Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1.6.x' into chore-update-databases-findone

Browse Source 
# Conflicts:
#	composer.json
#	composer.lock
This commit is contained in:
Bradley Schofield
2024-10-07 11:42:43 +09:00
parent 91b78a70ae 36d110b809
commit 4c5b202f8d
166 changed files with 10157 additions and 9475 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/codeql-phpstan.yml
-16
View File
@@ -1,16 +0,0 @@
name: "CodeQL"
on: [pull_request]
jobs:
lint:
name: CodeQL
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v2
- name: Run CodeQL
run: |
docker run --rm -v $PWD:/app composer sh -c \
"composer install --profile --ignore-platform-reqs && composer check"
.github/workflows/nightly.yml
+47
View File
@@ -0,0 +1,47 @@
name: Nightly Security Scan
on:
schedule:
- cron: '0 0 * * *' # 12am UTC daily runtime
workflow_dispatch:
jobs:
scan-image:
name: Scan Docker Image
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Build the Docker image
run: docker build . -t appwrite_image:latest
- name: Run Trivy vulnerability scanner on image
uses: aquasecurity/trivy-action@0.20.0
with:
image-ref: 'appwrite_image:latest'
format: 'sarif'
output: 'trivy-image-results.sarif'
ignore-unfixed: 'false'
severity: 'CRITICAL,HIGH'
- name: Upload Docker Image Scan Results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-image-results.sarif'
scan-code:
name: Scan Code
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner on filesystem
uses: aquasecurity/trivy-action@0.20.0
with:
scan-type: 'fs'
format: 'sarif'
output: 'trivy-fs-results.sarif'
severity: 'CRITICAL,HIGH'
- name: Upload Code Scan Results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-fs-results.sarif'
.github/workflows/pr-scan.yml
+30 -12
View File
@@ -1,17 +1,22 @@
name: PR Security Scan
on:
pull_request:
on:
pull_request_target:
types: [opened, synchronize, reopened]
workflow_dispatch:
jobs:
scan:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Check out code
- name: Check out code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
submodules: 'recursive'
- name: Build the Docker image
uses: docker/build-push-action@v5
with:
@@ -19,6 +24,7 @@ jobs:
push: false
load: true
tags: pr_image:${{ github.sha }}
- name: Run Trivy vulnerability scanner on image
uses: aquasecurity/trivy-action@0.20.0
with:
@@ -26,6 +32,7 @@ jobs:
format: 'json'
output: 'trivy-image-results.json'
severity: 'CRITICAL,HIGH'
- name: Run Trivy vulnerability scanner on source code
uses: aquasecurity/trivy-action@0.20.0
with:
@@ -34,10 +41,11 @@ jobs:
format: 'json'
output: 'trivy-fs-results.json'
severity: 'CRITICAL,HIGH'
- name: Process and post Trivy scan results
- name: Process Trivy scan results
id: process-results
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const fs = require('fs');
let commentBody = '## Security Scan Results for PR\n\n';
@@ -79,9 +87,19 @@ jobs:
commentBody += 'Please contact the core team for assistance.';
}
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: commentBody
});
core.setOutput('comment-body', commentBody);
- name: Find Comment
uses: peter-evans/find-comment@v3
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: Security Scan Results for PR
- name: Create or update comment
uses: peter-evans/create-or-update-comment@v3
with:
issue-number: ${{ github.event.pull_request.number }}
comment-id: ${{ steps.fc.outputs.comment-id }}
body: ${{ steps.process-results.outputs.comment-body }}
edit-mode: replace
.github/workflows/tests.yml
+19 -16
View File
@@ -16,22 +16,22 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
submodules: recursive
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3
- name: Build Appwrite
uses: docker/build-push-action@v3
uses: docker/build-push-action@v6
with:
context: .
push: false
tags: ${{ env.IMAGE }}
load: true
cache-from: type=gha
cache-to: type=gha,mode=max
cache-from: type=gha,scope=appwrite
cache-to: type=gha,mode=max,scope=appwrite
outputs: type=docker,dest=/tmp/${{ env.IMAGE }}.tar
build-args: |
DEBUG=false
@@ -39,9 +39,11 @@ jobs:
VERSION=dev
- name: Cache Docker Image
uses: actions/cache@v3
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
restore-keys: |
appwrite-dev-
path: /tmp/${{ env.IMAGE }}.tar
unit_test:
@@ -51,10 +53,10 @@ jobs:
steps:
- name: checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
@@ -81,10 +83,10 @@ jobs:
needs: setup
steps:
- name: checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
@@ -113,6 +115,7 @@ jobs:
Console,
Databases,
Functions,
FunctionsSchedule,
GraphQL,
Health,
Locale,
@@ -128,10 +131,10 @@ jobs:
steps:
- name: checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
@@ -141,7 +144,7 @@ jobs:
run: |
docker load --input /tmp/${{ env.IMAGE }}.tar
docker compose up -d
sleep 25
sleep 30
- name: Run ${{matrix.service}} Tests
run: docker compose exec -T appwrite test /usr/src/code/tests/e2e/Services/${{matrix.service}} --debug
@@ -149,15 +152,15 @@ jobs:
- name: Run ${{matrix.service}} Shared Tables Tests
run: _APP_DATABASE_SHARED_TABLES=database_db_main docker compose exec -T appwrite test /usr/src/code/tests/e2e/Services/${{matrix.service}} --debug
benchamrking:
benchmarking:
name: Benchmark
runs-on: ubuntu-latest
needs: setup
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Load Cache
uses: actions/cache@v3
uses: actions/cache@v4
with:
key: ${{ env.CACHE_KEY }}
path: /tmp/${{ env.IMAGE }}.tar
CHANGES.md
+142
View File
@@ -1,3 +1,145 @@
# Version 1.6.0
## What's Changed
### Notable changes
* Allow execution filter attributes in [#7607](https://github.com/appwrite/appwrite/pull/7607)
* Add dynamic API keys for function executions in [#7512](https://github.com/appwrite/appwrite/pull/7512)
* Add metrics for successful and failed builds in [#8210](https://github.com/appwrite/appwrite/pull/8210)
* Update logging config to use a DSN approach in [#8187](https://github.com/appwrite/appwrite/pull/8187)
* Add projects.createJWT endpoint for dynamic keys in [#8213](https://github.com/appwrite/appwrite/pull/8213)
* Add users.createJWT() endpoint for local function development in [#8207](https://github.com/appwrite/appwrite/pull/8207)
* Added cancel build endpoint in [#7605](https://github.com/appwrite/appwrite/pull/7605)
* Add CLI as a function deployment type in [#8215](https://github.com/appwrite/appwrite/pull/8215)
* Add vcs.getRepositoryContents() endpoint in [#8330](https://github.com/appwrite/appwrite/pull/8330)
* Add appwrite version in function variables in [#8336](https://github.com/appwrite/appwrite/pull/8336)
* Add support for scheduled executions in [#8243](https://github.com/appwrite/appwrite/pull/8243)
* Add endpoint to delete execution in [#8337](https://github.com/appwrite/appwrite/pull/8337)
* OPR v4 support in [#8323](https://github.com/appwrite/appwrite/pull/8323)
* Mock OTP and phone numbers in [#7565](https://github.com/appwrite/appwrite/pull/7565)
* Support scheduled executions in [#8355](https://github.com/appwrite/appwrite/pull/8355)
* Add alert for new sessions in [#8315](https://github.com/appwrite/appwrite/pull/8315)
* Update delete authenticator to remove OTP Validation in [#8367](https://github.com/appwrite/appwrite/pull/8367)
* Track project last activity in [#8366](https://github.com/appwrite/appwrite/pull/8366)
* Containerize the console in [#8406](https://github.com/appwrite/appwrite/pull/8406)
* Implement MBSeconds Metric on 1.5.X in [#8385](https://github.com/appwrite/appwrite/pull/8385)
* Support JWTs without session ID in [#8420](https://github.com/appwrite/appwrite/pull/8420)
* 1.6.x sdks in [#8359](https://github.com/appwrite/appwrite/pull/8359)
* Base migration for 1.6.x in [#8417](https://github.com/appwrite/appwrite/pull/8417)
* 1.6.x migrations and filters in [#8403](https://github.com/appwrite/appwrite/pull/8403)
* Add APPWRITE_REGION in function variables in [#8394](https://github.com/appwrite/appwrite/pull/8394)
* Support dynamic keys for domain executions in [#8428](https://github.com/appwrite/appwrite/pull/8428)
* Bump DBIP to latest version in [#8467](https://github.com/appwrite/appwrite/pull/8467)
* Automatically restart function on crash in [#8473](https://github.com/appwrite/appwrite/pull/8473)
* Don't send session alerts for otp and magic-url logins in [#8459](https://github.com/appwrite/appwrite/pull/8459)
* Mark 4XX executions as successful in [#8493](https://github.com/appwrite/appwrite/pull/8493)
* Add dynamic keys in builds in [#8492](https://github.com/appwrite/appwrite/pull/8492)
* Allow deployment queries on type and size in [#8515](https://github.com/appwrite/appwrite/pull/8515)
* Add OTP email template in [#8501](https://github.com/appwrite/appwrite/pull/8501)
* Update console links in [#8523](https://github.com/appwrite/appwrite/pull/8523)
* Add multipart support in [#8477](https://github.com/appwrite/appwrite/pull/8477)
* Separate deployment sizes in [#8556](https://github.com/appwrite/appwrite/pull/8556)
* Add go runtime in [#8572](https://github.com/appwrite/appwrite/pull/8572)
* Add react native platform in [#8562](https://github.com/appwrite/appwrite/pull/8562)
* Merge deployments and build storage metrics together in API in [#8443](https://github.com/appwrite/appwrite/pull/8443)
* Support string attribute resizing in [#8597](https://github.com/appwrite/appwrite/pull/8597)
* Support renaming attributes in [#8544](https://github.com/appwrite/appwrite/pull/8544)
* Add VCS vars to deployments & executions in [#8631](https://github.com/appwrite/appwrite/pull/8631)
* Function storage metrics in [#8668](https://github.com/appwrite/appwrite/pull/8668)
* External messaging usage count in [#8672](https://github.com/appwrite/appwrite/pull/8672)
### Fixes
* Fix execution duration in [#8357](https://github.com/appwrite/appwrite/pull/8357)
* Fix file size calculations in [#8432](https://github.com/appwrite/appwrite/pull/8432)
* Fix disabled function logging in [#8398](https://github.com/appwrite/appwrite/pull/8398)
* Fix function redeployments in [#8434](https://github.com/appwrite/appwrite/pull/8434)
* Add value to variables template in [#8483](https://github.com/appwrite/appwrite/pull/8483)
* Fix build size limits in [#8396](https://github.com/appwrite/appwrite/pull/8396)
* Fix deployment method name in [#8490](https://github.com/appwrite/appwrite/pull/8490)
* Fix function disconnecting from git in [#8500](https://github.com/appwrite/appwrite/pull/8500)
* Increase buckets metadata in [#8452](https://github.com/appwrite/appwrite/pull/8452)
* Fix deploy from git with space in [#8517](https://github.com/appwrite/appwrite/pull/8517)
* Fix missing build logs in [#8484](https://github.com/appwrite/appwrite/pull/8484)
* Delete team memberships synchronously in [#8217](https://github.com/appwrite/appwrite/pull/8217)
* Fix Anyof validator in specs in [#8543](https://github.com/appwrite/appwrite/pull/8543)
* Fix missing function variables in [#8554](https://github.com/appwrite/appwrite/pull/8554)
* Fix deadlock in [#8609](https://github.com/appwrite/appwrite/pull/8609)
* Fix domain execution stats in [#8608](https://github.com/appwrite/appwrite/pull/8608)
* Update console redirect to include query params in [#8619](https://github.com/appwrite/appwrite/pull/8619)
* Update abuse-key for mfa challenge endpoints in [#8649](https://github.com/appwrite/appwrite/pull/8649)
* Fix cross-project scheduler stability in [#8641](https://github.com/appwrite/appwrite/pull/8641)
* Fix vcs deployment size in [#8640](https://github.com/appwrite/appwrite/pull/8640)
* Fix logging behaviour for Functions in [#8627](https://github.com/appwrite/appwrite/pull/8627)
* Add retention env vars to deletes worker in [#8662](https://github.com/appwrite/appwrite/pull/8662)
* Fix scheduled executions data in [#8639](https://github.com/appwrite/appwrite/pull/8639)
### Miscellaneous
* Sync 1.6.x with main in [#8163](https://github.com/appwrite/appwrite/pull/8163)
* Remove build ID from rebuild deployment endpoint in [#8214](https://github.com/appwrite/appwrite/pull/8214)
* 1.6.x specs in [#8304](https://github.com/appwrite/appwrite/pull/8304)
* Sync with main in [#8295](https://github.com/appwrite/appwrite/pull/8295)
* Fix 1.6.x failing tests in [#8333](https://github.com/appwrite/appwrite/pull/8333)
* Ensure CI/CD works in [#8350](https://github.com/appwrite/appwrite/pull/8350)
* Update specs in [#8356](https://github.com/appwrite/appwrite/pull/8356)
* Sync main to 1.6.x in [#8430](https://github.com/appwrite/appwrite/pull/8430)
* Add scheduledAt in execution response model in [#8425](https://github.com/appwrite/appwrite/pull/8425)
* Move functions marketplace to appwrite in [#8427](https://github.com/appwrite/appwrite/pull/8427)
* Refactor deployment check in function tests in [#8444](https://github.com/appwrite/appwrite/pull/8444)
* Add ci/cd benchmark in [#8414](https://github.com/appwrite/appwrite/pull/8414)
* Upgrade SDK version in [#8465](https://github.com/appwrite/appwrite/pull/8465)
* Improve session alert in [#8399](https://github.com/appwrite/appwrite/pull/8399)
* Address review comments in [#8422](https://github.com/appwrite/appwrite/pull/8422)
* Add scopes to function template in [#8496](https://github.com/appwrite/appwrite/pull/8496)
* Update benchmark comment in [#8507](https://github.com/appwrite/appwrite/pull/8507)
* Add key to runtime model in [#8503](https://github.com/appwrite/appwrite/pull/8503)
* Upgrade logger in [#8497](https://github.com/appwrite/appwrite/pull/8497)
* Change default email addresses in [#8466](https://github.com/appwrite/appwrite/pull/8466)
* Improve scheduled executions in [#8412](https://github.com/appwrite/appwrite/pull/8412)
* Sync 1.5.x into main in [#8509](https://github.com/appwrite/appwrite/pull/8509)
* Sync 1.6 with main in [#8529](https://github.com/appwrite/appwrite/pull/8529)
* Fix templates CORS in [#8528](https://github.com/appwrite/appwrite/pull/8528)
* Update size to specification for variable runtimes in [#8537](https://github.com/appwrite/appwrite/pull/8537)
* Add boundary to multipart header in [#8539](https://github.com/appwrite/appwrite/pull/8539)
* Support manual templates in [#8527](https://github.com/appwrite/appwrite/pull/8527)
* Reorder runtimes in [#8540](https://github.com/appwrite/appwrite/pull/8540)
* Fix 1.6 bugs in [#8358](https://github.com/appwrite/appwrite/pull/8358)
* Add seconds precision to scheduledAt in [#8546](https://github.com/appwrite/appwrite/pull/8546)
* Update docker base image in [#8485](https://github.com/appwrite/appwrite/pull/8485)
* Update create execution return type in [#8542](https://github.com/appwrite/appwrite/pull/8542)
* Default fallback to for templateBranch in [#8547](https://github.com/appwrite/appwrite/pull/8547)
* Fix env vars functions test in [#8555](https://github.com/appwrite/appwrite/pull/8555)
* Fix session alerts in [#8550](https://github.com/appwrite/appwrite/pull/8550)
* Add runtime controls in [#8384](https://github.com/appwrite/appwrite/pull/8384)
* Revert request type to json in create execution in [#8563](https://github.com/appwrite/appwrite/pull/8563)
* Sync 1.6.x Filters and Migrations with latest in [#8553](https://github.com/appwrite/appwrite/pull/8553)
* Update sdks in [#8551](https://github.com/appwrite/appwrite/pull/8551)
* Update Docs in [#8567](https://github.com/appwrite/appwrite/pull/8567)
* Headers validator benchmark in [#8561](https://github.com/appwrite/appwrite/pull/8561)
* Fix go version in [#8571](https://github.com/appwrite/appwrite/pull/8571)
* Update dependencies in [#8574](https://github.com/appwrite/appwrite/pull/8574)
* Upgrade console in [#8575](https://github.com/appwrite/appwrite/pull/8575)
* 1.6.x logging test in [#8580](https://github.com/appwrite/appwrite/pull/8580)
* Bump console sdk in [#8581](https://github.com/appwrite/appwrite/pull/8581)
* Update sdks in [#8582](https://github.com/appwrite/appwrite/pull/8582)
* Add changelogs for dart and flutter in [#8587](https://github.com/appwrite/appwrite/pull/8587)
* Add payload validator in [#8594](https://github.com/appwrite/appwrite/pull/8594)
* Update geodb in [#8615](https://github.com/appwrite/appwrite/pull/8615)
* Update createdeployment methodtype to upload in [#8616](https://github.com/appwrite/appwrite/pull/8616)
* Remove tenant in document filter in [#8624](https://github.com/appwrite/appwrite/pull/8624)
* Improve mail datetime format in [#8628](https://github.com/appwrite/appwrite/pull/8628)
* Fix router function execution logging in [#8625](https://github.com/appwrite/appwrite/pull/8625)
* Add Functions templates async test in [#8622](https://github.com/appwrite/appwrite/pull/8622)
* Update console in [#8629](https://github.com/appwrite/appwrite/pull/8629)
* 1.6.1 in [#8630](https://github.com/appwrite/appwrite/pull/8630)
* Update version in [#8646](https://github.com/appwrite/appwrite/pull/8646)
* Phone auth metric rename in [#8648](https://github.com/appwrite/appwrite/pull/8648)
* Pretty print specs in [#8643](https://github.com/appwrite/appwrite/pull/8643)
