma 2025-04-22 16:32:08 +05:30
commit bc2e17827c
42 changed files with 2780 additions and 279 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.coderabbit.yaml
View file

@ -1,4 +1,9 @@
reviews:
path_filters:
- "!app/config/specs/**"
- "!docs/examples/**"
- "!docs/references/**"
- "!docs/sdks/**"
auto_review:
base_branches:
- main

86
.github/workflows/tests.yml vendored
View file

@ -197,7 +197,7 @@ jobs:
docker compose exec -T \
-e _APP_DATABASE_SHARED_TABLES \
-e _APP_DATABASE_SHARED_TABLES_V1 \
appwrite test /usr/src/code/tests/e2e/Services/${{ matrix.service }} --debug
appwrite test /usr/src/code/tests/e2e/Services/${{ matrix.service }} --debug --exclude=devKeys
e2e_shared_mode_test:
name: E2E Shared Mode Service Test
@ -275,7 +275,89 @@ jobs:
docker compose exec -T \
-e _APP_DATABASE_SHARED_TABLES \
-e _APP_DATABASE_SHARED_TABLES_V1 \
appwrite test /usr/src/code/tests/e2e/Services/${{ matrix.service }} --debug
appwrite test /usr/src/code/tests/e2e/Services/${{ matrix.service }} --debug --exclude=devKeys
e2e_dev_keys:
name: E2E Service Test (Dev Keys)
runs-on: ubuntu-latest
needs: setup
strategy:
fail-fast: false
steps:
- name: checkout
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
fail-on-cache-miss: true
- name: Load and Start Appwrite
run: |
docker load --input /tmp/${{ env.IMAGE }}.tar
sed -i 's/_APP_OPTIONS_ABUSE=disabled/_APP_OPTIONS_ABUSE=enabled/' .env
docker compose up -d
sleep 30
- name: Run Projects tests with dev keys in ${{ matrix.tables-mode }} table mode
run: |
echo "Using project tables"
export _APP_DATABASE_SHARED_TABLES=
export _APP_DATABASE_SHARED_TABLES_V1=
docker compose exec -T \
-e _APP_DATABASE_SHARED_TABLES \
-e _APP_DATABASE_SHARED_TABLES_V1 \
appwrite test /usr/src/code/tests/e2e/Services/Projects --debug --group=devKeys
e2e_dev_keys_shared_mode:
name: E2E Shared Mode Service Test (Dev Keys)
runs-on: ubuntu-latest
needs: [ setup, check_database_changes ]
if: needs.check_database_changes.outputs.database_changed == 'true'
strategy:
fail-fast: false
matrix:
tables-mode: [
'Shared V1',
'Shared V2',
]
steps:
- name: checkout
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
fail-on-cache-miss: true
- name: Load and Start Appwrite
run: |
docker load --input /tmp/${{ env.IMAGE }}.tar
sed -i 's/_APP_OPTIONS_ABUSE=disabled/_APP_OPTIONS_ABUSE=enabled/' .env
docker compose up -d
sleep 30
- name: Run Projects tests with dev keys in ${{ matrix.tables-mode }} table mode
run: |
if [ "${{ matrix.tables-mode }}" == "Shared V1" ]; then
echo "Using shared tables V1"
export _APP_DATABASE_SHARED_TABLES=database_db_main
export _APP_DATABASE_SHARED_TABLES_V1=database_db_main
elif [ "${{ matrix.tables-mode }}" == "Shared V2" ]; then
echo "Using shared tables V2"
export _APP_DATABASE_SHARED_TABLES=database_db_main
export _APP_DATABASE_SHARED_TABLES_V1=
fi
docker compose exec -T \
-e _APP_DATABASE_SHARED_TABLES \
-e _APP_DATABASE_SHARED_TABLES_V1 \
appwrite test /usr/src/code/tests/e2e/Services/Projects --debug --group=devKeys
benchmarking:
name: Benchmark

130
app/config/collections/platform.php
View file

@ -287,6 +287,17 @@ return [
'array' => false,
'filters' => ['subQueryKeys'],
],
[
'$id' => ID::custom('devKeys'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => 16384,
'signed' => true,
'required' => false,
'default' => null,
'array' => false,
'filters' => ['subQueryDevKeys'],
],
[
'$id' => ID::custom('search'),
'type' => Database::VAR_STRING,
@ -689,6 +700,125 @@ return [
],
],
'devKeys' => [
'$collection' => ID::custom(Database::METADATA),
'$id' => ID::custom('devKeys'),
'name' => 'Dev keys',
'attributes' => [
[
'$id' => ID::custom('projectInternalId'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => true,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('projectId'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => true,
'default' => 0,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('name'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => true,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('secret'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => 512, // var_dump of \bin2hex(\random_bytes(128)) => string(256) doubling for encryption
'signed' => true,
'required' => true,
'default' => null,
'array' => false,
'filters' => ['encrypt'],
],
[
'$id' => ID::custom('expire'),
'type' => Database::VAR_DATETIME,
'format' => '',
'size' => 0,
'signed' => false,
'required' => false,
'default' => null,
'array' => false,
'filters' => ['datetime'],
],
[
'$id' => ID::custom('accessedAt'),
'type' => Database::VAR_DATETIME,
'format' => '',
'size' => 0,
'signed' => false,
'required' => false,
'default' => null,
'array' => false,
'filters' => ['datetime'],
],
[
'$id' => ID::custom('sdks'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => true,
'default' => null,
'array' => true,
'filters' => [],
],
[
'$id' => ID::custom('search'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => 16384,
'signed' => true,
'required' => false,
'default' => null,
'array' => false,
'filters' => [],
],
],
'indexes' => [
[
'$id' => ID::custom('_key_project'),
'type' => Database::INDEX_KEY,
'attributes' => ['projectInternalId'],
'lengths' => [Database::LENGTH_KEY],
'orders' => [Database::ORDER_ASC],
],
[
'$id' => '_key_accessedAt',
'type' => Database::INDEX_KEY,
'attributes' => ['accessedAt'],
'lengths' => [],
'orders' => [],
],
[
'$id' => ID::custom('_key_search'),
'type' => Database::INDEX_FULLTEXT,
'attributes' => ['search'],
'lengths' => [],
'orders' => [],
],
],
],
'webhooks' => [
'$collection' => ID::custom(Database::METADATA),
'$id' => ID::custom('webhooks'),

6
app/config/specs/open-api3-latest-client.json
View file

@ -4763,7 +4763,7 @@
},
"x-appwrite": {
"method": "listExecutions",
"weight": 384,
"weight": 389,
"cookies": false,
"type": "",
"deprecated": false,
@ -4837,7 +4837,7 @@
},
"x-appwrite": {
"method": "createExecution",
"weight": 382,
"weight": 387,
"cookies": false,
"type": "",
"deprecated": false,
@ -4951,7 +4951,7 @@
},
"x-appwrite": {
"method": "getExecution",
"weight": 383,
"weight": 388,
"cookies": false,
"type": "",
"deprecated": false,

