- Fix user profile's asset missing content type in auth api
- Fix fatal error, concurrent map iteration and map write when init plugins
- Add Lambda support for Skygear Data Type
- Support structural logging with JSON formatter
- Fix content-type not sent to assetd
- Fix cannot login user if user record is not public read
- Refactor how processors are injected to plugin handlers/lambdas
- Add GO_TEST_VERBOSE=1 to print verbose go test log
- Add go1.10.1 to build target
- Fix go1.10 compatibility and fix some string format
- Update logic for user checking in preprocessors to support checking user verify
- Fix async hook not executed
- Deserialize profile for login with custom token api
- Inject assets signer before calling before_save hook
- Password policy bug fixes, skip expiry check for change password handler
- Update log level on apns token invalid error. If the error occurred for
sending push notification is
GoneorBadDeviceToken, the log level will be Info instead of Error.
- Support enable/disable user account
- Add auth:reset_password handler
- Add Baidu Push Notification Service
- Deserialize profile for oauth signup api (#550)
- Collapse fine grained password policy errors
- Exit with non-zero status if encountering error
- Use gometalinter.v2
- Fix docker image missing ZMQ transport
- Add tty: true to docker-compose.yml
- Support for Security Audit Feature
- Fix signup profile fail to save various field type due to incorrect serialization (#524)
- Fix fail to create record for user who have create access role (#527)
- Update golang to 1.9
- Use multi-stage build for docker release image
This minor version is mainly to update the build script for docker images
- Update to use alpine:3.7 in release image
- Remove deps image Dockerfile
- Add new sso:custom_token:login handler #494
- Record acl for transient fields (#496)
- Fix timeNow does not return the current time in preprocessor
- Remove dependency on czmq
- Use go dep to manage dependencies
- Add SSO core support
Refs spec documentation:
https://github.com/SkygearIO/features/blob/38cde8abc8baec26dd67fd38acd6bd4fd3491dac/features/5-basic-sso/api.md
Four new
handler sso:oauth:login,sso:oauth:signup,sso:oauth:link,sso:oauth:unlinkfor sso plugin to call. Main data flow controls by plugin and possible for developer to alter it according to specific provider.
- Rename docker-compose.{dev,make}.yml
- Update comment for login action in auth.go
- Fix port no. in docker-compose example
-
Update FieldACL Accessible matching logic (#479)
New matching criteria is, record type and record field.
- If no matched entries, return true
- Otherwise if user role does not fullfil matched entries, return false
- Otherwise return the result of the matched entry
- Fix role:get expecting User IDs from wrong keys (#475)
- Update user username and email field acl default for new app (#457)
- Update .env.example according to code (#471)
- Add links to README.md, and change Google Forum to discuss.skygear.io## 1.1.1 (2017-09-22)
- Add preprocessor for plugin to inject user id to context even plugin is not user required
- Update to use official aws-sdk-go (#468)
- Update user username and email field acl default for new app (#457)
-
Introducing a new user record design
In the new user record design, username and email is now part of user record instead of part of
_authtable (previously_usertable). When upgrading from previous version of Skygear Server, the server will perform database schema migration, which is likely to break cloud function that needs the user data.The request API is changed substantially to support the new authentication mechanism. Previous SDKs will not work with this version of Skygear Server.
- Implement new user record design (SkygearIO/features#48) Set default field discoverability to user auth record keys (#431)
- Add assign roles and revoke roles handler
- Update role:{assign,revoke} to use require_admin preprocessor
- Support field-based access control for record data (SkygearIO/features#48)
- Add db and struct for FieldACL (#375)
- Add read/write Field ACL (#376)
- Add discoverability Field ACL (#377)
- Support dynamic field and owner for Field ACL (#379, #378)
- Ignore Field ACL when using master key (#403)
- Implement field ACL get/update handlers (#375)
- Fix SignedURL and ParseSignature of file store (#427)
- Fix handler/query does not allow joined query
- Fix potential problem when saving new record
- Fix undefined skydb.ACLLevel
- Golang version is upgraded to go1.8.3
- Upgrade czmq dependency to version 4.0.2
- Update instruction on installing czmq via homebrew
- Update linux setup notes (#383)
- Do not allow API KEY to be the same as MASTER_KEY
-
Support for cancellable query (#277)
-
Make plugin transport ZMQ multiplex (#295)
This feature will enable the bidirectional plugin transport and multiplexing. The protocol will introduce address-stack and bounce-count, so the bidirectional communication stack will be limited to the bounce-count-limit.
It solved the problem of workers exhaust problem when plugin call back skygear-server.