* Fix messaging metrics in [#8674](https://github.com/appwrite/appwrite/pull/8674)
* Bump console to 5.0.6 in [#8585](https://github.com/appwrite/appwrite/pull/8585)
# Version 1.5.10
## What's Changed
CONTRIBUTING.md
+3
View File
@@ -319,10 +319,13 @@ These are the current metrics we collect usage stats for:
| users | Total number of users per project|
| executions | Total number of executions per project |
| databases | Total number of databases per project |
| databases.storage | Total amount of storage used by all databases per project (in bytes) |
| collections | Total number of collections per project |
| {databaseInternalId}.collections | Total number of collections per database|
| {databaseInternalId}.storage | Sum of database storage (in bytes) |
| documents | Total number of documents per project |
| {databaseInternalId}.{collectionInternalId}.documents | Total number of documents per collection |
| {databaseInternalId}.{collectionInternalId}.storage | Sum of database storage used by the collection (in bytes) |
| buckets | Total number of buckets per project |
| files | Total number of files per project |
| {bucketInternalId}.files.storage | Sum of files.storage per bucket (in bytes) |
Dockerfile
+3 -1
View File
@@ -12,7 +12,7 @@ RUN composer install --ignore-platform-reqs --optimize-autoloader \
--no-plugins --no-scripts --prefer-dist \
`if [ "$TESTING" != "true" ]; then echo "--no-dev"; fi`
FROM appwrite/base:0.9.2 AS final
FROM appwrite/base:0.9.3 AS final
LABEL maintainer="team@appwrite.io"
@@ -28,6 +28,8 @@ RUN \
apk add boost boost-dev; \
fi
RUN apk add libwebp
WORKDIR /usr/src/code
COPY --from=composer /usr/local/src/vendor /usr/src/code/vendor
README-CN.md
+3 -3
View File
@@ -67,7 +67,7 @@ docker run -it --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume "$(pwd)"/appwrite:/usr/src/code/appwrite:rw \
--entrypoint="install" \
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
### Windows
@@ -79,7 +79,7 @@ docker run -it --rm ^
--volume //var/run/docker.sock:/var/run/docker.sock ^
--volume "%cd%"/appwrite:/usr/src/code/appwrite:rw ^
--entrypoint="install" ^
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
#### PowerShell
@@ -89,7 +89,7 @@ docker run -it --rm `
--volume /var/run/docker.sock:/var/run/docker.sock `
--volume ${pwd}/appwrite:/usr/src/code/appwrite:rw `
--entrypoint="install" `
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
运行后,可以在浏览器上访问 http://localhost 找到 Appwrite 控制台。在非 Linux 的本机主机上完成安装后,服务器可能需要几分钟才能启动。
README.md
+10 -4
View File
@@ -1,4 +1,4 @@
> Our Appwrite Init event has concluded. You can check out all the new and upcoming features [on our Init website](https://appwrite.io/init) 🚀
> Appwrite Init has concluded! You can check out all the latest announcements [on our Init website](https://appwrite.io/init) 🚀
<br />
<p align="center">
@@ -75,7 +75,7 @@ docker run -it --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume "$(pwd)"/appwrite:/usr/src/code/appwrite:rw \
--entrypoint="install" \
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
### Windows
@@ -87,7 +87,7 @@ docker run -it --rm ^
--volume //var/run/docker.sock:/var/run/docker.sock ^
--volume "%cd%"/appwrite:/usr/src/code/appwrite:rw ^
--entrypoint="install" ^
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
#### PowerShell
@@ -97,7 +97,7 @@ docker run -it --rm `
--volume /var/run/docker.sock:/var/run/docker.sock `
--volume ${pwd}/appwrite:/usr/src/code/appwrite:rw `
--entrypoint="install" `
appwrite/appwrite:1.5.10
appwrite/appwrite:1.6.0
```
Once the Docker installation is complete, go to http://localhost to access the Appwrite console from your browser. Please note that on non-Linux native hosts, the server might take a few minutes to start after completing the installation.
@@ -134,6 +134,12 @@ Choose from one of the providers below:
<br /><sub><b>Akamai Compute</b></sub></a>
</a>
</td>
<td align="center" width="100" height="100">
<a href="https://aws.amazon.com/marketplace/pp/prodview-2hiaeo2px4md6">
<img width="50" height="39" src="public/images/integrations/aws-logo.svg" alt="AWS Logo" />
<br /><sub><b>AWS Marketplace</b></sub></a>
</a>
</td>
</tr>
</table>
app/cli.php
+175 -93
View File
@@ -7,130 +7,214 @@ use Appwrite\Event\Delete;
use Appwrite\Event\Func;
use Appwrite\Platform\Appwrite;
use Appwrite\Runtimes\Runtimes;
use Swoole\Runtime;
use Utopia\CLI\Adapters\Swoole as SwooleCLI;
use Utopia\Cache\Adapter\Sharding;
use Utopia\Cache\Cache;
use Utopia\CLI\CLI;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Validator\Authorization;
use Utopia\DI\Dependency;
use Utopia\DSN\DSN;
use Utopia\Logger\Log;
use Utopia\Platform\Service;
use Utopia\Pools\Group;
use Utopia\Queue\Connection;
use Utopia\Registry\Registry;
use Utopia\System\System;
global $registry, $container;
Runtime::enableCoroutine(SWOOLE_HOOK_ALL);
// overwriting runtimes to be architectur agnostic for CLI
Config::setParam('runtimes', (new Runtimes('v4'))->getAll(supported: false));
// require controllers after overwriting runtimes
require_once __DIR__ . '/controllers/general.php';
/**
* @var Registry $registry
* @var Container $container
*/
$context = new Dependency();
$register = new Dependency();
$logError = new Dependency();
$queueForDeletes = new Dependency();
$queueForFunctions = new Dependency();
$queueForCertificates = new Dependency();
Authorization::disable();
$context
->setName('context')
->setCallback(fn () => $container);
CLI::setResource('register', fn () => $register);
$register
->setName('register')
->setCallback(function () use (&$registry): Registry {
return $registry;
});
CLI::setResource('cache', function ($pools) {
$list = Config::getParam('pools-cache', []);
$adapters = [];
$queueForFunctions
->setName('queueForFunctions')
->inject('queue')
->setCallback(function (Connection $queue) {
return new Func($queue);
});
foreach ($list as $value) {
$adapters[] = $pools
->get($value)
->pop()
->getResource()
;
}
return new Cache(new Sharding($adapters));
}, ['pools']);
$queueForDeletes
->setName('queueForDeletes')
->inject('queue')
->setCallback(function (Connection $queue) {
return new Delete($queue);
});
CLI::setResource('pools', function (Registry $register) {
return $register->get('pools');
}, ['register']);
$queueForCertificates
->setName('queueForCertificates')
->inject('queue')
->setCallback(function (Connection $queue) {
return new Certificate($queue);
});
CLI::setResource('dbForConsole', function ($pools, $cache) {
$sleep = 3;
$maxAttempts = 5;
$attempts = 0;
$ready = false;
$logError
->setName('logError')
->inject('register')
->setCallback(function (Registry $register) {
return function (Throwable $error, string $namespace, string $action) use ($register) {
$logger = $register->get('logger');
do {
$attempts++;
try {
// Prepare database connection
$dbAdapter = $pools
->get('console')
->pop()
->getResource();
if ($logger) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
$dbForConsole = new Database($dbAdapter, $cache);
$log = new Log();
$log->setNamespace($namespace);
$log->setServer(\gethostname());
$log->setVersion($version);
$log->setType(Log::TYPE_ERROR);
$log->setMessage($error->getMessage());
$dbForConsole
->setNamespace('_console')
->setMetadata('host', \gethostname())
->setMetadata('project', 'console');
$log->addTag('code', $error->getCode());
$log->addTag('verboseType', get_class($error));
// Ensure tables exist
$collections = Config::getParam('collections', [])['console'];
$last = \array_key_last($collections);
$log->addExtra('file', $error->getFile());
$log->addExtra('line', $error->getLine());
$log->addExtra('trace', $error->getTraceAsString());
$log->addExtra('trace', $error->getTraceAsString());
$log->setAction($action);
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
$responseCode = $logger->addLog($log);
Console::info('Usage stats log pushed with status code: ' . $responseCode);
if (!($dbForConsole->exists($dbForConsole->getDatabase(), $last))) { /** TODO cache ready variable using registry */
throw new Exception('Tables not ready yet.');
}
Console::warning("Failed: {$error->getMessage()}");
Console::warning($error->getTraceAsString());
};
});
$ready = true;
} catch (\Throwable $err) {
Console::warning($err->getMessage());
$pools->get('console')->reclaim();
sleep($sleep);
}
} while ($attempts < $maxAttempts && !$ready);
$container->set($context);
$container->set($logError);
$container->set($register);
$container->set($queueForDeletes);
$container->set($queueForFunctions);
$container->set($queueForCertificates);
if (!$ready) {
throw new Exception("Console is not ready yet. Please try again later.");
}
return $dbForConsole;
}, ['pools', 'cache']);
CLI::setResource('getProjectDB', function (Group $pools, Database $dbForConsole, $cache) {
$databases = []; // TODO: @Meldiron This should probably be responsibility of utopia-php/pools
return function (Document $project) use ($pools, $dbForConsole, $cache, &$databases) {
if ($project->isEmpty() || $project->getId() === 'console') {
return $dbForConsole;
}
try {
$dsn = new DSN($project->getAttribute('database'));
} catch (\InvalidArgumentException) {
// TODO: Temporary until all projects are using shared tables
$dsn = new DSN('mysql://' . $project->getAttribute('database'));
}
if (isset($databases[$dsn->getHost()])) {
$database = $databases[$dsn->getHost()];
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
return $database;
}
$dbAdapter = $pools
->get($dsn->getHost())
->pop()
->getResource();
$database = new Database($dbAdapter, $cache);
$databases[$dsn->getHost()] = $database;
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
$database
->setMetadata('host', \gethostname())
->setMetadata('project', $project->getId());
return $database;
};
}, ['pools', 'dbForConsole', 'cache']);
CLI::setResource('queue', function (Group $pools) {
return $pools->get('queue')->pop()->getResource();
}, ['pools']);
CLI::setResource('queueForFunctions', function (Connection $queue) {
return new Func($queue);
}, ['queue']);
CLI::setResource('queueForDeletes', function (Connection $queue) {
return new Delete($queue);
}, ['queue']);
CLI::setResource('queueForCertificates', function (Connection $queue) {
return new Certificate($queue);
}, ['queue']);
CLI::setResource('logError', function (Registry $register) {
return function (Throwable $error, string $namespace, string $action) use ($register) {
$logger = $register->get('logger');
if ($logger) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
$log = new Log();
$log->setNamespace($namespace);
$log->setServer(\gethostname());
$log->setVersion($version);
$log->setType(Log::TYPE_ERROR);
$log->setMessage($error->getMessage());
$log->addTag('code', $error->getCode());
$log->addTag('verboseType', get_class($error));
$log->addExtra('file', $error->getFile());
$log->addExtra('line', $error->getLine());
$log->addExtra('trace', $error->getTraceAsString());
$log->setAction($action);
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
try {
$responseCode = $logger->addLog($log);
Console::info('Error log pushed with status code: ' . $responseCode);
} catch (Throwable $th) {
Console::error('Error pushing log: ' . $th->getMessage());
}
}
Console::warning("Failed: {$error->getMessage()}");
Console::warning($error->getTraceAsString());
};
}, ['register']);
$platform = new Appwrite();
$platform->init(Service::TYPE_TASK, ['adapter' => new SwooleCLI(1)]);
$platform->init(Service::TYPE_TASK);
$cli = $platform->getCli();
$cli
->init()
->inject('authorization')
->action(function (Authorization $authorization) {
$authorization->disable();
});
$cli
->error()
->inject('error')
@@ -138,6 +222,4 @@ $cli
Console::error($error->getMessage());
});
$cli
->setContainer($container)
->run();
$cli->run();
app/config/collections.php
+34 -1
View File
@@ -4109,13 +4109,24 @@ $projectCollections = array_merge([
'$id' => ID::custom('source'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => 8192,
'size' => 8192, // reduce size
'signed' => true,
'required' => true,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('destination'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => false, // make true after patch script
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('credentials'),
'type' => Database::VAR_STRING,
@@ -4138,6 +4149,28 @@ $projectCollections = array_merge([
'array' => true,
'filters' => [],
],
[
'$id' => ID::custom('resourceId'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => false,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('resourceType'),
'type' => Database::VAR_STRING,
'format' => '',
'size' => Database::LENGTH_KEY,
'signed' => true,
'required' => false,
'default' => null,
'array' => false,
'filters' => [],
],
[
'$id' => ID::custom('statusCounters'),
'type' => Database::VAR_STRING,
app/config/function-templates.php
+58 -38
View File
@@ -82,7 +82,7 @@ return [
'providerOwner' => 'appwrite',
'providerVersion' => '0.2.*',
'variables' => [],
'scopes' => ["users.read"]
'scopes' => ['users.read']
],
[
'icon' => 'icon-upstash',
@@ -125,7 +125,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-redis',
@@ -167,7 +168,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-neo4j',
@@ -217,7 +219,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-mongodb',
@@ -253,7 +256,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-neon',
@@ -320,7 +324,8 @@ return [
'required' => true,
'type' => 'text'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-open-ai',
@@ -380,7 +385,8 @@ return [
'required' => false,
'type' => 'number'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-discord',
@@ -442,7 +448,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-perspective-api',
@@ -476,7 +483,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-pangea',
@@ -523,7 +531,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-document',
@@ -543,7 +552,8 @@ return [
'providerRepositoryId' => 'templates',
'providerOwner' => 'appwrite',
'providerVersion' => '0.2.*',
'variables' => []
'variables' => [],
'scopes' => []
],
[
'icon' => 'icon-github',
@@ -586,7 +596,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-bookmark',
@@ -637,7 +648,7 @@ return [
'type' => 'url'
]
],
'scopes' => ["databases.read", "databases.write", "collections.write", "attributes.write", "documents.read", "documents.write"]
'scopes' => ['databases.read', 'databases.write', 'collections.write', 'attributes.write', 'documents.read', 'documents.write']
],
[
'icon' => 'icon-algolia',
@@ -718,7 +729,7 @@ return [
'type' => 'password'
],
],
'scopes' => ["databases.read", "collections.read", "documents.read"]
'scopes' => ['databases.read', 'collections.read', 'documents.read']
],
[
'icon' => 'icon-meilisearch',
@@ -811,7 +822,7 @@ return [
'type' => 'text'
],
],
'scopes' => ["databases.read", "collections.read", "documents.read"]
'scopes' => ['databases.read', 'collections.read', 'documents.read']
],
[
'icon' => 'icon-vonage',
@@ -896,7 +907,8 @@ return [
'required' => true,
'type' => 'phone'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-bell',
@@ -951,7 +963,8 @@ return [
'required' => true,
'type' => 'url'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-mail',
@@ -1033,7 +1046,8 @@ return [
'required' => false,
'type' => 'text'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-stripe',
@@ -1074,7 +1088,7 @@ return [
'type' => 'password'
]
],
'scopes' => ["users.read", "sessions.write", "users.write"]
'scopes' => ['users.read', 'sessions.write', 'users.write']
],
[
'icon' => 'icon-stripe',
@@ -1131,7 +1145,7 @@ return [
'type' => 'text'
]
],
'scopes' => ["databases.read", "databases.write", "collections.write", "attributes.write", "documents.read", "documents.write"]
'scopes' => ['databases.read', 'databases.write', 'collections.write', 'attributes.write', 'documents.read', 'documents.write']
],
[
'icon' => 'icon-chat',
@@ -1164,7 +1178,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-translate',
@@ -1197,7 +1212,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-eye',
@@ -1255,7 +1271,7 @@ return [
'type' => 'password'
]
],
'scopes' => ["databases.read", "databases.write", "collections.read", "collections.write", "attributes.write", "documents.read", "documents.write", "buckets.read", "buckets.write", "files.read"]
'scopes' => ['databases.read', 'databases.write', 'collections.read', 'collections.write', 'attributes.write', 'documents.read', 'documents.write', 'buckets.read', 'buckets.write', 'files.read']
],
[
'icon' => 'icon-eye',
@@ -1313,7 +1329,7 @@ return [
'type' => 'password'
]
],
"scopes" => ["databases.read", "databases.write", "collections.read", "collections.write", "attributes.write", "documents.read", "documents.write", "buckets.read", "buckets.write", "files.read"]
'scopes' => ['databases.read', 'databases.write', 'collections.read', 'collections.write', 'attributes.write', 'documents.read', 'documents.write', 'buckets.read', 'buckets.write', 'files.read']
],
[
'icon' => 'icon-text',