603
app/config/specs/open-api3-latest-console.json
View file

File diff suppressed because it is too large Load diff

102
app/config/specs/open-api3-latest-server.json
View file

@ -8136,7 +8136,7 @@
},
"x-appwrite": {
"method": "list",
"weight": 368,
"weight": 373,
"cookies": false,
"type": "",
"deprecated": false,
@ -8209,7 +8209,7 @@
},
"x-appwrite": {
"method": "create",
"weight": 365,
"weight": 370,
"cookies": false,
"type": "",
"deprecated": false,
@ -8440,7 +8440,7 @@
},
"x-appwrite": {
"method": "listRuntimes",
"weight": 370,
"weight": 375,
"cookies": false,
"type": "",
"deprecated": false,
@ -8489,7 +8489,7 @@
},
"x-appwrite": {
"method": "listSpecifications",
"weight": 371,
"weight": 376,
"cookies": false,
"type": "",
"deprecated": false,
@ -8539,7 +8539,7 @@
},
"x-appwrite": {
"method": "get",
"weight": 366,
"weight": 371,
"cookies": false,
"type": "",
"deprecated": false,
@ -8598,7 +8598,7 @@
},
"x-appwrite": {
"method": "update",
"weight": 367,
"weight": 372,
"cookies": false,
"type": "",
"deprecated": false,
@ -8826,7 +8826,7 @@
},
"x-appwrite": {
"method": "delete",
"weight": 369,
"weight": 374,
"cookies": false,
"type": "",
"deprecated": false,
@ -8887,7 +8887,7 @@
},
"x-appwrite": {
"method": "updateFunctionDeployment",
"weight": 374,
"weight": 379,
"cookies": false,
"type": "",
"deprecated": false,
@ -8967,7 +8967,7 @@
},
"x-appwrite": {
"method": "listDeployments",
"weight": 375,
"weight": 380,
"cookies": false,
"type": "",
"deprecated": false,
@ -9050,7 +9050,7 @@
},
"x-appwrite": {
"method": "createDeployment",
"weight": 372,
"weight": 377,
"cookies": false,
"type": "upload",
"deprecated": false,
@ -9146,7 +9146,7 @@
},
"x-appwrite": {
"method": "createDuplicateDeployment",
"weight": 380,
"weight": 385,
"cookies": false,
"type": "",
"deprecated": false,
@ -9231,7 +9231,7 @@
},
"x-appwrite": {
"method": "createTemplateDeployment",
"weight": 377,
"weight": 382,
"cookies": false,
"type": "",
"deprecated": false,
@ -9334,7 +9334,7 @@
},
"x-appwrite": {
"method": "createVcsDeployment",
"weight": 378,
"weight": 383,
"cookies": false,
"type": "",
"deprecated": false,
@ -9431,7 +9431,7 @@
},
"x-appwrite": {
"method": "getDeployment",
"weight": 373,
"weight": 378,
"cookies": false,
"type": "",
"deprecated": false,
@ -9493,7 +9493,7 @@
},
"x-appwrite": {
"method": "deleteDeployment",
"weight": 376,
"weight": 381,
"cookies": false,
"type": "",
"deprecated": false,
@ -9557,7 +9557,7 @@
},
"x-appwrite": {
"method": "getDeploymentDownload",
"weight": 379,
"weight": 384,
"cookies": false,
"type": "location",
"deprecated": false,
@ -9647,7 +9647,7 @@
},
"x-appwrite": {
"method": "updateDeploymentStatus",
"weight": 381,
"weight": 386,
"cookies": false,
"type": "",
"deprecated": false,
@ -9718,7 +9718,7 @@
},
"x-appwrite": {
"method": "listExecutions",
"weight": 384,
"weight": 389,
"cookies": false,
"type": "",
"deprecated": false,
@ -9794,7 +9794,7 @@
},
"x-appwrite": {
"method": "createExecution",
"weight": 382,
"weight": 387,
"cookies": false,
"type": "",
"deprecated": false,
@ -9910,7 +9910,7 @@
},
"x-appwrite": {
"method": "getExecution",
"weight": 383,
"weight": 388,
"cookies": false,
"type": "",
"deprecated": false,
@ -9976,7 +9976,7 @@
},
"x-appwrite": {
"method": "deleteExecution",
"weight": 385,
"weight": 390,
"cookies": false,
"type": "",
"deprecated": false,
@ -10047,7 +10047,7 @@
},
"x-appwrite": {
"method": "listVariables",
"weight": 390,
"weight": 395,
"cookies": false,
"type": "",
"deprecated": false,
@ -10106,7 +10106,7 @@
},
"x-appwrite": {
"method": "createVariable",
"weight": 388,
"weight": 393,
"cookies": false,
"type": "",
"deprecated": false,
@ -10197,7 +10197,7 @@
},
"x-appwrite": {
"method": "getVariable",
"weight": 389,
"weight": 394,
"cookies": false,
"type": "",
"deprecated": false,
@ -10266,7 +10266,7 @@
},
"x-appwrite": {
"method": "updateVariable",
"weight": 391,
"weight": 396,
"cookies": false,
"type": "",
"deprecated": false,
@ -10357,7 +10357,7 @@
},
"x-appwrite": {
"method": "deleteVariable",
"weight": 392,
"weight": 397,
"cookies": false,
"type": "",
"deprecated": false,
@ -16691,7 +16691,7 @@
},
"x-appwrite": {
"method": "list",
"weight": 397,
"weight": 402,
"cookies": false,
"type": "",
"deprecated": false,
@ -16761,7 +16761,7 @@
},
"x-appwrite": {
"method": "create",
"weight": 395,
"weight": 400,
"cookies": false,
"type": "",
"deprecated": false,
@ -17007,7 +17007,7 @@
},
"x-appwrite": {
"method": "listFrameworks",
"weight": 400,
"weight": 405,
"cookies": false,
"type": "",
"deprecated": false,
@ -17056,7 +17056,7 @@
},
"x-appwrite": {
"method": "listSpecifications",
"weight": 423,
"weight": 428,
"cookies": false,
"type": "",
"deprecated": false,
@ -17106,7 +17106,7 @@
},
"x-appwrite": {
"method": "get",
"weight": 396,
"weight": 401,
"cookies": false,
"type": "",
"deprecated": false,
@ -17165,7 +17165,7 @@
},
"x-appwrite": {
"method": "update",
"weight": 398,
"weight": 403,
"cookies": false,
"type": "",
"deprecated": false,
@ -17407,7 +17407,7 @@
},
"x-appwrite": {
"method": "delete",
"weight": 399,
"weight": 404,
"cookies": false,
"type": "",
"deprecated": false,
@ -17468,7 +17468,7 @@
},
"x-appwrite": {
"method": "updateSiteDeployment",
"weight": 406,
"weight": 411,
"cookies": false,
"type": "",
"deprecated": false,
@ -17548,7 +17548,7 @@
},
"x-appwrite": {
"method": "listDeployments",
"weight": 405,
"weight": 410,
"cookies": false,
"type": "",
"deprecated": false,
@ -17631,7 +17631,7 @@
},
"x-appwrite": {
"method": "createDeployment",
"weight": 401,
"weight": 406,
"cookies": false,
"type": "upload",
"deprecated": false,
@ -17732,7 +17732,7 @@
},
"x-appwrite": {
"method": "createDuplicateDeployment",
"weight": 409,
"weight": 414,
"cookies": false,
"type": "",
"deprecated": false,
@ -17812,7 +17812,7 @@
},
"x-appwrite": {
"method": "createTemplateDeployment",
"weight": 402,
"weight": 407,
"cookies": false,
"type": "",
"deprecated": false,
@ -17915,7 +17915,7 @@
},
"x-appwrite": {
"method": "createVcsDeployment",
"weight": 403,
"weight": 408,
"cookies": false,
"type": "",
"deprecated": false,
@ -18013,7 +18013,7 @@
},
"x-appwrite": {
"method": "getDeployment",
"weight": 404,
"weight": 409,
"cookies": false,
"type": "",
"deprecated": false,
@ -18075,7 +18075,7 @@
},
"x-appwrite": {
"method": "deleteDeployment",
"weight": 407,
"weight": 412,
"cookies": false,
"type": "",
"deprecated": false,
@ -18139,7 +18139,7 @@
},
"x-appwrite": {
"method": "getDeploymentDownload",
"weight": 408,
"weight": 413,
"cookies": false,
"type": "location",
"deprecated": false,
@ -18229,7 +18229,7 @@
},
"x-appwrite": {
"method": "updateDeploymentStatus",
"weight": 410,
"weight": 415,
"cookies": false,
"type": "",
"deprecated": false,
@ -18300,7 +18300,7 @@
},
"x-appwrite": {
"method": "listLogs",
"weight": 412,
"weight": 417,
"cookies": false,
"type": "",
"deprecated": false,
@ -18371,7 +18371,7 @@
},
"x-appwrite": {
"method": "getLog",
"weight": 411,
"weight": 416,
"cookies": false,
"type": "",
"deprecated": false,
@ -18433,7 +18433,7 @@
},
"x-appwrite": {
"method": "deleteLog",
"weight": 413,
"weight": 418,
"cookies": false,
"type": "",
"deprecated": false,
@ -18504,7 +18504,7 @@
},
"x-appwrite": {
"method": "listVariables",
"weight": 416,
"weight": 421,
"cookies": false,
"type": "",
"deprecated": false,
@ -18563,7 +18563,7 @@
},
"x-appwrite": {
"method": "createVariable",
"weight": 414,
"weight": 419,
"cookies": false,
"type": "",
"deprecated": false,
@ -18654,7 +18654,7 @@
},
"x-appwrite": {
"method": "getVariable",
"weight": 415,
"weight": 420,
"cookies": false,
"type": "",
"deprecated": false,
@ -18723,7 +18723,7 @@
},
"x-appwrite": {
"method": "updateVariable",
"weight": 417,
"weight": 422,
"cookies": false,
"type": "",
"deprecated": false,
@ -18814,7 +18814,7 @@
},
"x-appwrite": {
"method": "deleteVariable",
"weight": 418,
"weight": 423,
"cookies": false,
"type": "",
"deprecated": false,

6
app/config/specs/swagger2-latest-client.json
View file

@ -4929,7 +4929,7 @@
},
"x-appwrite": {
"method": "listExecutions",
"weight": 384,
"weight": 389,
"cookies": false,
"type": "",
"deprecated": false,
@ -5002,7 +5002,7 @@
},
"x-appwrite": {
"method": "createExecution",
"weight": 382,
"weight": 387,
"cookies": false,
"type": "",
"deprecated": false,
@ -5120,7 +5120,7 @@
},
"x-appwrite": {
"method": "getExecution",
"weight": 383,
"weight": 388,
"cookies": false,
"type": "",
"deprecated": false,