- Update releasing guide for npm + lerna
- Fix schema:default_access inline doc
- Implement GeoJSON query using ST_Contains (#262)
- Make default ACL server-based (#309)
- Ensure respond channel of zmq is always consumed so channeller is not blocked (#347)
- Fix inconsistent behavior saving to integer column (#319)
- Revamp query sqlizer into its own package
- Create user when master key is provided (#261)
- Fetch full assets data in query
- Return asset content type in response of record save
- Fix plugin timer request not properly initialized (#333)
- Fix schema:fetch when record type has no fields
- Make RequireUser preprocessor gives a better error message
- Add ASSET_STORE_S3_URL_PREFIX in .env.sample
- Update godev image not using development version of glide
- Commands for setting up skygear in Linux env
- Fix unable to establish pubsub connection because of CloseNotifier (#291)
- Implement API response timeout (#271)
- Fix request context not initialized (#284)
- Check for constraint violation when deleting
- Add Nix derivation for building
- Require go1.7.4
- Fix request context not initialized (#284)
- Add
_status:healthzendpoint (#264)
- Fix ST_DWithin query (#266)
- Support token based APNS (#239)
- Support s3 asset store url prefix (#254)
- Support unregister device (#249)
- Add configuration for timeout of plugin
- Provide skygear config for plugin init events
- Fix postgis-2.3 not found
-
More log when plugin response is invalid (#232)
-
Put access_key_type to plugin request context (#238)
-
Limit the number of bytes in request log
The existing implementation prints the response body for certain type this pose a problem to log collection when the response body is too big.
-
Better handling for unrecognized data type (#231)
This is achieved by introducing a new skydb type called Unknown, which will be passed to client when the server sees a column with an unrecognized data type.
Previous behavior will result in skygear server throwing an error when it sees a column with unrecognized data type.
- Fix plugin lambda / handler always require API key
- The protocol for plugin transport is updated. Skygear Server and cloud code in previous versions cannot be used with this version.
- Support plugin only request during plugin initialization
- Add support for bigint db type
- Make use of
ST_DWithinto compare distance (#213) - Support plugin event (#199)
- Fix various issues with creating user on sign up (#218)
- Fix schema extending more than necessary
- Fix unable to configure sentry log hook
- Send JSON-encoded plugin call in http request body (SkygearIO/py-skygear#82)
- Refresh token at me endpoint (#118)
- Fix unable to detect schema conflict (#140)
- Check for username/email duplicate when updating (#124)
- Resolve socket exhaust problem on high concurrency (#160)
- Fix skygear not sending init to plugin when restarted quickly (#150)
- Fix auth:password response invalid access token (#142)
- Properly stop pubsub hub at test case
- Allow run test with docker-compose (#157)
- Make changes for smaller number of image layers
- Add ca-certificate to deps building pipeline (#154)
- Mark the skygear-server restart to always in Docker Compose (#145)
- Fix not able to update user after signup with auth provider
auth:loginreturn last seen that query from DB, not current timestamp (#110)- Fix bugs on
meclear out the last login at for user
- Implement slave mode (#103, #104, #105)
- Provide user last logged in and last seen at _user
- Support Cloud Asset (#107)
- Implement
meendpoint to get current user (#111)
- Update amz.v3 for signing s3 asset with UTC
- Revamp release binaries building
- Upgrade postgres to 9.5
- Schema migration is disable in non-dev-mode (#93)
- Add migration for initial admin user (#75)
- Assign default user role to new signup user (#44)
- Support user discovery with username (#19)
- Fix issue when running
go install(#64) - Remove existing device with the same token when registering device (#71)
- Fix JWT token not considered valid created by signup (#94)
- Update setup test env. script on README
- Implement predicate with keypath to referenced record (#85)
- Set default log level of plugin logger to INFO (#49)
- Add JWT token store (#74)
- Include user role in user query (#70)
- Update to use HTTP/2 APNS protocol (#47)
- Create extensions when migrating database schema (#53)
- Handle invalid data format for pubsub actions (SkygearIO/skygear-SDK-JS#27)
- Check field exists before performing query (#6)
- Fix scan NULL token in QueryDevicesByUser (#33)
- Preserve ACL when saving record with ACL=nil (#38)
- Fix not-predicate not sqlized (#78)
- Fix Public record is accessible without userinfo
- Config auth token expiry time and default not to expire (#65)
- Allow user to add role with master key
- Implement union database, which contains all records across public and private databases, only accessible by client with master key
- Bypass access control with master key (#51)
- Fix ACCESS_CONTROL config default
- Fix ACL incorrectly bypassed in certain condition (#58)
- Make the CORSHost default to
* - Switch to go 1.6
- Change the token expiry default to never (#65)
- Read correct getSentry log level from ENV VAR (#43)
- Read GCM config from env var
- Read all config from ENVVAR and support .env files (#35)
- Make
_useremail/username to be case insensitive at pq (#41) - Fix the public read record ACL bug on non readable (#39)
- Consider deleting non-existing device as success
- Update the doc link to http://docs.skygear.io/ (#37)
- Update travis build status badge
- Allow master key to override ACL restriction (#22)