@@ -1371,7 +1387,7 @@ return [
'type' => 'password'
]
],
"scopes" => ["databases.read", "databases.write", "collections.read", "collections.write", "attributes.write", "documents.read", "documents.write", "buckets.read", "buckets.write", "files.read"]
'scopes' => ['databases.read', 'databases.write', 'collections.read', 'collections.write', 'attributes.write', 'documents.read', 'documents.write', 'buckets.read', 'buckets.write', 'files.read']
],
[
'icon' => 'icon-chat',
@@ -1429,7 +1445,7 @@ return [
'type' => 'password'
]
],
"scopes" => ["buckets.read", "buckets.write", "files.read", "files.write"]
'scopes' => ['buckets.read', 'buckets.write', 'files.read', 'files.write']
],
[
'icon' => 'icon-chip',
@@ -1463,7 +1479,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-chip',
@@ -1505,7 +1522,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["buckets.write", "files.read", "files.write"]
'scopes' => ['buckets.write', 'files.read', 'files.write']
],
[
'icon' => 'icon-chip',
@@ -1579,7 +1596,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-document-search',
@@ -1642,7 +1660,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["databases.read", "collections.read", "documents.read"]
'scopes' => ['databases.read', 'collections.read', 'documents.read']
],
[
'icon' => 'icon-chip',
@@ -1705,7 +1723,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["databases.read", "collections.read", "documents.read"]
'scopes' => ['databases.read', 'collections.read', 'documents.read']
],
[
'icon' => 'icon-chat',
@@ -1760,7 +1778,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["buckets.read", "buckets.write", "files.read", "files.write"]
'scopes' => ['buckets.read', 'buckets.write', 'files.read', 'files.write']
],
[
'icon' => 'icon-chip',
@@ -1801,7 +1819,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["buckets.read", "buckets.write", "files.read", "files.write"]
'scopes' => ['buckets.read', 'buckets.write', 'files.read', 'files.write']
],
[
'icon' => 'icon-chip',
@@ -1841,7 +1859,8 @@ return [
'required' => false,
'type' => 'number'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-music-note',
@@ -1883,7 +1902,7 @@ return [
'type' => 'password'
]
],
"scopes" => ["buckets.read", "buckets.write", "files.read", "files.write"]
'scopes' => ['buckets.read', 'buckets.write', 'files.read', 'files.write']
],
[
'icon' => 'icon-chip',
@@ -1917,7 +1936,8 @@ return [
'required' => true,
'type' => 'password'
]
]
],
'scopes' => []
],
[
'icon' => 'icon-currency-dollar',
@@ -1972,7 +1992,7 @@ return [
'type' => 'text'
]
],
"scopes" => ["users.read", "users.write"]
'scopes' => ['users.read', 'users.write']
],
[
'icon' => 'icon-currency-dollar',
@@ -2043,6 +2063,6 @@ return [
'type' => 'text'
]
],
"scopes" => ["users.read", "users.write"]
'scopes' => ['users.read', 'users.write']
]
];
app/config/platforms.php
-4
View File
@@ -1,9 +1,5 @@
<?php
const APP_PLATFORM_SERVER = 'server';
const APP_PLATFORM_CLIENT = 'client';
const APP_PLATFORM_CONSOLE = 'console';
return [
APP_PLATFORM_CLIENT => [
'key' => APP_PLATFORM_CLIENT,
app/config/roles.php
+2 -2
View File
@@ -17,7 +17,6 @@ $member = [
'files.read',
'files.write',
'projects.read',
'projects.write',
'locale.read',
'avatars.read',
'execution.read',
@@ -49,6 +48,7 @@ $admins = [
'collections.write',
'platforms.read',
'platforms.write',
'projects.write',
'keys.read',
'keys.write',
'webhooks.read',
@@ -75,7 +75,7 @@ $admins = [
'topics.write',
'topics.read',
'subscribers.write',
'subscribers.read'
'subscribers.read',
];
return [
app/config/specs/open-api3-1.6.x-client.json
+36 -35
View File
@@ -166,7 +166,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -239,7 +239,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"tags": [
"account"
@@ -556,7 +556,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"tags": [
"account"
@@ -624,7 +624,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"tags": [
"account"
@@ -711,7 +711,7 @@
}
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"tags": [
"account"
@@ -774,7 +774,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"tags": [
"account"
@@ -850,7 +850,7 @@
}
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"tags": [
"account"
@@ -928,7 +928,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"tags": [
"account"
@@ -981,7 +981,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"tags": [
"account"
@@ -1032,7 +1032,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"tags": [
"account"
@@ -1083,7 +1083,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"tags": [
"account"
@@ -1570,7 +1570,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1802,7 +1802,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -1954,7 +1954,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\n\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\r\n\r\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"301": {
"description": "File"
@@ -2703,7 +2703,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2784,7 +2784,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2873,7 +2873,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "File"
@@ -3009,7 +3009,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -3088,7 +3088,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3368,7 +3368,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image"
@@ -3496,7 +3496,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3628,7 +3628,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3688,7 +3688,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4178,7 +4178,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -4262,7 +4262,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4356,7 +4356,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -5319,7 +5319,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -5368,7 +5368,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"tags": [
"locale"
@@ -6001,7 +6001,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -6268,7 +6268,7 @@
}
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"tags": [
"storage"
@@ -6610,7 +6610,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -7156,7 +7157,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -7343,7 +7344,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -7508,7 +7509,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -9405,7 +9406,7 @@
"responseBody": {
"type": "string",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/open-api3-1.6.x-console.json
+306 -124
View File
File diff suppressed because it is too large Load Diff
app/config/specs/open-api3-1.6.x-server.json
+215 -82
View File
@@ -167,7 +167,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -241,7 +241,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"tags": [
"account"
@@ -562,7 +562,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"tags": [
"account"
@@ -631,7 +631,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"tags": [
"account"
@@ -719,7 +719,7 @@
}
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"tags": [
"account"
@@ -783,7 +783,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"tags": [
"account"
@@ -859,7 +859,7 @@
}
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"tags": [
"account"
@@ -938,7 +938,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"tags": [
"account"
@@ -992,7 +992,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"tags": [
"account"
@@ -1044,7 +1044,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"tags": [
"account"
@@ -1096,7 +1096,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"tags": [
"account"
@@ -1590,7 +1590,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1825,7 +1825,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2370,7 +2370,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2451,7 +2451,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2540,7 +2540,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "File"
@@ -2676,7 +2676,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2755,7 +2755,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3039,7 +3039,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image"
@@ -3169,7 +3169,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3303,7 +3303,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3365,7 +3365,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3857,7 +3857,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3943,7 +3943,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4039,7 +4039,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4211,7 +4211,7 @@
"tags": [
"databases"
],
"description": "Create a new Database.\n",
"description": "Create a new Database.\r\n",
"responses": {
"201": {
"description": "Database",
@@ -5026,7 +5026,7 @@
"tags": [
"databases"
],
"description": "Create a boolean attribute.\n",
"description": "Create a boolean attribute.\r\n",
"responses": {
"202": {
"description": "AttributeBoolean",
@@ -5472,7 +5472,7 @@
"tags": [
"databases"
],
"description": "Create an email attribute.\n",
"description": "Create an email attribute.\r\n",
"responses": {
"202": {
"description": "AttributeEmail",
@@ -5581,7 +5581,7 @@
"tags": [
"databases"
],
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEmail",
@@ -5695,7 +5695,7 @@
"tags": [
"databases"
],
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \n",
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \r\n",
"responses": {
"202": {
"description": "AttributeEnum",
@@ -5813,7 +5813,7 @@
"tags": [
"databases"
],
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEnum",
@@ -5936,7 +5936,7 @@
"tags": [
"databases"
],
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeFloat",
@@ -6055,7 +6055,7 @@
"tags": [
"databases"
],
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeFloat",
@@ -6181,7 +6181,7 @@
"tags": [
"databases"
],
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeInteger",
@@ -6300,7 +6300,7 @@
"tags": [
"databases"
],
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeInteger",
@@ -6426,7 +6426,7 @@
"tags": [
"databases"
],
"description": "Create IP address attribute.\n",
"description": "Create IP address attribute.\r\n",
"responses": {
"202": {
"description": "AttributeIP",
@@ -6535,7 +6535,7 @@
"tags": [
"databases"
],
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeIP",
@@ -6649,7 +6649,7 @@
"tags": [
"databases"
],
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"202": {
"description": "AttributeRelationship",
@@ -6783,7 +6783,7 @@
"tags": [
"databases"
],
"description": "Create a string attribute.\n",
"description": "Create a string attribute.\r\n",
"responses": {
"202": {
"description": "AttributeString",
@@ -6903,7 +6903,7 @@
"tags": [
"databases"
],
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeString",
@@ -7022,7 +7022,7 @@
"tags": [
"databases"
],
"description": "Create a URL attribute.\n",
"description": "Create a URL attribute.\r\n",
"responses": {
"202": {
"description": "AttributeURL",
@@ -7131,7 +7131,7 @@
"tags": [
"databases"
],
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeURL",
@@ -7433,7 +7433,7 @@
"tags": [
"databases"
],
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"200": {
"description": "AttributeRelationship",
@@ -8119,7 +8119,7 @@
"tags": [
"databases"
],
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\nAttributes can be `key`, `fulltext`, and `unique`.",
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\r\nAttributes can be `key`, `fulltext`, and `unique`.",
"responses": {
"202": {
"description": "Index",
@@ -8767,7 +8767,7 @@
"tags": [
"functions"
],
"description": "List allowed function specifications for this instance.\n",
"description": "List allowed function specifications for this instance.\r\n",
"responses": {
"200": {
"description": "Specifications List",
@@ -9249,7 +9249,7 @@
"tags": [
"functions"
],
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\n\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\n\nUse the \"command\" param to set the entrypoint used to execute your code.",
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\r\n\r\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\r\n\r\nUse the \"command\" param to set the entrypoint used to execute your code.",
"responses": {
"202": {
"description": "Deployment",
@@ -10068,7 +10068,7 @@
"tags": [
"functions"
],
"description": "Delete a function execution by its unique ID.\n",
"description": "Delete a function execution by its unique ID.\r\n",
"responses": {
"204": {
"description": "No content"
@@ -11279,7 +11279,7 @@
"tags": [
"health"
],
"description": "Returns the amount of failed jobs in a given queue.\n",
"description": "Returns the amount of failed jobs in a given queue.\r\n",
"responses": {
"200": {
"description": "Health Queue",
@@ -12046,7 +12046,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -12097,7 +12097,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"tags": [
"locale"
@@ -12720,7 +12720,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13027,7 +13027,7 @@
"tags": [
"messaging"
],
"description": "Update a push notification by its unique ID.\n",
"description": "Update a push notification by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13299,7 +13299,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13414,7 +13414,7 @@
"tags": [
"messaging"
],
"description": "Get a message by its unique ID.\n",
"description": "Get a message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -15915,7 +15915,7 @@
"tags": [
"messaging"
],
"description": "Get a provider by its unique ID.\n",
"description": "Get a provider by its unique ID.\r\n",
"responses": {
"200": {
"description": "Provider",
@@ -16355,7 +16355,7 @@
"tags": [
"messaging"
],
"description": "Get a topic by its unique ID.\n",
"description": "Get a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16418,7 +16418,7 @@
"tags": [
"messaging"
],
"description": "Update a topic by its unique ID.\n",
"description": "Update a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16822,7 +16822,7 @@
"tags": [
"messaging"
],
"description": "Get a subscriber by its unique ID.\n",
"description": "Get a subscriber by its unique ID.\r\n",
"responses": {
"200": {
"description": "Subscriber",
@@ -17516,7 +17516,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -17789,7 +17789,7 @@
}
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"tags": [
"storage"
@@ -18137,7 +18137,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -18697,7 +18698,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -18888,7 +18889,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19057,7 +19058,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19645,7 +19646,7 @@
},
"\/users\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "usersListIdentities",
"tags": [
"users"
@@ -20580,7 +20581,7 @@
"tags": [
"users"
],
"description": "Update the user labels by its unique ID. \n\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"description": "Update the user labels by its unique ID. \r\n\r\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"responses": {
"200": {
"description": "User",
@@ -20885,7 +20886,7 @@
},
"\/users\/{userId}\/mfa\/authenticators\/{type}": {
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "usersDeleteMfaAuthenticator",
"tags": [
"users"
@@ -20964,7 +20965,7 @@
},
"\/users\/{userId}\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "usersListMfaFactors",
"tags": [
"users"
@@ -21028,7 +21029,7 @@
},
"\/users\/{userId}\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "usersGetMfaRecoveryCodes",
"tags": [
"users"
@@ -21090,7 +21091,7 @@
]
},
"put": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "usersUpdateMfaRecoveryCodes",
"tags": [
"users"
@@ -21152,7 +21153,7 @@
]
},
"patch": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "usersCreateMfaRecoveryCodes",
"tags": [
"users"
@@ -21677,7 +21678,7 @@
"tags": [
"users"
],
"description": "Creates a session for a user. Returns an immediately usable session object.\n\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"description": "Creates a session for a user. Returns an immediately usable session object.\r\n\r\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"responses": {
"201": {
"description": "Session",
@@ -21941,7 +21942,7 @@
},
"\/users\/{userId}\/targets": {
"get": {
"summary": "List User Targets",
"summary": "List user targets",
"operationId": "usersListTargets",
"tags": [
"users"
@@ -22017,7 +22018,7 @@
]
},
"post": {
"summary": "Create User Target",
"summary": "Create user target",
"operationId": "usersCreateTarget",
"tags": [
"users"
@@ -22130,7 +22131,7 @@
},
"\/users\/{userId}\/targets\/{targetId}": {
"get": {
"summary": "Get User Target",
"summary": "Get user target",
"operationId": "usersGetTarget",
"tags": [
"users"
@@ -22203,7 +22204,7 @@
]
},
"patch": {
"summary": "Update User target",
"summary": "Update user target",
"operationId": "usersUpdateTarget",
"tags": [
"users"
@@ -22375,7 +22376,7 @@
"tags": [
"users"
],