601
app/config/specs/swagger2-latest-console.json
View file

File diff suppressed because it is too large Load diff

102
app/config/specs/swagger2-latest-server.json
View file

@ -8282,7 +8282,7 @@
},
"x-appwrite": {
"method": "list",
"weight": 368,
"weight": 373,
"cookies": false,
"type": "",
"deprecated": false,
@ -8354,7 +8354,7 @@
},
"x-appwrite": {
"method": "create",
"weight": 365,
"weight": 370,
"cookies": false,
"type": "",
"deprecated": false,
@ -8605,7 +8605,7 @@
},
"x-appwrite": {
"method": "listRuntimes",
"weight": 370,
"weight": 375,
"cookies": false,
"type": "",
"deprecated": false,
@ -8656,7 +8656,7 @@
},
"x-appwrite": {
"method": "listSpecifications",
"weight": 371,
"weight": 376,
"cookies": false,
"type": "",
"deprecated": false,
@ -8708,7 +8708,7 @@
},
"x-appwrite": {
"method": "get",
"weight": 366,
"weight": 371,
"cookies": false,
"type": "",
"deprecated": false,
@ -8767,7 +8767,7 @@
},
"x-appwrite": {
"method": "update",
"weight": 367,
"weight": 372,
"cookies": false,
"type": "",
"deprecated": false,
@ -9012,7 +9012,7 @@
},
"x-appwrite": {
"method": "delete",
"weight": 369,
"weight": 374,
"cookies": false,
"type": "",
"deprecated": false,
@ -9073,7 +9073,7 @@
},
"x-appwrite": {
"method": "updateFunctionDeployment",
"weight": 374,
"weight": 379,
"cookies": false,
"type": "",
"deprecated": false,
@ -9152,7 +9152,7 @@
},
"x-appwrite": {
"method": "listDeployments",
"weight": 375,
"weight": 380,
"cookies": false,
"type": "",
"deprecated": false,
@ -9232,7 +9232,7 @@
},
"x-appwrite": {
"method": "createDeployment",
"weight": 372,
"weight": 377,
"cookies": false,
"type": "upload",
"deprecated": false,
@ -9324,7 +9324,7 @@
},
"x-appwrite": {
"method": "createDuplicateDeployment",
"weight": 380,
"weight": 385,
"cookies": false,
"type": "",
"deprecated": false,
@ -9409,7 +9409,7 @@
},
"x-appwrite": {
"method": "createTemplateDeployment",
"weight": 377,
"weight": 382,
"cookies": false,
"type": "",
"deprecated": false,
@ -9515,7 +9515,7 @@
},
"x-appwrite": {
"method": "createVcsDeployment",
"weight": 378,
"weight": 383,
"cookies": false,
"type": "",
"deprecated": false,
@ -9613,7 +9613,7 @@
},
"x-appwrite": {
"method": "getDeployment",
"weight": 373,
"weight": 378,
"cookies": false,
"type": "",
"deprecated": false,
@ -9675,7 +9675,7 @@
},
"x-appwrite": {
"method": "deleteDeployment",
"weight": 376,
"weight": 381,
"cookies": false,
"type": "",
"deprecated": false,
@ -9744,7 +9744,7 @@
},
"x-appwrite": {
"method": "getDeploymentDownload",
"weight": 379,
"weight": 384,
"cookies": false,
"type": "location",
"deprecated": false,
@ -9830,7 +9830,7 @@
},
"x-appwrite": {
"method": "updateDeploymentStatus",
"weight": 381,
"weight": 386,
"cookies": false,
"type": "",
"deprecated": false,
@ -9899,7 +9899,7 @@
},
"x-appwrite": {
"method": "listExecutions",
"weight": 384,
"weight": 389,
"cookies": false,
"type": "",
"deprecated": false,
@ -9974,7 +9974,7 @@
},
"x-appwrite": {
"method": "createExecution",
"weight": 382,
"weight": 387,
"cookies": false,
"type": "",
"deprecated": false,
@ -10094,7 +10094,7 @@
},
"x-appwrite": {
"method": "getExecution",
"weight": 383,
"weight": 388,
"cookies": false,
"type": "",
"deprecated": false,
@ -10160,7 +10160,7 @@
},
"x-appwrite": {
"method": "deleteExecution",
"weight": 385,
"weight": 390,
"cookies": false,
"type": "",
"deprecated": false,
@ -10229,7 +10229,7 @@
},
"x-appwrite": {
"method": "listVariables",
"weight": 390,
"weight": 395,
"cookies": false,
"type": "",
"deprecated": false,
@ -10288,7 +10288,7 @@
},
"x-appwrite": {
"method": "createVariable",
"weight": 388,
"weight": 393,
"cookies": false,
"type": "",
"deprecated": false,
@ -10380,7 +10380,7 @@
},
"x-appwrite": {
"method": "getVariable",
"weight": 389,
"weight": 394,
"cookies": false,
"type": "",
"deprecated": false,
@ -10447,7 +10447,7 @@
},
"x-appwrite": {
"method": "updateVariable",
"weight": 391,
"weight": 396,
"cookies": false,
"type": "",
"deprecated": false,
@ -10539,7 +10539,7 @@
},
"x-appwrite": {
"method": "deleteVariable",
"weight": 392,
"weight": 397,
"cookies": false,
"type": "",
"deprecated": false,
@ -17154,7 +17154,7 @@
},
"x-appwrite": {
"method": "list",
"weight": 397,
"weight": 402,
"cookies": false,
"type": "",
"deprecated": false,
@ -17226,7 +17226,7 @@
},
"x-appwrite": {
"method": "create",
"weight": 395,
"weight": 400,
"cookies": false,
"type": "",
"deprecated": false,
@ -17492,7 +17492,7 @@
},
"x-appwrite": {
"method": "listFrameworks",
"weight": 400,
"weight": 405,
"cookies": false,
"type": "",
"deprecated": false,
@ -17543,7 +17543,7 @@
},
"x-appwrite": {
"method": "listSpecifications",
"weight": 423,
"weight": 428,
"cookies": false,
"type": "",
"deprecated": false,
@ -17595,7 +17595,7 @@
},
"x-appwrite": {
"method": "get",
"weight": 396,
"weight": 401,
"cookies": false,
"type": "",
"deprecated": false,
@ -17654,7 +17654,7 @@
},
"x-appwrite": {
"method": "update",
"weight": 398,
"weight": 403,
"cookies": false,
"type": "",
"deprecated": false,
@ -17913,7 +17913,7 @@
},
"x-appwrite": {
"method": "delete",
"weight": 399,
"weight": 404,
"cookies": false,
"type": "",
"deprecated": false,
@ -17974,7 +17974,7 @@
},
"x-appwrite": {
"method": "updateSiteDeployment",
"weight": 406,
"weight": 411,
"cookies": false,
"type": "",
"deprecated": false,
@ -18053,7 +18053,7 @@
},
"x-appwrite": {
"method": "listDeployments",
"weight": 405,
"weight": 410,
"cookies": false,
"type": "",
"deprecated": false,
@ -18133,7 +18133,7 @@
},
"x-appwrite": {
"method": "createDeployment",
"weight": 401,
"weight": 406,
"cookies": false,
"type": "upload",
"deprecated": false,
@ -18233,7 +18233,7 @@
},
"x-appwrite": {
"method": "createDuplicateDeployment",
"weight": 409,
"weight": 414,
"cookies": false,
"type": "",
"deprecated": false,
@ -18312,7 +18312,7 @@
},
"x-appwrite": {
"method": "createTemplateDeployment",
"weight": 402,
"weight": 407,
"cookies": false,
"type": "",
"deprecated": false,
@ -18418,7 +18418,7 @@
},
"x-appwrite": {
"method": "createVcsDeployment",
"weight": 403,
"weight": 408,
"cookies": false,
"type": "",
"deprecated": false,
@ -18517,7 +18517,7 @@
},
"x-appwrite": {
"method": "getDeployment",
"weight": 404,
"weight": 409,
"cookies": false,
"type": "",
"deprecated": false,
@ -18579,7 +18579,7 @@
},
"x-appwrite": {
"method": "deleteDeployment",
"weight": 407,
"weight": 412,
"cookies": false,
"type": "",
"deprecated": false,
@ -18648,7 +18648,7 @@
},
"x-appwrite": {
"method": "getDeploymentDownload",
"weight": 408,
"weight": 413,
"cookies": false,
"type": "location",
"deprecated": false,
@ -18734,7 +18734,7 @@
},
"x-appwrite": {
"method": "updateDeploymentStatus",
"weight": 410,
"weight": 415,
"cookies": false,
"type": "",
"deprecated": false,
@ -18803,7 +18803,7 @@
},
"x-appwrite": {
"method": "listLogs",
"weight": 412,
"weight": 417,
"cookies": false,
"type": "",
"deprecated": false,
@ -18876,7 +18876,7 @@
},
"x-appwrite": {
"method": "getLog",
"weight": 411,
"weight": 416,
"cookies": false,
"type": "",
"deprecated": false,
@ -18940,7 +18940,7 @@
},
"x-appwrite": {
"method": "deleteLog",
"weight": 413,
"weight": 418,
"cookies": false,
"type": "",
"deprecated": false,
@ -19009,7 +19009,7 @@
},
"x-appwrite": {
"method": "listVariables",
"weight": 416,
"weight": 421,
"cookies": false,
"type": "",
"deprecated": false,
@ -19068,7 +19068,7 @@
},
"x-appwrite": {
"method": "createVariable",
"weight": 414,
"weight": 419,
"cookies": false,
"type": "",
"deprecated": false,
@ -19160,7 +19160,7 @@
},
"x-appwrite": {
"method": "getVariable",
"weight": 415,
"weight": 420,
"cookies": false,
"type": "",
"deprecated": false,
@ -19227,7 +19227,7 @@
},
"x-appwrite": {
"method": "updateVariable",
"weight": 417,
"weight": 422,
"cookies": false,
"type": "",
"deprecated": false,
@ -19319,7 +19319,7 @@
},
"x-appwrite": {
"method": "deleteVariable",
"weight": 418,
"weight": 423,
"cookies": false,
"type": "",
"deprecated": false,

14
app/controllers/api/account.php
View file

@ -1188,8 +1188,8 @@ App::get('/v1/account/sessions/oauth2/:provider')
->label('abuse-limit', 50)
->label('abuse-key', 'ip:{ip}')
->param('provider', '', new WhiteList(\array_keys(Config::getParam('oAuthProviders')), true), 'OAuth2 Provider. Currently, supported providers are: ' . \implode(', ', \array_keys(\array_filter(Config::getParam('oAuthProviders'), fn ($node) => (!$node['mock'])))) . '.')
->param('success', '', fn ($clients) => new Host($clients), 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
->param('failure', '', fn ($clients) => new Host($clients), 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
->param('success', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey'])
->param('failure', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey'])
->param('scopes', [], new ArrayList(new Text(APP_LIMIT_ARRAY_ELEMENT_SIZE), APP_LIMIT_ARRAY_PARAMS_SIZE), 'A list of custom OAuth2 scopes. Check each provider internal docs for a list of supported scopes. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true)
->inject('request')
->inject('response')
@ -1784,8 +1784,8 @@ App::get('/v1/account/tokens/oauth2/:provider')
->label('abuse-limit', 50)
->label('abuse-key', 'ip:{ip}')
->param('provider', '', new WhiteList(\array_keys(Config::getParam('oAuthProviders')), true), 'OAuth2 Provider. Currently, supported providers are: ' . \implode(', ', \array_keys(\array_filter(Config::getParam('oAuthProviders'), fn ($node) => (!$node['mock'])))) . '.')
->param('success', '', fn ($clients) => new Host($clients), 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
->param('failure', '', fn ($clients) => new Host($clients), 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
->param('success', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey'])
->param('failure', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project\'s platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey'])
->param('scopes', [], new ArrayList(new Text(APP_LIMIT_ARRAY_ELEMENT_SIZE), APP_LIMIT_ARRAY_PARAMS_SIZE), 'A list of custom OAuth2 scopes. Check each provider internal docs for a list of supported scopes. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long.', true)
->inject('request')
->inject('response')
@ -1864,7 +1864,7 @@ App::post('/v1/account/tokens/magic-url')
->label('abuse-key', ['url:{url},email:{param-email}', 'url:{url},ip:{ip}'])
->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
->param('email', '', new Email(), 'User email.')
->param('url', '', fn ($clients) => new Host($clients), 'URL to redirect the user back to your app from the magic URL login. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
->param('url', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect the user back to your app from the magic URL login. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey'])
->param('phrase', false, new Boolean(), 'Toggle for security phrase. If enabled, email will be send with a randomly generated phrase and the phrase will also be included in the response. Confirming phrases match increases the security of your authentication flow.', true)
->inject('request')
->inject('response')
@ -3159,7 +3159,7 @@ App::post('/v1/account/recovery')
->label('abuse-limit', 10)
->label('abuse-key', ['url:{url},email:{param-email}', 'url:{url},ip:{ip}'])
->param('email', '', new Email(), 'User email.')
->param('url', '', fn ($clients) => new Host($clients), 'URL to redirect the user back to your app from the recovery email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', false, ['clients'])
->param('url', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect the user back to your app from the recovery email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', false, ['clients', 'devKey'])
->inject('request')
->inject('response')
->inject('user')
@ -3434,7 +3434,7 @@ App::post('/v1/account/verification')
))
->label('abuse-limit', 10)
->label('abuse-key', 'url:{url},userId:{userId}')
->param('url', '', fn ($clients) => new Host($clients), 'URL to redirect the user back to your app from the verification email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', false, ['clients']) // TODO add built-in confirm page
->param('url', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect the user back to your app from the verification email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', false, ['clients', 'devKey']) // TODO add built-in confirm page
->inject('request')
->inject('response')
->inject('project')