- Check sequence exist before update integer columns (#6)
- Fix missing headers returned from plugins (#15)
- Fix travis build error on Go 1.6
- Use mime package for mime processing and allow config of mime type concern (#25)
- Update slack notification token
- Update quickstart example (oursky/skygear-doc#162)
- Add version number to getsentry event (oursky/skygear-server#624)
- Support public read write ACL (oursky/skygear-server#647)
- Allow use of arbitrary HTTP method name (oursky/py-skygear#135)
- Add server version on log and request header (oursky/skygear-server#623)
- Add Checking whether auth provider exists (SkygearIO#3)
- Fix unable to query keypath for null (oursky/skygear-server#635)
- Fix last subscriber stealing all published message (oursky/skygear-server#642)
- Support record access control on creation by role #594
- Accept env SKY_CONFIG as config filepath #605
- Implement Handler provided by plugin #587
- Add key prefix to redis token store #616
- Retry http plugin init until success #598
- Add HTTP path routingto router #90
- Support quickstart example with plugin deploy
- Check record permission on record:* handler
- Add CloudFormation template and scripts #561
- Add ACL matching by JSON pattern #299
- Fix last subscriber stealing all published message oursky/skygear-server#642
- Pass skygear configuration to plugin #492
- Return 403 Forbidden for PermissionDenied error
- Implement saving role based acl #298
- Add checking of user permission before modify roles #539
- Only init db for the first time db is opened #573
- Update build script to build with zmq in linux
- Bring back subscription:{save,fetch}
- Remove the alembic migrate related deployment files #268
- Skygear will migrate db itself #268
- Reject request with duplicated roles specified user #564
- Support for master key #294
- Fix bug on serizlise Sequence to plugin #559
- Fix bug on base64 encode at exec transport
- Add go generate sources #571
- Add script for cross compile binaries
- Make zmq optional and it is not compiled by default #543
- Implement
schema:*handler for getting and modifying database schema #491schema:fetchschema:createschema:renameschema:delete
- Add middleware to support CORS #273
- Implement http transport and support request context to console transport #537, #538
- Better exec transport by providing config and print log in skygear #538
- Add
role:adminandrole:defaultfor system config #295 - Support for user record #409
Skygear will create user record that have same id as
_userwhen user signup.- Behaviour of
auth:loginandauth:signupis modified to create user record when a new user is created. - Behaviour of user:query and relation:query remains unchanged.
record:queryis extended to supportUserDiscoverFuncwhich returns user by email address.record:queryreturns user record when eager loading user through reserved fields (e.g._owner_id).- It is not allowed to delete user record.
- Behaviour of
- Add
DevOnlyProcessorto restrict dev-only endpoint - Pass plugin exception info to client oursky/py-skygear#109
- Support registering multiple hooks of same kind oursky/py-skygear#108
- Fix dev_only preprocessor wrongly required by home handler #549
- Fix zmq socket leak #425, #527
- Update docker-compose.yml to version 2
- Unify handler to use mapstructure to convert the payload #545
- Update goczmq
- Implement updates of user roles via user:update #296, #295
- Fix serializing a wrong location field to plugin #519
- Recover from zmq crash and log to errors #527
- Fix before save hook without ownerID #528
- Declare preprocessors by dependency injection #499
- Make the Processor an interface with Preprocess func #501
- Unify handler and plugin serialization #519
- Request context is now passed from skygear to plugin. Only lambda and hook are supported #470
- Lambda function can specify whether authenticated user or access key is required #267
- Refractor handler as struct and use facebookgo/inject to manage dependency #482
- Specify access control type through configuration #297
- Show executed SQL count in log #428
- Include signed url on asset uploaded response #427
- User relation query now supports pagination using offset and limit parameter #456
- Panic is now catched by router and appropriate response returned #478
- Status code for some error condition
- Removed fs database driver #433
- Incorrect error code when changing password #408
- Properly log Plugin transport state changes #279
- Return status OK on logout success
- Make public database as default database
- Panic when trying to logout a user #477
- Improve reliability for zmq plugin during init #453, #452
- Fix skygear fail to start because cert/key path cannot be opened, even if APNS is disabled #461
- Fix not terminating coroutine after websocket connection has closed
- Fix unable to send push notifications to all devices when multiple are configued #462
- Retry plugin init request rather than waiting indefinitely #452
- Deduplicate the device.Token to send to user devices
- Send to all deivces of a user instead of last device at push to user handler
- Temporarily require only naive API key for asset upload #470
- Require authenticated user for subscription and device register #431
- Support public asset store, return an un-signed URL for public store #385
- Better error detection when query is malformed, especially when comparing map with keypath #339
- Introduce consistent error code #427
- Eager load records in a batch using SQL
INoperator #395
- Retry opening connection to database when starting #440
- Fix bug on transient field returning a wrong object #436
- Fix unable to upload asset with
+in file name #426