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\n",
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -23677,6 +23678,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"size": {
"type": "integer",
"description": "Attribute size.",
@@ -23696,6 +23707,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"size"
]
},
@@ -23734,6 +23747,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "integer",
"description": "Minimum value to enforce for new documents.",
@@ -23761,7 +23784,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeFloat": {
@@ -23799,6 +23824,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "number",
"description": "Minimum value to enforce for new documents.",
@@ -23826,7 +23861,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeBoolean": {
@@ -23864,6 +23901,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"default": {
"type": "boolean",
"description": "Default value for attribute when not provided. Cannot be set when attribute is required.",
@@ -23876,7 +23923,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeEmail": {
@@ -23914,6 +23963,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -23932,6 +23991,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -23970,6 +24031,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"elements": {
"type": "array",
"description": "Array of elements in enumerated type.",
@@ -23996,6 +24067,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"elements",
"format"
]
@@ -24035,6 +24108,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24053,6 +24136,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24091,6 +24176,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24109,6 +24204,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24147,6 +24244,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "ISO 8601 format.",
@@ -24165,6 +24272,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24203,6 +24312,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"relatedCollection": {
"type": "string",
"description": "The ID of the related collection.",
@@ -24240,6 +24359,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"relatedCollection",
"relationType",
"twoWay",
@@ -24288,6 +24409,16 @@
},
"x-example": [],
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Index creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Index update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
}
},
"required": [
@@ -24295,7 +24426,9 @@
"type",
"status",
"error",
"attributes"
"attributes",
"$createdAt",
"$updatedAt"
]
},
"document": {
@@ -25966,7 +26099,7 @@
"responseBody": {
"type": "string",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/open-api3-latest-client.json
+36 -35
View File
@@ -166,7 +166,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -239,7 +239,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"tags": [
"account"
@@ -556,7 +556,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"tags": [
"account"
@@ -624,7 +624,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"tags": [
"account"
@@ -711,7 +711,7 @@
}
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"tags": [
"account"
@@ -774,7 +774,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"tags": [
"account"
@@ -850,7 +850,7 @@
}
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"tags": [
"account"
@@ -928,7 +928,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"tags": [
"account"
@@ -981,7 +981,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"tags": [
"account"
@@ -1032,7 +1032,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"tags": [
"account"
@@ -1083,7 +1083,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"tags": [
"account"
@@ -1570,7 +1570,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1802,7 +1802,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -1954,7 +1954,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\n\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\r\n\r\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"301": {
"description": "File"
@@ -2703,7 +2703,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2784,7 +2784,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2873,7 +2873,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "File"
@@ -3009,7 +3009,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -3088,7 +3088,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3368,7 +3368,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image"
@@ -3496,7 +3496,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3628,7 +3628,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3688,7 +3688,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4178,7 +4178,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -4262,7 +4262,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4356,7 +4356,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -5319,7 +5319,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -5368,7 +5368,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"tags": [
"locale"
@@ -6001,7 +6001,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -6268,7 +6268,7 @@
}
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"tags": [
"storage"
@@ -6610,7 +6610,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -7156,7 +7157,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -7343,7 +7344,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -7508,7 +7509,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -9405,7 +9406,7 @@
"responseBody": {
"type": "string",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/open-api3-latest-console.json
+306 -124
View File
File diff suppressed because it is too large Load Diff
app/config/specs/open-api3-latest-server.json
+215 -82
View File
@@ -167,7 +167,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -241,7 +241,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"tags": [
"account"
@@ -562,7 +562,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"tags": [
"account"
@@ -631,7 +631,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"tags": [
"account"
@@ -719,7 +719,7 @@
}
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"tags": [
"account"
@@ -783,7 +783,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"tags": [
"account"
@@ -859,7 +859,7 @@
}
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"tags": [
"account"
@@ -938,7 +938,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"tags": [
"account"
@@ -992,7 +992,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"tags": [
"account"
@@ -1044,7 +1044,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"tags": [
"account"
@@ -1096,7 +1096,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"tags": [
"account"
@@ -1590,7 +1590,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1825,7 +1825,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2370,7 +2370,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2451,7 +2451,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2540,7 +2540,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "File"
@@ -2676,7 +2676,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2755,7 +2755,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3039,7 +3039,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image"
@@ -3169,7 +3169,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3303,7 +3303,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3365,7 +3365,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -3857,7 +3857,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image"
@@ -3943,7 +3943,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4039,7 +4039,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image"
@@ -4211,7 +4211,7 @@
"tags": [
"databases"
],
"description": "Create a new Database.\n",
"description": "Create a new Database.\r\n",
"responses": {
"201": {
"description": "Database",
@@ -5026,7 +5026,7 @@
"tags": [
"databases"
],
"description": "Create a boolean attribute.\n",
"description": "Create a boolean attribute.\r\n",
"responses": {
"202": {
"description": "AttributeBoolean",
@@ -5472,7 +5472,7 @@
"tags": [
"databases"
],
"description": "Create an email attribute.\n",
"description": "Create an email attribute.\r\n",
"responses": {
"202": {
"description": "AttributeEmail",
@@ -5581,7 +5581,7 @@
"tags": [
"databases"
],
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEmail",
@@ -5695,7 +5695,7 @@
"tags": [
"databases"
],
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \n",
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \r\n",
"responses": {
"202": {
"description": "AttributeEnum",
@@ -5813,7 +5813,7 @@
"tags": [
"databases"
],
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEnum",
@@ -5936,7 +5936,7 @@
"tags": [
"databases"
],
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeFloat",
@@ -6055,7 +6055,7 @@
"tags": [
"databases"
],
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeFloat",
@@ -6181,7 +6181,7 @@
"tags": [
"databases"
],
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeInteger",
@@ -6300,7 +6300,7 @@
"tags": [
"databases"
],
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeInteger",
@@ -6426,7 +6426,7 @@
"tags": [
"databases"
],
"description": "Create IP address attribute.\n",
"description": "Create IP address attribute.\r\n",
"responses": {
"202": {
"description": "AttributeIP",
@@ -6535,7 +6535,7 @@
"tags": [
"databases"
],
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeIP",
@@ -6649,7 +6649,7 @@
"tags": [
"databases"
],
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"202": {
"description": "AttributeRelationship",
@@ -6783,7 +6783,7 @@
"tags": [
"databases"
],
"description": "Create a string attribute.\n",
"description": "Create a string attribute.\r\n",
"responses": {
"202": {
"description": "AttributeString",
@@ -6903,7 +6903,7 @@
"tags": [
"databases"
],
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeString",
@@ -7022,7 +7022,7 @@
"tags": [
"databases"
],
"description": "Create a URL attribute.\n",
"description": "Create a URL attribute.\r\n",
"responses": {
"202": {
"description": "AttributeURL",
@@ -7131,7 +7131,7 @@
"tags": [
"databases"
],
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeURL",
@@ -7433,7 +7433,7 @@
"tags": [
"databases"
],
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"200": {
"description": "AttributeRelationship",
@@ -8119,7 +8119,7 @@
"tags": [
"databases"
],
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\nAttributes can be `key`, `fulltext`, and `unique`.",
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\r\nAttributes can be `key`, `fulltext`, and `unique`.",
"responses": {
"202": {
"description": "Index",
@@ -8767,7 +8767,7 @@
"tags": [
"functions"
],
"description": "List allowed function specifications for this instance.\n",
"description": "List allowed function specifications for this instance.\r\n",
"responses": {
"200": {
"description": "Specifications List",
@@ -9249,7 +9249,7 @@
"tags": [
"functions"
],
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\n\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\n\nUse the \"command\" param to set the entrypoint used to execute your code.",
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\r\n\r\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\r\n\r\nUse the \"command\" param to set the entrypoint used to execute your code.",
"responses": {
"202": {
"description": "Deployment",
@@ -10068,7 +10068,7 @@
"tags": [
"functions"
],
"description": "Delete a function execution by its unique ID.\n",
"description": "Delete a function execution by its unique ID.\r\n",
"responses": {
"204": {
"description": "No content"
@@ -11279,7 +11279,7 @@
"tags": [
"health"
],
"description": "Returns the amount of failed jobs in a given queue.\n",
"description": "Returns the amount of failed jobs in a given queue.\r\n",
"responses": {
"200": {
"description": "Health Queue",
@@ -12046,7 +12046,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -12097,7 +12097,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"tags": [
"locale"
@@ -12720,7 +12720,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13027,7 +13027,7 @@
"tags": [
"messaging"
],
"description": "Update a push notification by its unique ID.\n",
"description": "Update a push notification by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13299,7 +13299,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13414,7 +13414,7 @@
"tags": [
"messaging"
],
"description": "Get a message by its unique ID.\n",
"description": "Get a message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -15915,7 +15915,7 @@
"tags": [
"messaging"
],
"description": "Get a provider by its unique ID.\n",
"description": "Get a provider by its unique ID.\r\n",
"responses": {
"200": {
"description": "Provider",
@@ -16355,7 +16355,7 @@
"tags": [
"messaging"
],
"description": "Get a topic by its unique ID.\n",
"description": "Get a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16418,7 +16418,7 @@
"tags": [
"messaging"
],
"description": "Update a topic by its unique ID.\n",
"description": "Update a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16822,7 +16822,7 @@
"tags": [
"messaging"
],
"description": "Get a subscriber by its unique ID.\n",
"description": "Get a subscriber by its unique ID.\r\n",
"responses": {
"200": {
"description": "Subscriber",
@@ -17516,7 +17516,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -17789,7 +17789,7 @@
}
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"tags": [
"storage"
@@ -18137,7 +18137,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -18697,7 +18698,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -18888,7 +18889,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19057,7 +19058,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19645,7 +19646,7 @@
},
"\/users\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "usersListIdentities",
"tags": [
"users"
@@ -20580,7 +20581,7 @@
"tags": [
"users"
],
"description": "Update the user labels by its unique ID. \n\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"description": "Update the user labels by its unique ID. \r\n\r\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"responses": {
"200": {
"description": "User",
@@ -20885,7 +20886,7 @@
},
"\/users\/{userId}\/mfa\/authenticators\/{type}": {
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "usersDeleteMfaAuthenticator",
"tags": [
"users"
@@ -20964,7 +20965,7 @@
},
"\/users\/{userId}\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "usersListMfaFactors",
"tags": [
"users"
@@ -21028,7 +21029,7 @@
},
"\/users\/{userId}\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "usersGetMfaRecoveryCodes",
"tags": [
"users"
@@ -21090,7 +21091,7 @@
]
},
"put": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "usersUpdateMfaRecoveryCodes",
"tags": [
"users"
@@ -21152,7 +21153,7 @@
]
},
"patch": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "usersCreateMfaRecoveryCodes",
"tags": [
"users"
@@ -21677,7 +21678,7 @@
"tags": [
"users"
],
"description": "Creates a session for a user. Returns an immediately usable session object.\n\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"description": "Creates a session for a user. Returns an immediately usable session object.\r\n\r\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"responses": {
"201": {
"description": "Session",
@@ -21941,7 +21942,7 @@
},
"\/users\/{userId}\/targets": {
"get": {
"summary": "List User Targets",
"summary": "List user targets",
"operationId": "usersListTargets",
"tags": [
"users"
@@ -22017,7 +22018,7 @@
]
},
"post": {
"summary": "Create User Target",
"summary": "Create user target",
"operationId": "usersCreateTarget",
"tags": [
"users"
@@ -22130,7 +22131,7 @@
},
"\/users\/{userId}\/targets\/{targetId}": {
"get": {
"summary": "Get User Target",
"summary": "Get user target",
"operationId": "usersGetTarget",
"tags": [
"users"
@@ -22203,7 +22204,7 @@
]
},
"patch": {
"summary": "Update User target",
"summary": "Update user target",
"operationId": "usersUpdateTarget",
"tags": [
"users"
@@ -22375,7 +22376,7 @@
"tags": [
"users"
],
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\n",
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -23677,6 +23678,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"size": {
"type": "integer",
"description": "Attribute size.",
@@ -23696,6 +23707,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"size"
]
},
@@ -23734,6 +23747,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "integer",
"description": "Minimum value to enforce for new documents.",
@@ -23761,7 +23784,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeFloat": {
@@ -23799,6 +23824,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "number",
"description": "Minimum value to enforce for new documents.",
@@ -23826,7 +23861,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeBoolean": {
@@ -23864,6 +23901,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"default": {
"type": "boolean",