3
app/controllers/api/teams.php
View file

@ -51,6 +51,7 @@ use Utopia\Validator\ArrayList;
use Utopia\Validator\Assoc;
use Utopia\Validator\Host;
use Utopia\Validator\Text;
use Utopia\Validator\URL;
use Utopia\Validator\WhiteList;
App::post('/v1/teams')
@ -455,7 +456,7 @@ App::post('/v1/teams/:teamId/memberships')
}
return new ArrayList(new Key(), APP_LIMIT_ARRAY_PARAMS_SIZE);
}, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](https://appwrite.io/docs/permissions). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 32 characters long.', false, ['project'])
->param('url', '', fn ($clients) => new Host($clients), 'URL to redirect the user back to your app from the invitation email. This parameter is not required when an API key is supplied. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients']) // TODO add our own built-in confirm page
->param('url', '', fn ($clients, $devKey) => $devKey->isEmpty() ? new Host($clients) : new URL(), 'URL to redirect the user back to your app from the invitation email. This parameter is not required when an API key is supplied. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients', 'devKey']) // TODO add our own built-in confirm page
->param('name', '', new Text(128), 'Name of the new team member. Max length: 128 chars.', true)
->inject('response')
->inject('project')

20
app/controllers/general.php
View file

@ -106,7 +106,7 @@ function router(App $utopia, Database $dbForPlatform, callable $getProjectDB, Sw
);
if (!$project->isEmpty() && $project->getId() !== 'console') {
$accessedAt = $project->getAttribute('accessedAt', '');
$accessedAt = $project->getAttribute('accessedAt', 0);
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_PROJECT_ACCESS)) > $accessedAt) {
$project->setAttribute('accessedAt', DateTime::now());
Authorization::skip(fn () => $dbForPlatform->updateDocument('projects', $project->getId(), $project));
@ -760,8 +760,9 @@ App::init()
->inject('executor')
->inject('isResourceBlocked')
->inject('previewHostname')
->inject('devKey')
->inject('apiKey')
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Document $console, Document $project, Database $dbForPlatform, callable $getProjectDB, Locale $locale, array $localeCodes, array $clients, Reader $geodb, StatsUsage $queueForStatsUsage, Event $queueForEvents, Certificate $queueForCertificates, Func $queueForFunctions, Executor $executor, callable $isResourceBlocked, string $previewHostname, ?Key $apiKey) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Document $console, Document $project, Database $dbForPlatform, callable $getProjectDB, Locale $locale, array $localeCodes, array $clients, Reader $geodb, StatsUsage $queueForStatsUsage, Event $queueForEvents, Certificate $queueForCertificates, Func $queueForFunctions, Executor $executor, callable $isResourceBlocked, string $previewHostname, Document $devKey, ?Key $apiKey) {
/*
* Appwrite Router
*/
@ -994,6 +995,10 @@ App::init()
->addHeader('Access-Control-Allow-Origin', $refDomain)
->addHeader('Access-Control-Allow-Credentials', 'true');
if (!$devKey->isEmpty()) {
$response->addHeader('Access-Control-Allow-Origin', '*');
}
/*
* Validate Client Domain - Check to avoid CSRF attack
* Adding Appwrite API domains to allow XDOMAIN communication
@ -1004,6 +1009,7 @@ App::init()
if (
!$originValidator->isValid($origin)
&& $devKey->isEmpty()
&& \in_array($request->getMethod(), [Request::METHOD_POST, Request::METHOD_PUT, Request::METHOD_PATCH, Request::METHOD_DELETE])
&& $route->getLabel('origin', false) !== '*'
&& empty($request->getHeader('x-appwrite-key', ''))
@ -1027,8 +1033,9 @@ App::options()
->inject('isResourceBlocked')
->inject('previewHostname')
->inject('project')
->inject('devKey')
->inject('apiKey')
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Database $dbForPlatform, callable $getProjectDB, Event $queueForEvents, StatsUsage $queueForStatsUsage, Func $queueForFunctions, Executor $executor, Reader $geodb, callable $isResourceBlocked, string $previewHostname, Document $project, ?Key $apiKey) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Database $dbForPlatform, callable $getProjectDB, Event $queueForEvents, StatsUsage $queueForStatsUsage, Func $queueForFunctions, Executor $executor, Reader $geodb, callable $isResourceBlocked, string $previewHostname, Document $project, Document $devKey, ?Key $apiKey) {
/*
* Appwrite Router
*/
@ -1052,6 +1059,10 @@ App::options()
->addHeader('Access-Control-Allow-Credentials', 'true')
->noContent();
if (!$devKey->isEmpty()) {
$response->addHeader('Access-Control-Allow-Origin', '*');
}
/** OPTIONS requests in utopia do not execute shutdown handlers, as a result we need to track the OPTIONS requests explicitly
* @see https://github.com/utopia-php/http/blob/0.33.16/src/App.php#L825-L855
*/
@ -1072,6 +1083,7 @@ App::error()
->inject('logger')
->inject('log')
->inject('queueForStatsUsage')
->inject('devKey')
->action(function (Throwable $error, App $utopia, Request $request, Response $response, Document $project, ?Logger $logger, Log $log, StatsUsage $queueForStatsUsage) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
$route = $utopia->getRoute();
@ -1286,7 +1298,7 @@ App::error()
$type = $error->getType();
$output = ((App::isDevelopment())) ? [
$output = App::isDevelopment() ? [
'message' => $message,
'code' => $code,
'file' => $file,

14
app/controllers/shared/api.php
View file

@ -250,7 +250,7 @@ App::init()
);
if ($dbKey) {
$accessedAt = $dbKey->getAttribute('accessedAt', '');
$accessedAt = $dbKey->getAttribute('accessedAt', 0);
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_KEY_ACCESS)) > $accessedAt) {
$dbKey->setAttribute('accessedAt', DateTime::now());
@ -261,7 +261,7 @@ App::init()
$sdkValidator = new WhiteList($servers, true);
$sdk = $request->getHeader('x-sdk-name', 'UNKNOWN');
if ($sdkValidator->isValid($sdk)) {
if ($sdk !== 'UNKNOWN' && $sdkValidator->isValid($sdk)) {
$sdks = $dbKey->getAttribute('sdks', []);
if (!in_array($sdk, $sdks)) {
@ -311,7 +311,7 @@ App::init()
// Update project last activity
if (!$project->isEmpty() && $project->getId() !== 'console') {
$accessedAt = $project->getAttribute('accessedAt', '');
$accessedAt = $project->getAttribute('accessedAt', 0);
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_PROJECT_ACCESS)) > $accessedAt) {
$project->setAttribute('accessedAt', DateTime::now());
Authorization::skip(fn () => $dbForPlatform->updateDocument('projects', $project->getId(), $project));
@ -320,7 +320,7 @@ App::init()
// Update user last activity
if (!empty($user->getId())) {
$accessedAt = $user->getAttribute('accessedAt', '');
$accessedAt = $user->getAttribute('accessedAt', 0);
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_USER_ACCESS)) > $accessedAt) {
$user->setAttribute('accessedAt', DateTime::now());
@ -402,7 +402,8 @@ App::init()
->inject('mode')
->inject('apiKey')
->inject('plan')
->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Publisher $publisher, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, StatsUsage $queueForStatsUsage, Database $dbForProject, callable $timelimit, string $mode, ?Key $apiKey, array $plan) use ($usageDatabaseListener, $eventDatabaseListener) {
->inject('devKey')
->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Publisher $publisher, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, StatsUsage $queueForStatsUsage, Database $dbForProject, callable $timelimit, string $mode, ?Key $apiKey, array $plan, Document $devKey) use ($usageDatabaseListener, $eventDatabaseListener) {
$route = $utopia->getRoute();
@ -469,6 +470,7 @@ App::init()
$enabled // Abuse is enabled
&& !$isAppUser // User is not API key
&& !$isPrivilegedUser // User is not an admin
&& $devKey->isEmpty() // request doesn't not contain development key
&& $abuse->check() // Route is rate-limited
) {
throw new Exception(Exception::GENERAL_RATE_LIMIT_EXCEEDED);
@ -798,7 +800,7 @@ App::shutdown()
$key = md5($request->getURI() . '*' . implode('*', $request->getParams()) . '*' . APP_CACHE_BUSTER);
$signature = md5($data['payload']);
$cacheLog = Authorization::skip(fn () => $dbForProject->getDocument('cache', $key));
$accessedAt = $cacheLog->getAttribute('accessedAt', '');
$accessedAt = $cacheLog->getAttribute('accessedAt', 0);
$now = DateTime::now();
if ($cacheLog->isEmpty()) {
Authorization::skip(fn () => $dbForProject->createDocument('cache', new Document([

14
app/init/database/filters.php
View file

@ -133,6 +133,20 @@ Database::addFilter(
}
);
Database::addFilter(
'subQueryDevKeys',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('devKeys', [
Query::equal('projectInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]);
}
);
Database::addFilter(
'subQueryWebhooks',
function (mixed $value) {

45
app/init/resources.php
View file

@ -29,6 +29,7 @@ use Utopia\Cache\Cache;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\DateTime as DatabaseDateTime;
use Utopia\Database\Document;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Query;
@ -49,6 +50,7 @@ use Utopia\Storage\Device\Wasabi;
use Utopia\Storage\Storage;
use Utopia\System\System;
use Utopia\Validator\Hostname;
use Utopia\Validator\WhiteList;
use Utopia\VCS\Adapter\Git\GitHub as VcsGitHub;
// Runtime Execution
@ -789,6 +791,49 @@ App::setResource('smsRates', function () {
return [];
});
App::setResource('devKey', function (Request $request, Document $project, array $servers, Database $dbForPlatform) {
$devKey = $request->getHeader('x-appwrite-dev-key', $request->getParam('devKey', ''));
// Check if given key match project's development keys
$key = $project->find('secret', $devKey, 'devKeys');
if (!$key) {
return new Document([]);
}
// check expiration
$expire = $key->getAttribute('expire');
if (!empty($expire) && $expire < DatabaseDateTime::formatTz(DatabaseDateTime::now())) {
return new Document([]);
}
// update access time
$accessedAt = $key->getAttribute('accessedAt', 0);
if (empty($accessedAt) || DatabaseDateTime::formatTz(DatabaseDateTime::addSeconds(new \DateTime(), -APP_KEY_ACCESS)) > $accessedAt) {
$key->setAttribute('accessedAt', DatabaseDateTime::now());
Authorization::skip(fn () => $dbForPlatform->updateDocument('devKeys', $key->getId(), $key));
$dbForPlatform->purgeCachedDocument('projects', $project->getId());
}
// add sdk to key
$sdkValidator = new WhiteList($servers, true);
$sdk = $request->getHeader('x-sdk-name', 'UNKNOWN');
if ($sdk !== 'UNKNOWN' && $sdkValidator->isValid($sdk)) {
$sdks = $key->getAttribute('sdks', []);
if (!in_array($sdk, $sdks)) {
$sdks[] = $sdk;
$key->setAttribute('sdks', $sdks);
/** Update access time as well */
$key->setAttribute('accessedAt', DatabaseDateTime::now());
$key = Authorization::skip(fn () => $dbForPlatform->updateDocument('devKeys', $key->getId(), $key));
$dbForPlatform->purgeCachedDocument('projects', $project->getId());
}
}
return $key;
}, ['request', 'project', 'servers', 'dbForPlatform']);
App::setResource('team', function (Document $project, Database $dbForPlatform, App $utopia, Request $request) {
$teamInternalId = '';
if ($project->getId() !== 'console') {

2
src/Appwrite/Platform/Appwrite.php
View file

@ -5,6 +5,7 @@ namespace Appwrite\Platform;
use Appwrite\Platform\Modules\Console;
use Appwrite\Platform\Modules\Core;
use Appwrite\Platform\Modules\Functions;
use Appwrite\Platform\Modules\Projects;
use Appwrite\Platform\Modules\Proxy;
use Appwrite\Platform\Modules\Sites;
use Utopia\Platform\Platform;
@ -14,6 +15,7 @@ class Appwrite extends Platform
public function __construct()
{
parent::__construct(new Core());
$this->addModule(new Projects\Module());
$this->addModule(new Functions\Module());
$this->addModule(new Sites\Module());
$this->addModule(new Console\Module());

96
src/Appwrite/Platform/Modules/Projects/Http/DevKeys/Create.php Normal file
View file

@ -0,0 +1,96 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Http\DevKeys;
use Appwrite\Extend\Exception;
use Appwrite\SDK\AuthType;
use Appwrite\SDK\ContentType;
use Appwrite\SDK\Method;
use Appwrite\SDK\Response as SDKResponse;
use Appwrite\Utopia\Response;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\UID;
use Utopia\Platform\Action;
use Utopia\Platform\Scope\HTTP;
use Utopia\Validator\Text;
class Create extends Action
{
use HTTP;
public static function getName()
{
return 'createDevKey';
}
public function __construct()
{
$this
->setHttpMethod(Action::HTTP_REQUEST_METHOD_POST)
->setHttpPath('/v1/projects/:projectId/dev-keys')
->desc('Create dev key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('sdk', new Method(
namespace: 'projects',
name: 'createDevKey',
description: <<<EOT
Create a new project dev key. Dev keys are project specific and allow you to bypass rate limits and get better error logging during development. Strictly meant for development purposes only.
EOT,
auth: [AuthType::ADMIN],
responses: [
new SDKResponse(
code: Response::STATUS_CODE_CREATED,
model: Response::MODEL_DEV_KEY
)
],
contentType: ContentType::JSON
))
->param('projectId', '', new UID(), 'Project unique ID.')
->param('name', null, new Text(128), 'Key name. Max length: 128 chars.')
->param('expire', null, new DatetimeValidator(), 'Expiration time in [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.', false)
->inject('user')
->inject('response')
->inject('dbForPlatform')
->callback([$this, 'action']);
}
public function action(string $projectId, string $name, ?string $expire, Document $user, Response $response, Database $dbForPlatform)
{
$project = $dbForPlatform->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$devKeyId = ID::unique();
$key = new Document([
'$id' => $devKeyId,
'$permissions' => [
Permission::read(Role::user($user->getId())),
Permission::update(Role::user($user->getId())),
Permission::delete(Role::user($user->getId())),
],
'projectInternalId' => $project->getInternalId(),
'projectId' => $project->getId(),
'name' => $name,
'expire' => $expire,
'sdks' => [],
'search' => implode('', [$name, $project->getId(), $devKeyId]),
'accessedAt' => null,
'secret' => \bin2hex(\random_bytes(128)),
]);
$key = $dbForPlatform->createDocument('devKeys', $key);
$dbForPlatform->purgeCachedDocument('projects', $project->getId());
$response
->setStatusCode(Response::STATUS_CODE_CREATED)
->dynamic($key, Response::MODEL_DEV_KEY);
}
}

75
src/Appwrite/Platform/Modules/Projects/Http/DevKeys/Delete.php Normal file
View file

@ -0,0 +1,75 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Http\DevKeys;
use Appwrite\Extend\Exception;
use Appwrite\SDK\AuthType;
use Appwrite\SDK\ContentType;
use Appwrite\SDK\Method;
use Appwrite\SDK\Response as SDKResponse;
use Appwrite\Utopia\Response;
use Utopia\Database\Database;
use Utopia\Database\Validator\UID;
use Utopia\Platform\Action;
use Utopia\Platform\Scope\HTTP;
class Delete extends Action
{
use HTTP;
public static function getName()
{
return 'deleteDevKey';
}
public function __construct()
{
$this
->setHttpMethod(Action::HTTP_REQUEST_METHOD_DELETE)
->setHttpPath('/v1/projects/:projectId/dev-keys/:keyId')
->desc('Delete dev key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('sdk', new Method(
namespace: 'projects',
name: 'deleteDevKey',
description: <<<EOT
Delete a project\'s dev key by its unique ID. Once deleted, the key will no longer allow bypassing of rate limits and better logging of errors.
EOT,
auth: [AuthType::ADMIN],
responses: [
new SDKResponse(
code: Response::STATUS_CODE_NOCONTENT,
model: Response::MODEL_NONE
)
],
contentType: ContentType::NONE
))
->param('projectId', '', new UID(), 'Project unique ID.')
->param('keyId', '', new UID(), 'Key unique ID.')
->inject('response')
->inject('dbForPlatform')
->callback([$this, 'action']);
}
public function action(string $projectId, string $keyId, Response $response, Database $dbForPlatform)
{
$project = $dbForPlatform->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$key = $dbForPlatform->getDocument('devKeys', $keyId);
if ($key === false || $key->isEmpty() || $key->getAttribute('projectInternalId') !== $project->getInternalId()) {
throw new Exception(Exception::KEY_NOT_FOUND);
}
$dbForPlatform->deleteDocument('devKeys', $key->getId());
$dbForPlatform->purgeCachedDocument('projects', $project->getId());
$response->noContent();
}
}

71
src/Appwrite/Platform/Modules/Projects/Http/DevKeys/Get.php Normal file
View file

@ -0,0 +1,71 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Http\DevKeys;
use Appwrite\Extend\Exception;
use Appwrite\SDK\AuthType;
use Appwrite\SDK\ContentType;
use Appwrite\SDK\Method;
use Appwrite\SDK\Response as SDKResponse;
use Appwrite\Utopia\Response;
use Utopia\Database\Database;
use Utopia\Database\Validator\UID;
use Utopia\Platform\Action;
use Utopia\Platform\Scope\HTTP;
class Get extends Action
{
use HTTP;
public static function getName()
{
return 'getDevKey';
}
public function __construct()
{
$this
->setHttpMethod(Action::HTTP_REQUEST_METHOD_GET)
->setHttpPath('/v1/projects/:projectId/dev-keys/:keyId')
->desc('Get dev key')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('sdk', new Method(
namespace: 'projects',
name: 'getDevKey',
description: <<<EOT
Get a project\'s dev key by its unique ID. Dev keys are project specific and allow you to bypass rate limits and get better error logging during development.
EOT,
auth: [AuthType::ADMIN],
responses: [
new SDKResponse(
code: Response::STATUS_CODE_OK,
model: Response::MODEL_DEV_KEY
)
],
contentType: ContentType::JSON
))
->param('projectId', '', new UID(), 'Project unique ID.')
->param('keyId', '', new UID(), 'Key unique ID.')
->inject('response')
->inject('dbForPlatform')
->callback([$this, 'action']);
}
public function action(string $projectId, string $keyId, Response $response, Database $dbForPlatform)
{
$project = $dbForPlatform->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$key = $dbForPlatform->getDocument('devKeys', $keyId);
if ($key === false || $key->isEmpty() || $key->getAttribute('projectInternalId') !== $project->getInternalId()) {
throw new Exception(Exception::KEY_NOT_FOUND);
}
$response->dynamic($key, Response::MODEL_DEV_KEY);
}
}

82
src/Appwrite/Platform/Modules/Projects/Http/DevKeys/Update.php Normal file
View file