"description": "Default value for attribute when not provided. Cannot be set when attribute is required.",
@@ -23876,7 +23923,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeEmail": {
@@ -23914,6 +23963,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -23932,6 +23991,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -23970,6 +24031,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"elements": {
"type": "array",
"description": "Array of elements in enumerated type.",
@@ -23996,6 +24067,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"elements",
"format"
]
@@ -24035,6 +24108,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24053,6 +24136,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24091,6 +24176,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24109,6 +24204,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24147,6 +24244,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "ISO 8601 format.",
@@ -24165,6 +24272,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24203,6 +24312,16 @@
"x-example": false,
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"relatedCollection": {
"type": "string",
"description": "The ID of the related collection.",
@@ -24240,6 +24359,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"relatedCollection",
"relationType",
"twoWay",
@@ -24288,6 +24409,16 @@
},
"x-example": [],
"nullable": true
},
"$createdAt": {
"type": "string",
"description": "Index creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Index update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
}
},
"required": [
@@ -24295,7 +24426,9 @@
"type",
"status",
"error",
"attributes"
"attributes",
"$createdAt",
"$updatedAt"
]
},
"document": {
@@ -25966,7 +26099,7 @@
"responseBody": {
"type": "string",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/swagger2-1.6.x-client.json
+37 -36
View File
@@ -222,7 +222,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -293,7 +293,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"consumes": [
"application\/json"
@@ -619,7 +619,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -687,7 +687,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -773,7 +773,7 @@
]
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -838,7 +838,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"consumes": [
"application\/json"
@@ -917,7 +917,7 @@
]
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"consumes": [
"application\/json"
@@ -994,7 +994,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"consumes": [
"application\/json"
@@ -1049,7 +1049,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1102,7 +1102,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1155,7 +1155,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1670,7 +1670,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1915,7 +1915,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2075,7 +2075,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\n\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\r\n\r\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"301": {
"description": "No content"
@@ -2836,7 +2836,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2922,7 +2922,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3017,7 +3017,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "No content"
@@ -3152,7 +3152,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -3235,7 +3235,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3528,7 +3528,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image",
@@ -3657,7 +3657,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -3790,7 +3790,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -3857,7 +3857,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4348,7 +4348,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -4435,7 +4435,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4530,7 +4530,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -5528,7 +5528,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -5573,7 +5573,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"consumes": [
"application\/json"
@@ -6225,7 +6225,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -6476,7 +6476,7 @@
]
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"consumes": [
"application\/json"
@@ -6807,7 +6807,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -7367,7 +7368,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -7556,7 +7557,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -7718,7 +7719,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -9589,9 +9590,9 @@
"format": "int32"
},
"responseBody": {
"type": "string",
"type": "payload",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/swagger2-1.6.x-console.json
+310 -125
View File
File diff suppressed because it is too large Load Diff
app/config/specs/swagger2-1.6.x-server.json
+216 -83
View File
@@ -238,7 +238,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -310,7 +310,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"consumes": [
"application\/json"
@@ -640,7 +640,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -709,7 +709,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -796,7 +796,7 @@
]
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -862,7 +862,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"consumes": [
"application\/json"
@@ -941,7 +941,7 @@
]
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"consumes": [
"application\/json"
@@ -1019,7 +1019,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"consumes": [
"application\/json"
@@ -1075,7 +1075,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1129,7 +1129,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1183,7 +1183,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1705,7 +1705,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1953,7 +1953,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2518,7 +2518,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2604,7 +2604,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2699,7 +2699,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "No content"
@@ -2834,7 +2834,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2917,7 +2917,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3214,7 +3214,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image",
@@ -3345,7 +3345,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -3480,7 +3480,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -3549,7 +3549,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4042,7 +4042,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -4131,7 +4131,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4228,7 +4228,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4400,7 +4400,7 @@
"tags": [
"databases"
],
"description": "Create a new Database.\n",
"description": "Create a new Database.\r\n",
"responses": {
"201": {
"description": "Database",
@@ -5217,7 +5217,7 @@
"tags": [
"databases"
],
"description": "Create a boolean attribute.\n",
"description": "Create a boolean attribute.\r\n",
"responses": {
"202": {
"description": "AttributeBoolean",
@@ -5653,7 +5653,7 @@
"tags": [
"databases"
],
"description": "Create an email attribute.\n",
"description": "Create an email attribute.\r\n",
"responses": {
"202": {
"description": "AttributeEmail",
@@ -5760,7 +5760,7 @@
"tags": [
"databases"
],
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEmail",
@@ -5871,7 +5871,7 @@
"tags": [
"databases"
],
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \n",
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \r\n",
"responses": {
"202": {
"description": "AttributeEnum",
@@ -5988,7 +5988,7 @@
"tags": [
"databases"
],
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEnum",
@@ -6109,7 +6109,7 @@
"tags": [
"databases"
],
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeFloat",
@@ -6228,7 +6228,7 @@
"tags": [
"databases"
],
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeFloat",
@@ -6353,7 +6353,7 @@
"tags": [
"databases"
],
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeInteger",
@@ -6472,7 +6472,7 @@
"tags": [
"databases"
],
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeInteger",
@@ -6597,7 +6597,7 @@
"tags": [
"databases"
],
"description": "Create IP address attribute.\n",
"description": "Create IP address attribute.\r\n",
"responses": {
"202": {
"description": "AttributeIP",
@@ -6704,7 +6704,7 @@
"tags": [
"databases"
],
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeIP",
@@ -6815,7 +6815,7 @@
"tags": [
"databases"
],
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"202": {
"description": "AttributeRelationship",
@@ -6951,7 +6951,7 @@
"tags": [
"databases"
],
"description": "Create a string attribute.\n",
"description": "Create a string attribute.\r\n",
"responses": {
"202": {
"description": "AttributeString",
@@ -7071,7 +7071,7 @@
"tags": [
"databases"
],
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeString",
@@ -7188,7 +7188,7 @@
"tags": [
"databases"
],
"description": "Create a URL attribute.\n",
"description": "Create a URL attribute.\r\n",
"responses": {
"202": {
"description": "AttributeURL",
@@ -7295,7 +7295,7 @@
"tags": [
"databases"
],
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeURL",
@@ -7586,7 +7586,7 @@
"tags": [
"databases"
],
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"200": {
"description": "AttributeRelationship",
@@ -8250,7 +8250,7 @@
"tags": [
"databases"
],
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\nAttributes can be `key`, `fulltext`, and `unique`.",
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\r\nAttributes can be `key`, `fulltext`, and `unique`.",
"responses": {
"202": {
"description": "Index",
@@ -8917,7 +8917,7 @@
"tags": [
"functions"
],
"description": "List allowed function specifications for this instance.\n",
"description": "List allowed function specifications for this instance.\r\n",
"responses": {
"200": {
"description": "Specifications List",
@@ -9415,7 +9415,7 @@
"tags": [
"functions"
],
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\n\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\n\nUse the \"command\" param to set the entrypoint used to execute your code.",
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\r\n\r\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\r\n\r\nUse the \"command\" param to set the entrypoint used to execute your code.",
"responses": {
"202": {
"description": "Deployment",
@@ -10231,7 +10231,7 @@
"tags": [
"functions"
],
"description": "Delete a function execution by its unique ID.\n",
"description": "Delete a function execution by its unique ID.\r\n",
"responses": {
"204": {
"description": "No content"
@@ -11494,7 +11494,7 @@
"tags": [
"health"
],
"description": "Returns the amount of failed jobs in a given queue.\n",
"description": "Returns the amount of failed jobs in a given queue.\r\n",
"responses": {
"200": {
"description": "Health Queue",
@@ -12265,7 +12265,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -12312,7 +12312,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"consumes": [
"application\/json"
@@ -12968,7 +12968,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13302,7 +13302,7 @@
"tags": [
"messaging"
],
"description": "Update a push notification by its unique ID.\n",
"description": "Update a push notification by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13596,7 +13596,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13715,7 +13715,7 @@
"tags": [
"messaging"
],
"description": "Get a message by its unique ID.\n",
"description": "Get a message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -16355,7 +16355,7 @@
"tags": [
"messaging"
],
"description": "Get a provider by its unique ID.\n",
"description": "Get a provider by its unique ID.\r\n",
"responses": {
"200": {
"description": "Provider",
@@ -16803,7 +16803,7 @@
"tags": [
"messaging"
],
"description": "Get a topic by its unique ID.\n",
"description": "Get a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16866,7 +16866,7 @@
"tags": [
"messaging"
],
"description": "Update a topic by its unique ID.\n",
"description": "Update a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -17270,7 +17270,7 @@
"tags": [
"messaging"
],
"description": "Get a subscriber by its unique ID.\n",
"description": "Get a subscriber by its unique ID.\r\n",
"responses": {
"200": {
"description": "Subscriber",
@@ -17981,7 +17981,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -18238,7 +18238,7 @@
]
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"consumes": [
"application\/json"
@@ -18575,7 +18575,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -19149,7 +19150,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -19342,7 +19343,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19508,7 +19509,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -20105,7 +20106,7 @@
},
"\/users\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "usersListIdentities",
"consumes": [
"application\/json"
@@ -21087,7 +21088,7 @@
"tags": [
"users"
],
"description": "Update the user labels by its unique ID. \n\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"description": "Update the user labels by its unique ID. \r\n\r\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"responses": {
"200": {
"description": "User",
@@ -21383,7 +21384,7 @@
},
"\/users\/{userId}\/mfa\/authenticators\/{type}": {
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "usersDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -21460,7 +21461,7 @@
},
"\/users\/{userId}\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "usersListMfaFactors",
"consumes": [
"application\/json"
@@ -21524,7 +21525,7 @@
},
"\/users\/{userId}\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "usersGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -21586,7 +21587,7 @@
]
},
"put": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "usersUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -21648,7 +21649,7 @@
]
},
"patch": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "usersCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -22175,7 +22176,7 @@
"tags": [
"users"
],
"description": "Creates a session for a user. Returns an immediately usable session object.\n\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"description": "Creates a session for a user. Returns an immediately usable session object.\r\n\r\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"responses": {
"201": {
"description": "Session",
@@ -22434,7 +22435,7 @@
},
"\/users\/{userId}\/targets": {
"get": {
"summary": "List User Targets",
"summary": "List user targets",
"operationId": "usersListTargets",
"consumes": [
"application\/json"
@@ -22509,7 +22510,7 @@
]
},
"post": {
"summary": "Create User Target",
"summary": "Create user target",
"operationId": "usersCreateTarget",
"consumes": [
"application\/json"
@@ -22625,7 +22626,7 @@
},
"\/users\/{userId}\/targets\/{targetId}": {
"get": {
"summary": "Get User Target",
"summary": "Get user target",
"operationId": "usersGetTarget",
"consumes": [
"application\/json"
@@ -22696,7 +22697,7 @@
]
},
"patch": {
"summary": "Update User target",
"summary": "Update user target",
"operationId": "usersUpdateTarget",
"consumes": [
"application\/json"
@@ -22875,7 +22876,7 @@
"tags": [
"users"
],
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\n",
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -24166,6 +24167,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"size": {
"type": "integer",
"description": "Attribute size.",
@@ -24185,6 +24196,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"size"
]
},
@@ -24223,6 +24236,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "integer",
"description": "Minimum value to enforce for new documents.",
@@ -24250,7 +24273,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeFloat": {
@@ -24288,6 +24313,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "number",
"description": "Minimum value to enforce for new documents.",
@@ -24315,7 +24350,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeBoolean": {
@@ -24353,6 +24390,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"default": {
"type": "boolean",
"description": "Default value for attribute when not provided. Cannot be set when attribute is required.",
@@ -24365,7 +24412,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeEmail": {
@@ -24403,6 +24452,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24421,6 +24480,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24459,6 +24520,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"elements": {
"type": "array",
"description": "Array of elements in enumerated type.",
@@ -24485,6 +24556,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"elements",
"format"
]