@ -0,0 +1,82 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Http\DevKeys;
use Appwrite\Extend\Exception;
use Appwrite\SDK\AuthType;
use Appwrite\SDK\ContentType;
use Appwrite\SDK\Method;
use Appwrite\SDK\Response as SDKResponse;
use Appwrite\Utopia\Response;
use Utopia\Database\Database;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\UID;
use Utopia\Platform\Action;
use Utopia\Platform\Scope\HTTP;
use Utopia\Validator\Text;
class Update extends Action
{
use HTTP;
public static function getName()
{
return 'updateDevKey';
}
public function __construct()
{
$this->setHttpMethod(Action::HTTP_REQUEST_METHOD_PUT)
->setHttpPath('/v1/projects/:projectId/dev-keys/:keyId')
->desc('Update dev key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('sdk', new Method(
namespace: 'projects',
name: 'updateDevKey',
description: <<<EOT
Update a project\'s dev key by its unique ID. Use this endpoint to update a project\'s dev key name or expiration time.'
EOT,
auth: [AuthType::ADMIN],
responses: [
new SDKResponse(
code: Response::STATUS_CODE_OK,
model: Response::MODEL_DEV_KEY
)
],
contentType: ContentType::JSON
))
->param('projectId', '', new UID(), 'Project unique ID.')
->param('keyId', '', new UID(), 'Key unique ID.')
->param('name', null, new Text(128), 'Key name. Max length: 128 chars.')
->param('expire', null, new DatetimeValidator(), 'Expiration time in [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.')
->inject('response')
->inject('dbForPlatform')
->callback([$this, 'action']);
}
public function action(string $projectId, string $keyId, string $name, ?string $expire, Response $response, Database $dbForPlatform)
{
$project = $dbForPlatform->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$key = $dbForPlatform->getDocument('devKeys', $keyId);
if ($key === false || $key->isEmpty() || $key->getAttribute('projectInternalId') !== $project->getInternalId()) {
throw new Exception(Exception::KEY_NOT_FOUND);
}
$key
->setAttribute('name', $name)
->setAttribute('expire', $expire)
->setAttribute('search', implode('', [$name, $project->getId(), $key->getId()]));
$dbForPlatform->updateDocument('devKeys', $key->getId(), $key);
$dbForPlatform->purgeCachedDocument('projects', $project->getId());
$response->dynamic($key, Response::MODEL_DEV_KEY);
}
}

88
src/Appwrite/Platform/Modules/Projects/Http/DevKeys/XList.php Normal file
View file

@ -0,0 +1,88 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Http\DevKeys;
use Appwrite\Extend\Exception;
use Appwrite\SDK\AuthType;
use Appwrite\SDK\ContentType;
use Appwrite\SDK\Method;
use Appwrite\SDK\Response as SDKResponse;
use Appwrite\Utopia\Database\Validator\Queries\DevKeys;
use Appwrite\Utopia\Response;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Exception\Query as QueryException;
use Utopia\Database\Query;
use Utopia\Database\Validator\UID;
use Utopia\Platform\Action;
use Utopia\Platform\Scope\HTTP;
use Utopia\Validator\Text;
class XList extends Action
{
use HTTP;
public static function getName()
{
return 'listDevKeys';
}
public function __construct()
{
$this
->setHttpMethod(Action::HTTP_REQUEST_METHOD_GET)
->setHttpPath('/v1/projects/:projectId/dev-keys')
->desc('List dev keys')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('sdk', new Method(
namespace: 'projects',
name: 'listDevKeys',
description: <<<EOT
List all the project\'s dev keys. Dev keys are project specific and allow you to bypass rate limits and get better error logging during development.'
EOT,
auth: [AuthType::ADMIN],
responses: [
new SDKResponse(
code: Response::STATUS_CODE_OK,
model: Response::MODEL_DEV_KEY_LIST
)
],
contentType: ContentType::JSON
))
->param('projectId', '', new UID(), 'Project unique ID.')
->param('queries', [], new DevKeys(), 'Array of query strings generated using the Query class provided by the SDK. [Learn more about queries](https://appwrite.io/docs/queries). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' queries are allowed, each ' . APP_LIMIT_ARRAY_ELEMENT_SIZE . ' characters long. You may filter on the following attributes: ' . implode(', ', DevKeys::ALLOWED_ATTRIBUTES), true)
->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true)
->inject('response')
->inject('dbForPlatform')
->callback([$this, 'action']);
}
public function action(string $projectId, ?array $queries, ?string $search, Response $response, Database $dbForPlatform)
{
$project = $dbForPlatform->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage());
}
if (!empty($search)) {
$queries[] = Query::search('search', $search);
}
$queries[] = Query::equal('projectInternalId', [$project->getInternalId()]);
$keys = $dbForPlatform->find('devKeys', $queries);
$response->dynamic(new Document([
'devKeys' => $keys,
'total' => count($keys),
]), Response::MODEL_DEV_KEY_LIST);
}
}

14
src/Appwrite/Platform/Modules/Projects/Module.php Normal file
View file

@ -0,0 +1,14 @@
<?php
namespace Appwrite\Platform\Modules\Projects;
use Appwrite\Platform\Modules\Projects\Services\Http;
use Utopia\Platform\Module as Base;
class Module extends Base
{
public function __construct()
{
$this->addService('http', new Http());
}
}

23
src/Appwrite/Platform/Modules/Projects/Services/Http.php Normal file
View file

@ -0,0 +1,23 @@
<?php
namespace Appwrite\Platform\Modules\Projects\Services;
use Appwrite\Platform\Modules\Projects\Http\DevKeys\Create as CreateDevKey;
use Appwrite\Platform\Modules\Projects\Http\DevKeys\Delete as DeleteDevKey;
use Appwrite\Platform\Modules\Projects\Http\DevKeys\Get as GetDevKey;
use Appwrite\Platform\Modules\Projects\Http\DevKeys\Update as UpdateDevKey;
use Appwrite\Platform\Modules\Projects\Http\DevKeys\XList as ListDevKeys;
use Utopia\Platform\Service;
class Http extends Service
{
public function __construct()
{
$this->type = Service::TYPE_HTTP;
$this->addAction(CreateDevKey::getName(), new CreateDevKey());
$this->addAction(UpdateDevKey::getName(), new UpdateDevKey());
$this->addAction(GetDevKey::getName(), new GetDevKey());
$this->addAction(ListDevKeys::getName(), new ListDevKeys());
$this->addAction(DeleteDevKey::getName(), new DeleteDevKey());
}
}

2
src/Appwrite/Platform/Tasks/ScheduleBase.php
View file

@ -43,7 +43,7 @@ abstract class ScheduleBase extends Action
protected function updateProjectAccess(Document $project, Database $dbForPlatform): void
{
if (!$project->isEmpty() && $project->getId() !== 'console') {
$accessedAt = $project->getAttribute('accessedAt', '');
$accessedAt = $project->getAttribute('accessedAt', 0);
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_PROJECT_ACCESS)) > $accessedAt) {
$project->setAttribute('accessedAt', DateTime::now());
Authorization::skip(fn () => $dbForPlatform->updateDocument('projects', $project->getId(), $project));

20
src/Appwrite/Utopia/Database/Validator/Queries/DevKeys.php Normal file
View file

@ -0,0 +1,20 @@
<?php
namespace Appwrite\Utopia\Database\Validator\Queries;
class DevKeys extends Base
{
public const ALLOWED_ATTRIBUTES = [
'accessedAt',
'expire',
];
/**
* Expression constructor
*
*/
public function __construct()
{
parent::__construct('devKeys', self::ALLOWED_ATTRIBUTES);
}
}

5
src/Appwrite/Utopia/Response.php
View file

@ -39,6 +39,7 @@ use Appwrite\Utopia\Response\Model\Database;
use Appwrite\Utopia\Response\Model\Deployment;
use Appwrite\Utopia\Response\Model\DetectionFramework;
use Appwrite\Utopia\Response\Model\DetectionRuntime;
use Appwrite\Utopia\Response\Model\DevKey;
use Appwrite\Utopia\Response\Model\Document as ModelDocument;
use Appwrite\Utopia\Response\Model\Error;
use Appwrite\Utopia\Response\Model\ErrorDev;
@ -306,6 +307,8 @@ class Response extends SwooleResponse
public const MODEL_WEBHOOK_LIST = 'webhookList';
public const MODEL_KEY = 'key';
public const MODEL_KEY_LIST = 'keyList';
public const MODEL_DEV_KEY = 'devKey';
public const MODEL_DEV_KEY_LIST = 'devKeyList';
public const MODEL_MOCK_NUMBER = 'mockNumber';
public const MODEL_AUTH_PROVIDER = 'authProvider';
public const MODEL_AUTH_PROVIDER_LIST = 'authProviderList';
@ -390,6 +393,7 @@ class Response extends SwooleResponse
->setModel(new BaseList('Projects List', self::MODEL_PROJECT_LIST, 'projects', self::MODEL_PROJECT, true, false))
->setModel(new BaseList('Webhooks List', self::MODEL_WEBHOOK_LIST, 'webhooks', self::MODEL_WEBHOOK, true, false))
->setModel(new BaseList('API Keys List', self::MODEL_KEY_LIST, 'keys', self::MODEL_KEY, true, false))
->setModel(new BaseList('Dev Keys List', self::MODEL_DEV_KEY_LIST, 'devKeys', self::MODEL_DEV_KEY, true, false))
->setModel(new BaseList('Auth Providers List', self::MODEL_AUTH_PROVIDER_LIST, 'platforms', self::MODEL_AUTH_PROVIDER, true, false))
->setModel(new BaseList('Platforms List', self::MODEL_PLATFORM_LIST, 'platforms', self::MODEL_PLATFORM, true, false))
->setModel(new BaseList('Countries List', self::MODEL_COUNTRY_LIST, 'countries', self::MODEL_COUNTRY))
@ -472,6 +476,7 @@ class Response extends SwooleResponse
->setModel(new Project())
->setModel(new Webhook())
->setModel(new Key())
->setModel(new DevKey())
->setModel(new MockNumber())
->setModel(new AuthProvider())
->setModel(new Platform())