@@ -24524,6 +24597,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24542,6 +24625,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24580,6 +24665,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24598,6 +24693,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24636,6 +24733,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "ISO 8601 format.",
@@ -24654,6 +24761,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24692,6 +24801,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"relatedCollection": {
"type": "string",
"description": "The ID of the related collection.",
@@ -24729,6 +24848,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"relatedCollection",
"relationType",
"twoWay",
@@ -24777,6 +24898,16 @@
},
"x-example": [],
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Index creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Index update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
}
},
"required": [
@@ -24784,7 +24915,9 @@
"type",
"status",
"error",
"attributes"
"attributes",
"$createdAt",
"$updatedAt"
]
},
"document": {
@@ -26458,9 +26591,9 @@
"format": "int32"
},
"responseBody": {
"type": "string",
"type": "payload",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/swagger2-latest-client.json
+37 -36
View File
@@ -222,7 +222,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -293,7 +293,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"consumes": [
"application\/json"
@@ -619,7 +619,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -687,7 +687,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -773,7 +773,7 @@
]
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -838,7 +838,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"consumes": [
"application\/json"
@@ -917,7 +917,7 @@
]
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"consumes": [
"application\/json"
@@ -994,7 +994,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"consumes": [
"application\/json"
@@ -1049,7 +1049,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1102,7 +1102,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1155,7 +1155,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1670,7 +1670,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1915,7 +1915,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2075,7 +2075,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\n\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.\r\n\r\nIf there is already an active session, the new session will be attached to the logged-in account. If there are no active sessions, the server will attempt to look for a user with the same email address as the email received from the OAuth2 provider and attach the new session to the existing user. If no matching user is found - the server will create a new user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"301": {
"description": "No content"
@@ -2836,7 +2836,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2922,7 +2922,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3017,7 +3017,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "No content"
@@ -3152,7 +3152,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -3235,7 +3235,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3528,7 +3528,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image",
@@ -3657,7 +3657,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -3790,7 +3790,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -3857,7 +3857,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4348,7 +4348,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -4435,7 +4435,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4530,7 +4530,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -5528,7 +5528,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -5573,7 +5573,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"consumes": [
"application\/json"
@@ -6225,7 +6225,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -6476,7 +6476,7 @@
]
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"consumes": [
"application\/json"
@@ -6807,7 +6807,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -7367,7 +7368,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -7556,7 +7557,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -7718,7 +7719,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -9589,9 +9590,9 @@
"format": "int32"
},
"responseBody": {
"type": "string",
"type": "payload",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/specs/swagger2-latest-console.json
+310 -125
View File
File diff suppressed because it is too large Load Diff
app/config/specs/swagger2-latest-server.json
+216 -83
View File
@@ -238,7 +238,7 @@
"tags": [
"account"
],
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\n",
"description": "Update currently logged in user account email address. After changing user address, the user confirmation status will get reset. A new confirmation email is not sent automatically however you can use the send confirmation email endpoint again to send the confirmation email. For security measures, user password is required to complete this request.\r\nThis endpoint can also be used to convert an anonymous account to a normal one, by passing an email address and a new password.\r\n",
"responses": {
"200": {
"description": "User",
@@ -310,7 +310,7 @@
},
"\/account\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "accountListIdentities",
"consumes": [
"application\/json"
@@ -640,7 +640,7 @@
},
"\/account\/mfa\/authenticators\/{type}": {
"post": {
"summary": "Create Authenticator",
"summary": "Create authenticator",
"operationId": "accountCreateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -709,7 +709,7 @@
]
},
"put": {
"summary": "Verify Authenticator",
"summary": "Verify authenticator",
"operationId": "accountUpdateMfaAuthenticator",
"consumes": [
"application\/json"
@@ -796,7 +796,7 @@
]
},
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "accountDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -862,7 +862,7 @@
},
"\/account\/mfa\/challenge": {
"post": {
"summary": "Create MFA Challenge",
"summary": "Create MFA challenge",
"operationId": "accountCreateMfaChallenge",
"consumes": [
"application\/json"
@@ -941,7 +941,7 @@
]
},
"put": {
"summary": "Create MFA Challenge (confirmation)",
"summary": "Create MFA challenge (confirmation)",
"operationId": "accountUpdateMfaChallenge",
"consumes": [
"application\/json"
@@ -1019,7 +1019,7 @@
},
"\/account\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "accountListMfaFactors",
"consumes": [
"application\/json"
@@ -1075,7 +1075,7 @@
},
"\/account\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "accountGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1129,7 +1129,7 @@
]
},
"post": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "accountCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1183,7 +1183,7 @@
]
},
"patch": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "accountUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -1705,7 +1705,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"description": "Use this endpoint to complete the user account password reset. Both the **userId** and **secret** arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the [POST \/account\/recovery](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createRecovery) endpoint.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.",
"responses": {
"200": {
"description": "Token",
@@ -1953,7 +1953,7 @@
"tags": [
"account"
],
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login into their account by providing a valid email and password combination. This route will create a new session for the user.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Session",
@@ -2518,7 +2518,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2604,7 +2604,7 @@
"tags": [
"account"
],
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\n",
"description": "Sends the user an email with a secret key for creating a session. If the provided user ID has not been registered, a new user will be created. When the user clicks the link in the email, the user is redirected back to the URL you provided with the secret key and userId values attached to the URL query string. Use the query string parameters to submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The link sent to the user's email address is valid for 1 hour. If you are on a mobile device you can leave the URL parameter empty, so that the login completion will be handled by your Appwrite instance by default.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).\r\n",
"responses": {
"201": {
"description": "Token",
@@ -2699,7 +2699,7 @@
"tags": [
"account"
],
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \n\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Allow the user to login to their account using the OAuth2 provider of their choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed. \r\n\r\nIf authentication succeeds, `userId` and `secret` of a token will be appended to the success URL as query parameters. These can be used to create a new session using the [Create session](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"301": {
"description": "No content"
@@ -2834,7 +2834,7 @@
"tags": [
"account"
],
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\n\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"description": "Sends the user an SMS with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST \/v1\/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process. The secret sent to the user's phone is valid for 15 minutes.\r\n\r\nA user is limited to 10 active sessions at a time by default. [Learn more about session limits](https:\/\/appwrite.io\/docs\/authentication-security#limits).",
"responses": {
"201": {
"description": "Token",
@@ -2917,7 +2917,7 @@
"tags": [
"account"
],
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\n\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\n",
"description": "Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.\r\n\r\nPlease note that in order to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -3214,7 +3214,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"description": "You can use this endpoint to show different browser icons to your users. The code argument receives the browser code as it appears in your user [GET \/account\/sessions](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#getSessions) endpoint. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.",
"responses": {
"200": {
"description": "Image",
@@ -3345,7 +3345,7 @@
"tags": [
"avatars"
],
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "The credit card endpoint will return you the icon of the credit card provider you need. Use width, height and quality arguments to change the output settings.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -3480,7 +3480,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -3549,7 +3549,7 @@
"tags": [
"avatars"
],
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "You can use this endpoint to show different country flags icons to your users. The code argument receives the 2 letter country code. Use width, height and quality arguments to change the output settings. Country codes follow the [ISO 3166-1](https:\/\/en.wikipedia.org\/wiki\/ISO_3166-1) standard.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4042,7 +4042,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\n\nThis endpoint does not follow HTTP redirects.",
"description": "Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.\r\n\r\nThis endpoint does not follow HTTP redirects.",
"responses": {
"200": {
"description": "Image",
@@ -4131,7 +4131,7 @@
"tags": [
"avatars"
],
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\n\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\n\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\n",
"description": "Use this endpoint to show your user initials avatar icon on your website or app. By default, this route will try to print your logged-in user name or email initials. You can also overwrite the user name if you pass the 'name' parameter. If no name is given and no user is logged, an empty avatar will be returned.\r\n\r\nYou can use the color and background params to change the avatar colors. By default, a random theme will be selected. The random theme will persist for the user's initials when reloading the same theme will always return for the same initials.\r\n\r\nWhen one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 100x100px.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4228,7 +4228,7 @@
"tags": [
"avatars"
],
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\n",
"description": "Converts a given plain text to a QR code image. You can use the query parameters to change the size and style of the resulting image.\r\n",
"responses": {
"200": {
"description": "Image",
@@ -4400,7 +4400,7 @@
"tags": [
"databases"
],
"description": "Create a new Database.\n",
"description": "Create a new Database.\r\n",
"responses": {
"201": {
"description": "Database",
@@ -5217,7 +5217,7 @@
"tags": [
"databases"
],
"description": "Create a boolean attribute.\n",
"description": "Create a boolean attribute.\r\n",
"responses": {
"202": {
"description": "AttributeBoolean",
@@ -5653,7 +5653,7 @@
"tags": [
"databases"
],
"description": "Create an email attribute.\n",
"description": "Create an email attribute.\r\n",
"responses": {
"202": {
"description": "AttributeEmail",
@@ -5760,7 +5760,7 @@
"tags": [
"databases"
],
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an email attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEmail",
@@ -5871,7 +5871,7 @@
"tags": [
"databases"
],
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \n",
"description": "Create an enumeration attribute. The `elements` param acts as a white-list of accepted values for this attribute. \r\n",
"responses": {
"202": {
"description": "AttributeEnum",
@@ -5988,7 +5988,7 @@
"tags": [
"databases"
],
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an enum attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeEnum",
@@ -6109,7 +6109,7 @@
"tags": [
"databases"
],
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create a float attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeFloat",
@@ -6228,7 +6228,7 @@
"tags": [
"databases"
],
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a float attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeFloat",
@@ -6353,7 +6353,7 @@
"tags": [
"databases"
],
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\n",
"description": "Create an integer attribute. Optionally, minimum and maximum values can be provided.\r\n",
"responses": {
"202": {
"description": "AttributeInteger",
@@ -6472,7 +6472,7 @@
"tags": [
"databases"
],
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an integer attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeInteger",
@@ -6597,7 +6597,7 @@
"tags": [
"databases"
],
"description": "Create IP address attribute.\n",
"description": "Create IP address attribute.\r\n",
"responses": {
"202": {
"description": "AttributeIP",
@@ -6704,7 +6704,7 @@
"tags": [
"databases"
],
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an ip attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeIP",
@@ -6815,7 +6815,7 @@
"tags": [
"databases"
],
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Create relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"202": {
"description": "AttributeRelationship",
@@ -6951,7 +6951,7 @@
"tags": [
"databases"
],
"description": "Create a string attribute.\n",
"description": "Create a string attribute.\r\n",
"responses": {
"202": {
"description": "AttributeString",
@@ -7071,7 +7071,7 @@
"tags": [
"databases"
],
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update a string attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeString",
@@ -7188,7 +7188,7 @@
"tags": [
"databases"
],
"description": "Create a URL attribute.\n",
"description": "Create a URL attribute.\r\n",
"responses": {
"202": {
"description": "AttributeURL",
@@ -7295,7 +7295,7 @@
"tags": [
"databases"
],
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\n",
"description": "Update an url attribute. Changing the `default` value will not update already existing documents.\r\n",
"responses": {
"200": {
"description": "AttributeURL",
@@ -7586,7 +7586,7 @@
"tags": [
"databases"
],
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\n",
"description": "Update relationship attribute. [Learn more about relationship attributes](https:\/\/appwrite.io\/docs\/databases-relationships#relationship-attributes).\r\n",
"responses": {
"200": {
"description": "AttributeRelationship",
@@ -8250,7 +8250,7 @@
"tags": [
"databases"
],
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\nAttributes can be `key`, `fulltext`, and `unique`.",
"description": "Creates an index on the attributes listed. Your index should include all the attributes you will query in a single request.\r\nAttributes can be `key`, `fulltext`, and `unique`.",
"responses": {
"202": {