89
src/Appwrite/Utopia/Response/Model/DevKey.php Normal file
View file

@ -0,0 +1,89 @@
<?php
namespace Appwrite\Utopia\Response\Model;
use Appwrite\Utopia\Response;
use Appwrite\Utopia\Response\Model;
class DevKey extends Model
{
/**
* @var bool
*/
protected bool $public = false;
public function __construct()
{
$this
->addRule('$id', [
'type' => self::TYPE_STRING,
'description' => 'Key ID.',
'default' => '',
'example' => '5e5ea5c16897e',
])
->addRule('$createdAt', [
'type' => self::TYPE_DATETIME,
'description' => 'Key creation date in ISO 8601 format.',
'default' => '',
'example' => self::TYPE_DATETIME_EXAMPLE,
])
->addRule('$updatedAt', [
'type' => self::TYPE_DATETIME,
'description' => 'Key update date in ISO 8601 format.',
'default' => '',
'example' => self::TYPE_DATETIME_EXAMPLE,
])
->addRule('name', [
'type' => self::TYPE_STRING,
'description' => 'Key name.',
'default' => '',
'example' => 'Dev API Key',
])
->addRule('expire', [
'type' => self::TYPE_DATETIME,
'description' => 'Key expiration date in ISO 8601 format.',
'default' => '',
'example' => self::TYPE_DATETIME_EXAMPLE,
])
->addRule('secret', [
'type' => self::TYPE_STRING,
'description' => 'Secret key.',
'default' => '',
'example' => '919c2d18fb5d4...a2ae413da83346ad2',
])
->addRule('accessedAt', [
'type' => self::TYPE_DATETIME,
'description' => 'Most recent access date in ISO 8601 format. This attribute is only updated again after ' . APP_KEY_ACCESS / 60 / 60 . ' hours.',
'default' => '',
'example' => self::TYPE_DATETIME_EXAMPLE
])
->addRule('sdks', [
'type' => self::TYPE_STRING,
'description' => 'List of SDK user agents that used this key.',
'default' => null,
'example' => 'appwrite:flutter',
'array' => true
])
;
}
/**
* Get Name
*
* @return string
*/
public function getName(): string
{
return 'DevKey';
}
/**
* Get Type
*
* @return string
*/
public function getType(): string
{
return Response::MODEL_DEV_KEY;
}
}

7
src/Appwrite/Utopia/Response/Model/Project.php
View file

@ -197,6 +197,13 @@ class Project extends Model
'example' => new \stdClass(),
'array' => true,
])
->addRule('devKeys', [
'type' => Response::MODEL_DEV_KEY,
'description' => 'List of dev keys.',
'default' => [],
'example' => new \stdClass(),
'array' => true,
])
->addRule('smtpEnabled', [
'type' => self::TYPE_BOOLEAN,
'description' => 'Status for custom SMTP',

16
tests/e2e/Scopes/ProjectCustom.php
View file

@ -3,6 +3,7 @@
namespace Tests\E2E\Scopes;
use Tests\E2E\Client;
use Utopia\Database\DateTime;
use Utopia\Database\Helpers\ID;
use Utopia\System\System;
@ -110,6 +111,19 @@ trait ProjectCustom
$this->assertNotEmpty($key['body']);
$this->assertNotEmpty($key['body']['secret']);
$devKey = $this->client->call(Client::METHOD_POST, '/projects/' . $project['body']['$id'] . '/dev-keys', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'cookie' => 'a_session_console=' . $this->getRoot()['session'],
'x-appwrite-project' => 'console',
], [
'name' => 'Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 3600),
]);
$this->assertEquals(201, $devKey['headers']['status-code']);
$this->assertNotEmpty($devKey['body']);
$this->assertNotEmpty($devKey['body']['secret']);
$webhook = $this->client->call(Client::METHOD_POST, '/projects/' . $project['body']['$id'] . '/webhooks', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
@ -150,9 +164,11 @@ trait ProjectCustom
'$id' => $project['body']['$id'],
'name' => $project['body']['name'],
'apiKey' => $key['body']['secret'],
'devKey' => $devKey['body']['secret'],
'webhookId' => $webhook['body']['$id'],
'signatureKey' => $webhook['body']['signatureKey'],
];
if ($fresh) {
return $project;
}

2
tests/e2e/Scopes/Scope.php
View file

@ -56,7 +56,7 @@ abstract class Scope extends TestCase
/**
* @return array
*/
abstract public function getHeaders(): array;
abstract public function getHeaders(bool $devKey = true): array;
/**
* @return array

9
tests/e2e/Scopes/SideClient.php
View file

@ -4,12 +4,17 @@ namespace Tests\E2E\Scopes;
trait SideClient
{
public function getHeaders(): array
public function getHeaders(bool $devKey = true): array
{
return [
$headers = [
'origin' => 'http://localhost',
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $this->getUser()['session'],
];
if ($devKey && isset($this->getProject()['devKey'])) {
$headers['x-appwrite-dev-key'] = $this->getProject()['devKey'];
}
return $headers;
}
/**

2
tests/e2e/Scopes/SideConsole.php
View file

@ -4,7 +4,7 @@ namespace Tests\E2E\Scopes;
trait SideConsole
{
public function getHeaders(): array
public function getHeaders(bool $devKey = true): array
{
return [
'origin' => 'http://localhost',

2
tests/e2e/Scopes/SideNone.php
View file

@ -4,7 +4,7 @@ namespace Tests\E2E\Scopes;
trait SideNone
{
public function getHeaders(): array
public function getHeaders(bool $devKey = true): array
{
return [];
}

2
tests/e2e/Scopes/SideServer.php
View file

@ -9,7 +9,7 @@ trait SideServer
*/
protected $key = [];
public function getHeaders(): array
public function getHeaders(bool $devKey = false): array
{
return [
'x-appwrite-key' => $this->getProject()['apiKey']

10
tests/e2e/Services/Account/AccountBase.php
View file

@ -99,6 +99,7 @@ trait AccountBase
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? '',
]), [
'userId' => ID::unique(),
'email' => '',
@ -112,13 +113,14 @@ trait AccountBase
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
]), [
'userId' => ID::unique(),
'email' => 'shortpass@appwrite.io',
'password' => $shortPassword
]);
$this->assertEquals($response['headers']['status-code'], 400);
$this->assertEquals(400, $response['headers']['status-code']);
$longPassword = '';
for ($i = 0; $i < 257; $i++) { // 256 is the limit
@ -129,13 +131,14 @@ trait AccountBase
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
]), [
'userId' => ID::unique(),
'email' => 'longpass@appwrite.io',
'password' => $longPassword,
]);
$this->assertEquals($response['headers']['status-code'], 400);
$this->assertEquals(400, $response['headers']['status-code']);
return [
'id' => $id,
@ -156,7 +159,7 @@ trait AccountBase
'email' => 'otpuser@appwrite.io'
]);
$this->assertEquals($response['headers']['status-code'], 201);
$this->assertEquals(201, $response['headers']['status-code'], );
$this->assertNotEmpty($response['body']['$id']);
$this->assertNotEmpty($response['body']['$createdAt']);
$this->assertNotEmpty($response['body']['userId']);
@ -286,6 +289,7 @@ trait AccountBase
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
]), [
'userId' => ID::unique(),
'email' => $email,

2
tests/e2e/Services/Account/AccountCustomClientTest.php
View file

@ -619,6 +619,7 @@ class AccountCustomClientTest extends Scope
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
]), [
'userId' => ID::unique(),
'email' => $data['email'],
@ -1217,6 +1218,7 @@ class AccountCustomClientTest extends Scope
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? ''
]), [
'userId' => ID::unique(),
'email' => $email,

1
tests/e2e/Services/Databases/DatabasesPermissionsScope.php
View file

@ -15,6 +15,7 @@ trait DatabasesPermissionsScope
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-dev-key' => $this->getProject()['devKey'] ?? '',
], [
'userId' => $id,
'email' => $email,

2
tests/e2e/Services/GraphQL/AbuseTest.php
View file

@ -88,7 +88,7 @@ class AbuseTest extends Scope
$response = $this->client->call(Client::METHOD_POST, '/graphql', \array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], $this->getHeaders()), $graphQLPayload);
], $this->getHeaders(false)), $graphQLPayload);
$max = System::getEnv('_APP_GRAPHQL_MAX_QUERY_COMPLEXITY', 250);

42
tests/e2e/Services/Projects/ProjectsBase.php
View file

@ -2,6 +2,48 @@
namespace Tests\E2E\Services\Projects;
use Tests\E2E\Client;
use Utopia\Database\Helpers\ID;
trait ProjectsBase
{
protected function setupProject(mixed $params): string
{
$team = $this->client->call(Client::METHOD_POST, '/teams', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'teamId' => ID::unique(),
'name' => 'Project Test',
]);
$this->assertEquals(201, $team['headers']['status-code'], 'Setup team failed with status code: ' . $team['headers']['status-code'] . ' and response: ' . json_encode($team['body'], JSON_PRETTY_PRINT));
$project = $this->client->call(Client::METHOD_POST, '/projects', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
...$params,
'teamId' => $team['body']['$id'],
]);
$this->assertEquals(201, $project['headers']['status-code'], 'Setup project failed with status code: ' . $project['headers']['status-code'] . ' and response: ' . json_encode($project['body'], JSON_PRETTY_PRINT));
return $project['body']['$id'];
}
protected function setupDevKey(mixed $params): array
{
$devKey = $this->client->call(Client::METHOD_POST, '/projects/' . $params['projectId'] . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), $params);
$this->assertEquals(201, $devKey['headers']['status-code'], 'Setup devKey failed with status code: ' . $devKey['headers']['status-code'] . ' and response: ' . json_encode($devKey['body'], JSON_PRETTY_PRINT));
return [
'$id' => $devKey['body']['$id'],
'secret' => $devKey['body']['secret'],
];
}
}

608
tests/e2e/Services/Projects/ProjectsConsoleClientTest.php
View file

@ -24,6 +24,7 @@ class ProjectsConsoleClientTest extends Scope
use Async;
/**
* @group devKeys
* @group smtpAndTemplates
* @group projectsCRUD */
public function testCreateProject(): array
@ -4255,4 +4256,611 @@ class ProjectsConsoleClientTest extends Scope
return $data;
}
/**
* Devkeys Tests starts here ------------------------------------------------
*/
/**
* @group devKeys
*/
public function testCreateProjectDevKey(): void
{
/**
* Test for SUCCESS
*/
$id = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testCreateProjectDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'name' => 'Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$this->assertEquals(201, $response['headers']['status-code']);
$this->assertNotEmpty($response['body']['$id']);
$this->assertEquals('Key Test', $response['body']['name']);
$this->assertNotEmpty($response['body']['secret']);
$this->assertArrayHasKey('accessedAt', $response['body']);
$this->assertEmpty($response['body']['accessedAt']);
/** Create a second dev key */
$response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$this->assertEquals(201, $response['headers']['status-code']);
$this->assertNotEmpty($response['body']['$id']);
$this->assertEquals('Dev Key Test', $response['body']['name']);
$this->assertNotEmpty($response['body']['secret']);
$this->assertArrayHasKey('accessedAt', $response['body']);
$this->assertEmpty($response['body']['accessedAt']);
/**
* Test for FAILURE
*/
/** TEST expiry date is required */
$res = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'name' => 'Key Test'
]);
$this->assertEquals(400, $res['headers']['status-code']);
}
/**
* @group devKeys
*/
public function testListProjectDevKey(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testListProjectDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
/** Create devKey 1 */
$this->setupDevKey([
'projectId' => $projectId,
'name' => 'Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
/** Create devKey 2 */
$this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
/** List all dev keys */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals(2, $response['body']['total']);
/** List dev keys with limit */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'queries' => [
Query::limit(1)->toString()
]
]);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals(1, $response['body']['total']);
/** List dev keys with search */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'search' => 'Dev'
]);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals(1, $response['body']['total']);
$this->assertEquals('Dev Key Test', $response['body']['devKeys'][0]['name']);
/** List dev keys with querying `expire` */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'queries' => [Query::lessThan('expire', (new \DateTime())->format('Y-m-d H:i:s'))->toString()]
]);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertEquals(0, $response['body']['total']); // No dev keys expired
/**
* Test for FAILURE
*/
/** Test for search with invalid query */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'queries' => [
Query::search('name', 'Invalid')->toString()
]
]);
$this->assertEquals(400, $response['headers']['status-code']);
$this->assertEquals('Invalid `queries` param: Invalid query: Attribute not found in schema: name', $response['body']['message']);
}
/**
* @group devKeys
*/
public function testGetProjectDevKey(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testGetProjectDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertNotEmpty($response['body']['$id']);
$this->assertEquals($devKey['$id'], $response['body']['$id']);
$this->assertEquals('Dev Key Test', $response['body']['name']);
$this->assertNotEmpty($response['body']['secret']);
$this->assertArrayHasKey('accessedAt', $response['body']);
$this->assertEmpty($response['body']['accessedAt']);
/**
* Test for FAILURE
*/
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys/error', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(404, $response['headers']['status-code']);
}
/**
* @group devKeys
*/
public function testGetDevKeyWithSdks(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testGetDevKeyWithSdks',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
/** Use dev key with python sdk */
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret'],
'x-sdk-name' => 'python'
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $res['headers']['status-code']);
/** Use dev key with php sdk */
$res = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret'],
'x-sdk-name' => 'php'
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $res['headers']['status-code']);
/** Get the dev key */
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertArrayHasKey('sdks', $response['body']);
$this->assertCount(2, $response['body']['sdks']);
$this->assertContains('python', $response['body']['sdks']);
$this->assertContains('php', $response['body']['sdks']);
}
/**
* @group devKeys
*/
public function testNoHostValidationWithDevKey(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testNoHostValidationWithDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$provider = 'mock';
$appId = '1';
$secret = '123456';
$response = $this->client->call(Client::METHOD_PATCH, '/projects/' . $projectId . '/oauth2', array_merge([
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'provider' => $provider,
'appId' => $appId,
'secret' => $secret,
'enabled' => true,
]);
$this->assertEquals(200, $response['headers']['status-code']);
/** Test oauth2 and get invalid `success` URL */
$response = $this->client->call(Client::METHOD_GET, '/account/sessions/oauth2/' . $provider, [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], [
'success' => 'https://example.com',
'failure' => 'https://example.com'
]);
$this->assertEquals(400, $response['headers']['status-code']);
$this->assertStringContainsString('Invalid `success` param: URL host must be one of: localhost, appwrite.io, *.appwrite.io', $response['body']);
/** Test oauth2 with devKey and now get oauth2 is disabled */
$response = $this->client->call(Client::METHOD_GET, '/account/sessions/oauth2/' . $provider, [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'success' => 'https://example.com',
'failure' => 'https://example.com'
]);
$this->assertEquals(200, $response['headers']['status-code']);
/** Test hostname in Magic URL */
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/magic-url', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], [
'userId' => ID::unique(),
'email' => 'user@appwrite.io',
'url' => 'https://example.com',
]);
$this->assertEquals(400, $response['headers']['status-code']);
$this->assertEquals('Invalid `url` param: URL host must be one of: localhost, appwrite.io, *.appwrite.io', $response['body']['message']);
/** Test hostname in Magic URL with devKey */
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/magic-url', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'userId' => ID::unique(),
'email' => 'user@appwrite.io',
'url' => 'https://example.com',
]);
$this->assertEquals(201, $response['headers']['status-code']);
}
/**
* @group devKeys
*/
public function testCorsWithDevKey(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testCorsWithDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$origin = 'http://example.com';
/**
* Test CORS without Dev Key (should fail due to origin)
*/
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'origin' => $origin,
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(403, $response['headers']['status-code']);
$this->assertNotEquals($origin, $response['headers']['access-control-allow-origin'] ?? null);
$this->assertEquals('http://localhost', $response['headers']['access-control-allow-origin'] ?? null);
/**
* Test CORS with Dev Key (should bypass origin check)
*/
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'origin' => $origin,
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $response['headers']['status-code']);
$this->assertEquals('*', $response['headers']['access-control-allow-origin'] ?? null);
}
/**
* @group devKeys
*/
public function testNoRateLimitWithDevKey(): void
{
/**
* Test for SUCCESS
*/
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testNoRateLimitWithDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
/**
* Test for SUCCESS
*/
for ($i = 0; $i < 10; $i++) {
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $response['headers']['status-code']);
}
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(429, $response['headers']['status-code']);
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $response['headers']['status-code']);
/**
* Test for FAILURE
*/
$response = $this->client->call(Client::METHOD_POST, '/projects/' . $projectId . '/dev-keys', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'name' => 'Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), -3600),
]);
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $response['body']['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(429, $response['headers']['status-code']);
/**
* Test for FAILURE after expire
*/
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test Expire 5 seconds',
'expire' => DateTime::addSeconds(new \DateTime(), 5)
]);
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(401, $response['headers']['status-code']);
sleep(5);
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(429, $response['headers']['status-code']);
}
/**
* @group devKeys
*/
public function testUpdateProjectDevKey(): void
{
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testUpdateProjectDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$response = $this->client->call(Client::METHOD_PUT, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'name' => 'Key Test Update',
'expire' => DateTime::addSeconds(new \DateTime(), 360),
]);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertNotEmpty($response['body']['$id']);
$this->assertEquals($devKey['$id'], $response['body']['$id']);
$this->assertEquals('Key Test Update', $response['body']['name']);
$this->assertArrayHasKey('accessedAt', $response['body']);
$this->assertEmpty($response['body']['accessedAt']);
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(200, $response['headers']['status-code']);
$this->assertNotEmpty($response['body']['$id']);
$this->assertEquals($devKey['$id'], $response['body']['$id']);
$this->assertEquals('Key Test Update', $response['body']['name']);
$this->assertArrayHasKey('accessedAt', $response['body']);
$this->assertEmpty($response['body']['accessedAt']);
}
/**
* @group devKeys
*/
public function testDeleteProjectDevKey(): void
{
$projectId = $this->setupProject([
'projectId' => ID::unique(),
'name' => 'testDeleteProjectDevKey',
'region' => System::getEnv('_APP_REGION', 'default')
]);
$devKey = $this->setupDevKey([
'projectId' => $projectId,
'name' => 'Dev Key Test',
'expire' => DateTime::addSeconds(new \DateTime(), 36000)
]);
$response = $this->client->call(Client::METHOD_DELETE, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(204, $response['headers']['status-code']);
$this->assertEmpty($response['body']);
/**
* Get rate limit trying to use the deleted key
*/
$response = $this->client->call(Client::METHOD_POST, '/account/sessions/email', [
'content-type' => 'application/json',
'x-appwrite-project' => $projectId,
'x-appwrite-dev-key' => $devKey['secret']
], [
'email' => 'user@appwrite.io',
'password' => 'password'
]);
$this->assertEquals(429, $response['headers']['status-code']);
$response = $this->client->call(Client::METHOD_GET, '/projects/' . $projectId . '/dev-keys/' . $devKey['$id'], array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(404, $response['headers']['status-code']);
/**
* Test for FAILURE
*/
$response = $this->client->call(Client::METHOD_DELETE, '/projects/' . $projectId . '/dev-keys/error', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), []);
$this->assertEquals(404, $response['headers']['status-code']);
}
/**
* Devkeys Tests ends here ------------------------------------------------
*/
}

12
tests/e2e/Services/Teams/TeamsBaseClient.php
View file

@ -337,18 +337,6 @@ trait TeamsBaseClient
$this->assertEquals(400, $response['headers']['status-code']);
$response = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'email' => $email,
'name' => $name,
'roles' => ['developer'],
'url' => 'http://example.com/join-us#title' // bad url
]);
$this->assertEquals(400, $response['headers']['status-code']);
return [
'teamUid' => $teamUid,
'teamName' => $teamName,

24
tests/e2e/Services/Teams/TeamsConsoleClientTest.php
View file

@ -14,6 +14,30 @@ class TeamsConsoleClientTest extends Scope
use ProjectConsole;
use SideClient;
/**
* @depends testCreateTeam
*/
public function testTeamCreateMembershipConsole($data): array
{
$teamUid = $data['teamUid'] ?? '';
$email = uniqid() . 'friend@localhost.test';
$name = 'Friend User';
$response = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], $this->getHeaders()), [
'email' => $email,
'name' => $name,
'roles' => ['developer'],
'url' => 'http://example.com/join-us#title' // bad url
]);
$this->assertEquals(400, $response['headers']['status-code']);
return $data;
}
/**
* @depends testCreateTeam
*/