"description": "Index",
@@ -8917,7 +8917,7 @@
"tags": [
"functions"
],
"description": "List allowed function specifications for this instance.\n",
"description": "List allowed function specifications for this instance.\r\n",
"responses": {
"200": {
"description": "Specifications List",
@@ -9415,7 +9415,7 @@
"tags": [
"functions"
],
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\n\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\n\nUse the \"command\" param to set the entrypoint used to execute your code.",
"description": "Create a new function code deployment. Use this endpoint to upload a new version of your code function. To execute your newly uploaded code, you'll need to update the function's deployment to use your new deployment UID.\r\n\r\nThis endpoint accepts a tar.gz file compressed with your code. Make sure to include any dependencies your code has within the compressed file. You can learn more about code packaging in the [Appwrite Cloud Functions tutorial](https:\/\/appwrite.io\/docs\/functions).\r\n\r\nUse the \"command\" param to set the entrypoint used to execute your code.",
"responses": {
"202": {
"description": "Deployment",
@@ -10231,7 +10231,7 @@
"tags": [
"functions"
],
"description": "Delete a function execution by its unique ID.\n",
"description": "Delete a function execution by its unique ID.\r\n",
"responses": {
"204": {
"description": "No content"
@@ -11494,7 +11494,7 @@
"tags": [
"health"
],
"description": "Returns the amount of failed jobs in a given queue.\n",
"description": "Returns the amount of failed jobs in a given queue.\r\n",
"responses": {
"200": {
"description": "Health Queue",
@@ -12265,7 +12265,7 @@
"tags": [
"locale"
],
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\n\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"description": "Get the current user location based on IP. Returns an object with user country code, country name, continent name, continent code, ip address and suggested currency. You can use the locale header to get the data in a supported language.\r\n\r\n([IP Geolocation by DB-IP](https:\/\/db-ip.com))",
"responses": {
"200": {
"description": "Locale",
@@ -12312,7 +12312,7 @@
},
"\/locale\/codes": {
"get": {
"summary": "List Locale Codes",
"summary": "List locale codes",
"operationId": "localeListCodes",
"consumes": [
"application\/json"
@@ -12968,7 +12968,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13302,7 +13302,7 @@
"tags": [
"messaging"
],
"description": "Update a push notification by its unique ID.\n",
"description": "Update a push notification by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13596,7 +13596,7 @@
"tags": [
"messaging"
],
"description": "Update an email message by its unique ID.\n",
"description": "Update an email message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -13715,7 +13715,7 @@
"tags": [
"messaging"
],
"description": "Get a message by its unique ID.\n",
"description": "Get a message by its unique ID.\r\n",
"responses": {
"200": {
"description": "Message",
@@ -16355,7 +16355,7 @@
"tags": [
"messaging"
],
"description": "Get a provider by its unique ID.\n",
"description": "Get a provider by its unique ID.\r\n",
"responses": {
"200": {
"description": "Provider",
@@ -16803,7 +16803,7 @@
"tags": [
"messaging"
],
"description": "Get a topic by its unique ID.\n",
"description": "Get a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -16866,7 +16866,7 @@
"tags": [
"messaging"
],
"description": "Update a topic by its unique ID.\n",
"description": "Update a topic by its unique ID.\r\n",
"responses": {
"200": {
"description": "Topic",
@@ -17270,7 +17270,7 @@
"tags": [
"messaging"
],
"description": "Get a subscriber by its unique ID.\n",
"description": "Get a subscriber by its unique ID.\r\n",
"responses": {
"200": {
"description": "Subscriber",
@@ -17981,7 +17981,7 @@
"tags": [
"storage"
],
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\n\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\n\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\n\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\n",
"description": "Create a new file. Before using this route, you should create a new bucket resource using either a [server integration](https:\/\/appwrite.io\/docs\/server\/storage#storageCreateBucket) API or directly from your Appwrite console.\r\n\r\nLarger files should be uploaded using multiple requests with the [content-range](https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/HTTP\/Headers\/Content-Range) header to send a partial request with a maximum supported chunk of `5MB`. The `content-range` header values should always be in bytes.\r\n\r\nWhen the first request is sent, the server will return the **File** object, and the subsequent part request must include the file's **id** in `x-appwrite-id` header to allow the server to know that the partial upload is for the existing file and not for a new one.\r\n\r\nIf you're creating a new file using one of the Appwrite SDKs, all the chunking logic will be managed by the SDK internally.\r\n",
"responses": {
"201": {
"description": "File",
@@ -18238,7 +18238,7 @@
]
},
"delete": {
"summary": "Delete File",
"summary": "Delete file",
"operationId": "storageDeleteFile",
"consumes": [
"application\/json"
@@ -18575,7 +18575,8 @@
"jpeg",
"gif",
"png",
"webp"
"webp",
"avif"
],
"x-enum-name": "ImageFormat",
"x-enum-keys": [],
@@ -19149,7 +19150,7 @@
"tags": [
"teams"
],
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\n\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\n\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \n\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\n",
"description": "Invite a new member to join your team. Provide an ID for existing users, or invite unregistered users using an email or phone number. If initiated from a Client SDK, Appwrite will send an email or sms with a link to join the team to the invited user, and an account will be created for them if one doesn't exist. If initiated from a Server SDK, the new member will be added automatically to the team.\r\n\r\nYou only need to provide one of a user ID, email, or phone number. Appwrite will prioritize accepting the user ID > email > phone number if you provide more than one of these parameters.\r\n\r\nUse the `url` parameter to redirect the user from the invitation email to your app. After the user is redirected, use the [Update Team Membership Status](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/teams#updateMembershipStatus) endpoint to allow the user to accept the invitation to the team. \r\n\r\nPlease note that to avoid a [Redirect Attack](https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md) Appwrite will accept the only redirect URLs under the domains you have added as a platform on the Appwrite Console.\r\n",
"responses": {
"201": {
"description": "Membership",
@@ -19342,7 +19343,7 @@
"tags": [
"teams"
],
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\n",
"description": "Modify the roles of a team member. Only team members with the owner role have access to this endpoint. Learn more about [roles and permissions](https:\/\/appwrite.io\/docs\/permissions).\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -19508,7 +19509,7 @@
"tags": [
"teams"
],
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\n\nIf the request is successful, a session for the user is automatically created.\n",
"description": "Use this endpoint to allow a user to accept an invitation to join a team after being redirected back to your app from the invitation email received by the user.\r\n\r\nIf the request is successful, a session for the user is automatically created.\r\n",
"responses": {
"200": {
"description": "Membership",
@@ -20105,7 +20106,7 @@
},
"\/users\/identities": {
"get": {
"summary": "List Identities",
"summary": "List identities",
"operationId": "usersListIdentities",
"consumes": [
"application\/json"
@@ -21087,7 +21088,7 @@
"tags": [
"users"
],
"description": "Update the user labels by its unique ID. \n\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"description": "Update the user labels by its unique ID. \r\n\r\nLabels can be used to grant access to resources. While teams are a way for user's to share access to a resource, labels can be defined by the developer to grant access without an invitation. See the [Permissions docs](https:\/\/appwrite.io\/docs\/permissions) for more info.",
"responses": {
"200": {
"description": "User",
@@ -21383,7 +21384,7 @@
},
"\/users\/{userId}\/mfa\/authenticators\/{type}": {
"delete": {
"summary": "Delete Authenticator",
"summary": "Delete authenticator",
"operationId": "usersDeleteMfaAuthenticator",
"consumes": [
"application\/json"
@@ -21460,7 +21461,7 @@
},
"\/users\/{userId}\/mfa\/factors": {
"get": {
"summary": "List Factors",
"summary": "List factors",
"operationId": "usersListMfaFactors",
"consumes": [
"application\/json"
@@ -21524,7 +21525,7 @@
},
"\/users\/{userId}\/mfa\/recovery-codes": {
"get": {
"summary": "Get MFA Recovery Codes",
"summary": "Get MFA recovery codes",
"operationId": "usersGetMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -21586,7 +21587,7 @@
]
},
"put": {
"summary": "Regenerate MFA Recovery Codes",
"summary": "Regenerate MFA recovery codes",
"operationId": "usersUpdateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -21648,7 +21649,7 @@
]
},
"patch": {
"summary": "Create MFA Recovery Codes",
"summary": "Create MFA recovery codes",
"operationId": "usersCreateMfaRecoveryCodes",
"consumes": [
"application\/json"
@@ -22175,7 +22176,7 @@
"tags": [
"users"
],
"description": "Creates a session for a user. Returns an immediately usable session object.\n\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"description": "Creates a session for a user. Returns an immediately usable session object.\r\n\r\nIf you want to generate a token for a custom authentication flow, use the [POST \/users\/{userId}\/tokens](https:\/\/appwrite.io\/docs\/server\/users#createToken) endpoint.",
"responses": {
"201": {
"description": "Session",
@@ -22434,7 +22435,7 @@
},
"\/users\/{userId}\/targets": {
"get": {
"summary": "List User Targets",
"summary": "List user targets",
"operationId": "usersListTargets",
"consumes": [
"application\/json"
@@ -22509,7 +22510,7 @@
]
},
"post": {
"summary": "Create User Target",
"summary": "Create user target",
"operationId": "usersCreateTarget",
"consumes": [
"application\/json"
@@ -22625,7 +22626,7 @@
},
"\/users\/{userId}\/targets\/{targetId}": {
"get": {
"summary": "Get User Target",
"summary": "Get user target",
"operationId": "usersGetTarget",
"consumes": [
"application\/json"
@@ -22696,7 +22697,7 @@
]
},
"patch": {
"summary": "Update User target",
"summary": "Update user target",
"operationId": "usersUpdateTarget",
"consumes": [
"application\/json"
@@ -22875,7 +22876,7 @@
"tags": [
"users"
],
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\n",
"description": "Returns a token with a secret key for creating a session. Use the user ID and secret and submit a request to the [PUT \/account\/sessions\/token](https:\/\/appwrite.io\/docs\/references\/cloud\/client-web\/account#createSession) endpoint to complete the login process.\r\n",
"responses": {
"201": {
"description": "Token",
@@ -24166,6 +24167,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"size": {
"type": "integer",
"description": "Attribute size.",
@@ -24185,6 +24196,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"size"
]
},
@@ -24223,6 +24236,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "integer",
"description": "Minimum value to enforce for new documents.",
@@ -24250,7 +24273,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeFloat": {
@@ -24288,6 +24313,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"min": {
"type": "number",
"description": "Minimum value to enforce for new documents.",
@@ -24315,7 +24350,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeBoolean": {
@@ -24353,6 +24390,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"default": {
"type": "boolean",
"description": "Default value for attribute when not provided. Cannot be set when attribute is required.",
@@ -24365,7 +24412,9 @@
"type",
"status",
"error",
"required"
"required",
"$createdAt",
"$updatedAt"
]
},
"attributeEmail": {
@@ -24403,6 +24452,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24421,6 +24480,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24459,6 +24520,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"elements": {
"type": "array",
"description": "Array of elements in enumerated type.",
@@ -24485,6 +24556,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"elements",
"format"
]
@@ -24524,6 +24597,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24542,6 +24625,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24580,6 +24665,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "String format.",
@@ -24598,6 +24693,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24636,6 +24733,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"format": {
"type": "string",
"description": "ISO 8601 format.",
@@ -24654,6 +24761,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"format"
]
},
@@ -24692,6 +24801,16 @@
"x-example": false,
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Attribute creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Attribute update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"relatedCollection": {
"type": "string",
"description": "The ID of the related collection.",
@@ -24729,6 +24848,8 @@
"status",
"error",
"required",
"$createdAt",
"$updatedAt",
"relatedCollection",
"relationType",
"twoWay",
@@ -24777,6 +24898,16 @@
},
"x-example": [],
"x-nullable": true
},
"$createdAt": {
"type": "string",
"description": "Index creation date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
},
"$updatedAt": {
"type": "string",
"description": "Index update date in ISO 8601 format.",
"x-example": "2020-10-15T06:38:00.000+00:00"
}
},
"required": [
@@ -24784,7 +24915,9 @@
"type",
"status",
"error",
"attributes"
"attributes",
"$createdAt",
"$updatedAt"
]
},
"document": {
@@ -26458,9 +26591,9 @@
"format": "int32"
},
"responseBody": {
"type": "string",
"type": "payload",
"description": "HTTP response body. This will return empty unless execution is created as synchronous.",
"x-example": "Developers are awesome."
"x-example": ""
},
"responseHeaders": {
"type": "array",
app/config/storage/mimes.php
+2
View File
@@ -6,6 +6,8 @@ return [
'image/gif',
'image/png',
'image/webp',
// 'image/heic',
'image/avif',
// Video Files
'video/mp4',
app/config/storage/outputs.php
+3
View File
@@ -6,4 +6,7 @@ return [ // Accepted outputs files
'gif' => 'image/gif',
'png' => 'image/png',
'webp' => 'image/webp',
// 'heic' => 'image/heic',
// 'heics' => 'image/heic',
'avif' => 'image/avif'
];
app/config/variables.php
+2 -2
View File
@@ -193,7 +193,7 @@ return [
'introduction' => '1.5.1',
'default' => '',
'required' => true,
'question' => '',
'question' => 'Enter an email that will be used when registering for SSL certificates',
'filter' => ''
],
[
@@ -254,7 +254,7 @@ return [
'name' => '_APP_WORKER_PER_CORE',
'description' => 'Internal Worker per core for the API, Realtime and Executor containers. Can be configured to optimize performance.',
'introduction' => '0.13.0',
'default' => 2,
'default' => 6,
'required' => false,
'question' => '',
'filter' => ''
app/controllers/api/account.php
+272 -309
View File
File diff suppressed because it is too large Load Diff
app/controllers/api/avatars.php
+33 -69
View File
@@ -5,7 +5,7 @@ use Appwrite\URL\URL as URLParse;
use Appwrite\Utopia\Response;
use chillerlan\QRCode\QRCode;
use chillerlan\QRCode\QROptions;
use Utopia\CLI\Console;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
@@ -14,17 +14,15 @@ use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\UID;
use Utopia\Domains\Domain;
use Utopia\Fetch\Client;
use Utopia\Http\Http;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\HexColor;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\URL;
use Utopia\Http\Validator\WhiteList;
use Utopia\Image\Image;
use Utopia\Logger\Log;
use Utopia\Logger\Logger;
use Utopia\System\System;
use Utopia\Validator\Boolean;
use Utopia\Validator\HexColor;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\URL;
use Utopia\Validator\WhiteList;
$avatarCallback = function (string $type, string $code, int $width, int $height, int $quality, Response $response) {
@@ -63,9 +61,9 @@ $avatarCallback = function (string $type, string $code, int $width, int $height,
unset($image);
};
$getUserGitHub = function (string $userId, Document $project, Database $dbForProject, Database $dbForConsole, ?Logger $logger, Authorization $auth) {
$getUserGitHub = function (string $userId, Document $project, Database $dbForProject, Database $dbForConsole, ?Logger $logger) {
try {
$user = $auth->skip(fn () => $dbForConsole->getDocument('users', $userId));
$user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId));
$sessions = $user->getAttribute('sessions', []);
@@ -116,7 +114,7 @@ $getUserGitHub = function (string $userId, Document $project, Database $dbForPro
->setAttribute('providerRefreshToken', $refreshToken)
->setAttribute('providerAccessTokenExpiry', DateTime::addSeconds(new \DateTime(), (int)$oauth2->getAccessTokenExpiry('')));
$auth->skip(fn () => $dbForProject->updateDocument('sessions', $gitHubSession->getId(), $gitHubSession));
Authorization::skip(fn () => $dbForProject->updateDocument('sessions', $gitHubSession->getId(), $gitHubSession));
$dbForProject->purgeCachedDocument('users', $user->getId());
} catch (Throwable $err) {
@@ -124,7 +122,7 @@ $getUserGitHub = function (string $userId, Document $project, Database $dbForPro
do {
$previousAccessToken = $gitHubSession->getAttribute('providerAccessToken');
$user = $auth->skip(fn () => $dbForConsole->getDocument('users', $userId));
$user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId));
$sessions = $user->getAttribute('sessions', []);
$gitHubSession = new Document();
@@ -156,42 +154,11 @@ $getUserGitHub = function (string $userId, Document $project, Database $dbForPro
'id' => $githubId
];
} catch (Exception $error) {
if ($logger) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
$log = new Log();
$log->setNamespace('console');
$log->setServer(\gethostname());
$log->setVersion($version);
$log->setType(Log::TYPE_ERROR);
$log->setMessage($error->getMessage());
$log->addTag('code', $error->getCode());
$log->addTag('verboseType', get_class($error));
$log->addExtra('file', $error->getFile());
$log->addExtra('line', $error->getLine());
$log->addExtra('trace', $error->getTraceAsString());
$log->addExtra('detailedTrace', $error->getTrace());
$log->setAction('avatarsGetGitHub');
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
$responseCode = $logger->addLog($log);
Console::info('GitHub error log pushed with status code: ' . $responseCode);
}
Console::warning("Failed: {$error->getMessage()}");
Console::warning($error->getTraceAsString());
return [];
}
};
Http::get('/v1/avatars/credit-cards/:code')
App::get('/v1/avatars/credit-cards/:code')
->desc('Get credit card icon')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -211,7 +178,7 @@ Http::get('/v1/avatars/credit-cards/:code')
->inject('response')
->action(fn (string $code, int $width, int $height, int $quality, Response $response) => $avatarCallback('credit-cards', $code, $width, $height, $quality, $response));
Http::get('/v1/avatars/browsers/:code')
App::get('/v1/avatars/browsers/:code')
->desc('Get browser icon')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -231,7 +198,7 @@ Http::get('/v1/avatars/browsers/:code')
->inject('response')
->action(fn (string $code, int $width, int $height, int $quality, Response $response) => $avatarCallback('browsers', $code, $width, $height, $quality, $response));
Http::get('/v1/avatars/flags/:code')
App::get('/v1/avatars/flags/:code')
->desc('Get country flag')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -251,7 +218,7 @@ Http::get('/v1/avatars/flags/:code')
->inject('response')
->action(fn (string $code, int $width, int $height, int $quality, Response $response) => $avatarCallback('flags', $code, $width, $height, $quality, $response));
Http::get('/v1/avatars/image')
App::get('/v1/avatars/image')
->desc('Get image from URL')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -314,7 +281,7 @@ Http::get('/v1/avatars/image')
unset($image);
});
Http::get('/v1/avatars/favicon')
App::get('/v1/avatars/favicon')
->desc('Get favicon')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -459,7 +426,7 @@ Http::get('/v1/avatars/favicon')
unset($image);
});
Http::get('/v1/avatars/qr')
App::get('/v1/avatars/qr')
->desc('Get QR code')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -499,7 +466,7 @@ Http::get('/v1/avatars/qr')
->send($image->output('png', 9));
});
Http::get('/v1/avatars/initials')
App::get('/v1/avatars/initials')
->desc('Get user initials')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
@@ -582,8 +549,8 @@ Http::get('/v1/avatars/initials')
->file($image->getImageBlob());
});
Http::get('/v1/cards/cloud')
->desc('Get Front Of Cloud Card')
App::get('/v1/cards/cloud')
->desc('Get front Of Cloud Card')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
->label('cache', true)
@@ -604,9 +571,8 @@ Http::get('/v1/cards/cloud')
->inject('contributors')
->inject('employees')
->inject('logger')
->inject('auth')
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger, Authorization $auth) use ($getUserGitHub) {
$user = $auth->skip(fn () => $dbForConsole->getDocument('users', $userId));
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger) use ($getUserGitHub) {
$user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId));
if ($user->isEmpty() && empty($mock)) {
throw new Exception(Exception::USER_NOT_FOUND);
@@ -617,7 +583,7 @@ Http::get('/v1/cards/cloud')
$email = $user->getAttribute('email', '');
$createdAt = new \DateTime($user->getCreatedAt());
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger, $auth);
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger);
$githubName = $gitHub['name'] ?? '';
$githubId = $gitHub['id'] ?? '';
@@ -790,8 +756,8 @@ Http::get('/v1/cards/cloud')
->file($baseImage->getImageBlob());
});
Http::get('/v1/cards/cloud-back')
->desc('Get Back Of Cloud Card')
App::get('/v1/cards/cloud-back')
->desc('Get back Of Cloud Card')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
->label('cache', true)
@@ -812,9 +778,8 @@ Http::get('/v1/cards/cloud-back')
->inject('contributors')
->inject('employees')
->inject('logger')
->inject('auth')
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger, Authorization $auth) use ($getUserGitHub) {
$user = $auth->skip(fn () => $dbForConsole->getDocument('users', $userId));
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger) use ($getUserGitHub) {
$user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId));
if ($user->isEmpty() && empty($mock)) {
throw new Exception(Exception::USER_NOT_FOUND);
@@ -824,7 +789,7 @@ Http::get('/v1/cards/cloud-back')
$userId = $user->getId();
$email = $user->getAttribute('email', '');
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger, $auth);
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger);
$githubId = $gitHub['id'] ?? '';
$isHero = \array_key_exists($email, $heroes);
@@ -869,8 +834,8 @@ Http::get('/v1/cards/cloud-back')
->file($baseImage->getImageBlob());
});
Http::get('/v1/cards/cloud-og')
->desc('Get OG Image From Cloud Card')
App::get('/v1/cards/cloud-og')
->desc('Get OG image From Cloud Card')
->groups(['api', 'avatars'])
->label('scope', 'avatars.read')
->label('cache', true)
@@ -891,9 +856,8 @@ Http::get('/v1/cards/cloud-og')
->inject('contributors')
->inject('employees')
->inject('logger')
->inject('auth')
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger, Authorization $auth) use ($getUserGitHub) {
$user = $auth->skip(fn () => $dbForConsole->getDocument('users', $userId));
->action(function (string $userId, string $mock, int $width, int $height, Document $user, Document $project, Database $dbForProject, Database $dbForConsole, Response $response, array $heroes, array $contributors, array $employees, ?Logger $logger) use ($getUserGitHub) {
$user = Authorization::skip(fn () => $dbForConsole->getDocument('users', $userId));
if ($user->isEmpty() && empty($mock)) {
throw new Exception(Exception::USER_NOT_FOUND);
@@ -908,7 +872,7 @@ Http::get('/v1/cards/cloud-og')
$email = $user->getAttribute('email', '');
$createdAt = new \DateTime($user->getCreatedAt());
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger, $auth);
$gitHub = $getUserGitHub($user->getId(), $project, $dbForProject, $dbForConsole, $logger);
$githubName = $gitHub['name'] ?? '';
$githubId = $gitHub['id'] ?? '';
app/controllers/api/console.php
+6 -6
View File
@@ -2,12 +2,12 @@
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Database\Document;
use Utopia\Http\Http;
use Utopia\Http\Validator\Text;
use Utopia\System\System;
use Utopia\Validator\Text;
Http::init()
App::init()
->groups(['console'])
->inject('project')
->action(function (Document $project) {
@@ -17,7 +17,7 @@ Http::init()
});
Http::get('/v1/console/variables')
App::get('/v1/console/variables')
->desc('Get variables')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
@@ -56,8 +56,8 @@ Http::get('/v1/console/variables')
$response->dynamic($variables, Response::MODEL_CONSOLE_VARIABLES);
});
Http::post('/v1/console/assistant')
->desc('Ask Query')
App::post('/v1/console/assistant')
->desc('Ask query')
->groups(['api', 'assistant'])
->label('scope', 'assistant.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
app/controllers/api/databases.php
+213 -245
View File
File diff suppressed because it is too large Load Diff
app/controllers/api/functions.php
+100 -116
View File
@@ -2,7 +2,6 @@
use Ahc\Jwt\JWT;
use Appwrite\Auth\Auth;
use Appwrite\Auth\Authentication;
use Appwrite\Event\Build;
use Appwrite\Event\Delete;
use Appwrite\Event\Event;
@@ -21,11 +20,11 @@ use Appwrite\Utopia\Database\Validator\CustomId;
use Appwrite\Utopia\Database\Validator\Queries\Deployments;
use Appwrite\Utopia\Database\Validator\Queries\Executions;
use Appwrite\Utopia\Database\Validator\Queries\Functions;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Appwrite\Utopia\Response\Model\Rule;
use Executor\Executor;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
@@ -38,25 +37,24 @@ use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Authorization\Input;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\Roles;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\AnyOf;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Assoc;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Nullable;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Storage\Device;
use Utopia\Storage\Validator\File;
use Utopia\Storage\Validator\FileExt;
use Utopia\Storage\Validator\FileSize;
use Utopia\Storage\Validator\Upload;
use Utopia\Swoole\Request;
use Utopia\System\System;
use Utopia\Validator\AnyOf;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Assoc;
use Utopia\Validator\Boolean;
use Utopia\Validator\Nullable;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
use Utopia\VCS\Adapter\Git\GitHub;
use Utopia\VCS\Exception\RepositoryNotFound;
@@ -135,7 +133,7 @@ $redeployVcs = function (Request $request, Document $function, Document $project
->setTemplate($template);
};
Http::post('/v1/functions')
App::post('/v1/functions')
->groups(['api', 'functions'])
->desc('Create function')
->label('scope', 'functions.write')
@@ -173,8 +171,8 @@ Http::post('/v1/functions')
->param('specification', APP_FUNCTION_SPECIFICATION_DEFAULT, fn (array $plan) => new RuntimeSpecification(
$plan,
Config::getParam('runtime-specifications', []),
System::getEnv('_APP_FUNCTIONS_CPUS', APP_FUNCTION_CPUS_DEFAULT),
System::getEnv('_APP_FUNCTIONS_MEMORY', APP_FUNCTION_MEMORY_DEFAULT)
App::getEnv('_APP_FUNCTIONS_CPUS', APP_FUNCTION_CPUS_DEFAULT),
App::getEnv('_APP_FUNCTIONS_MEMORY', APP_FUNCTION_MEMORY_DEFAULT)
), 'Runtime specification for the function and builds.', true, ['plan'])
->inject('request')
->inject('response')
@@ -185,8 +183,7 @@ Http::post('/v1/functions')
->inject('queueForBuilds')
->inject('dbForConsole')
->inject('gitHub')
->inject('authorization')
->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $templateRepository, string $templateOwner, string $templateRootDirectory, string $templateVersion, string $specification, Request $request, Response $response, Database $dbForProject, Document $project, Document $user, Event $queueForEvents, Build $queueForBuilds, Database $dbForConsole, GitHub $github, Authorization $authorization) use ($redeployVcs) {
->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $templateRepository, string $templateOwner, string $templateRootDirectory, string $templateVersion, string $specification, Request $request, Response $response, Database $dbForProject, Document $project, Document $user, Event $queueForEvents, Build $queueForBuilds, Database $dbForConsole, GitHub $github) use ($redeployVcs) {
$functionId = ($functionId == 'unique()') ? ID::unique() : $functionId;
$allowList = \array_filter(\explode(',', System::getEnv('_APP_FUNCTIONS_RUNTIMES', '')));
@@ -250,7 +247,7 @@ Http::post('/v1/functions')
'specification' => $specification
]));
$schedule = $authorization->skip(
$schedule = Authorization::skip(
fn () => $dbForConsole->createDocument('schedules', new Document([
'region' => System::getEnv('_APP_REGION', 'default'), // Todo replace with projects region
'resourceType' => 'function',
@@ -332,7 +329,7 @@ Http::post('/v1/functions')
$routeSubdomain = ID::unique();
$domain = "{$routeSubdomain}.{$functionsDomain}";
$rule = $authorization->skip(
$rule = Authorization::skip(
fn () => $dbForConsole->createDocument('rules', new Document([
'$id' => $ruleId,
'projectId' => $project->getId(),
@@ -399,7 +396,7 @@ Http::post('/v1/functions')
->dynamic($function, Response::MODEL_FUNCTION);
});
Http::get('/v1/functions')
App::get('/v1/functions')
->groups(['api', 'functions'])
->desc('List functions')
->label('scope', 'functions.read')
@@ -453,7 +450,7 @@ Http::get('/v1/functions')
]), Response::MODEL_FUNCTION_LIST);
});
Http::get('/v1/functions/runtimes')
App::get('/v1/functions/runtimes')
->groups(['api', 'functions'])
->desc('List runtimes')
->label('scope', 'functions.read')
@@ -486,7 +483,7 @@ Http::get('/v1/functions/runtimes')
]), Response::MODEL_RUNTIME_LIST);
});
Http::get('/v1/functions/specifications')
App::get('/v1/functions/specifications')
->groups(['api', 'functions'])
->desc('List available function runtime specifications')
->label('scope', 'functions.read')
@@ -522,7 +519,7 @@ Http::get('/v1/functions/specifications')
]), Response::MODEL_SPECIFICATION_LIST);
});
Http::get('/v1/functions/:functionId')
App::get('/v1/functions/:functionId')
->groups(['api', 'functions'])
->desc('Get function')
->label('scope', 'functions.read')
@@ -546,7 +543,7 @@ Http::get('/v1/functions/:functionId')
$response->dynamic($function, Response::MODEL_FUNCTION);
});
Http::get('/v1/functions/:functionId/usage')
App::get('/v1/functions/:functionId/usage')
->desc('Get function usage')
->groups(['api', 'functions', 'usage'])
->label('scope', 'functions.read')
@@ -560,8 +557,7 @@ Http::get('/v1/functions/:functionId/usage')
->param('range', '30d', new WhiteList(['24h', '30d', '90d']), 'Date range.', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $functionId, string $range, Response $response, Database $dbForProject, Authorization $authorization) {
->action(function (string $functionId, string $range, Response $response, Database $dbForProject) {
$function = $dbForProject->getDocument('functions', $functionId);
@@ -584,7 +580,7 @@ Http::get('/v1/functions/:functionId/usage')
str_replace('{functionInternalId}', $function->getInternalId(), METRIC_FUNCTION_ID_EXECUTIONS_MB_SECONDS)
];
$authorization->skip(function () use ($dbForProject, $days, $metrics, &$stats) {
Authorization::skip(function () use ($dbForProject, $days, $metrics, &$stats) {
foreach ($metrics as $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
@@ -651,7 +647,7 @@ Http::get('/v1/functions/:functionId/usage')
]), Response::MODEL_USAGE_FUNCTION);
});
Http::get('/v1/functions/usage')
App::get('/v1/functions/usage')
->desc('Get functions usage')
->groups(['api', 'functions'])
->label('scope', 'functions.read')
@@ -664,8 +660,7 @@ Http::get('/v1/functions/usage')
->param('range', '30d', new WhiteList(['24h', '30d', '90d']), 'Date range.', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $range, Response $response, Database $dbForProject, Authorization $authorization) {
->action(function (string $range, Response $response, Database $dbForProject) {
$periods = Config::getParam('usage', []);
$stats = $usage = [];
@@ -683,7 +678,7 @@ Http::get('/v1/functions/usage')
METRIC_EXECUTIONS_MB_SECONDS,
];
$authorization->skip(function () use ($dbForProject, $days, $metrics, &$stats) {
Authorization::skip(function () use ($dbForProject, $days, $metrics, &$stats) {
foreach ($metrics as $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
@@ -751,7 +746,7 @@ Http::get('/v1/functions/usage')
]), Response::MODEL_USAGE_FUNCTIONS);
});
Http::put('/v1/functions/:functionId')
App::put('/v1/functions/:functionId')
->groups(['api', 'functions'])
->desc('Update function')
->label('scope', 'functions.write')
@@ -785,8 +780,8 @@ Http::put('/v1/functions/:functionId')
->param('specification', APP_FUNCTION_SPECIFICATION_DEFAULT, fn (array $plan) => new RuntimeSpecification(
$plan,
Config::getParam('runtime-specifications', []),
System::getEnv('_APP_FUNCTIONS_CPUS', APP_FUNCTION_CPUS_DEFAULT),
System::getEnv('_APP_FUNCTIONS_MEMORY', APP_FUNCTION_MEMORY_DEFAULT)
App::getEnv('_APP_FUNCTIONS_CPUS', APP_FUNCTION_CPUS_DEFAULT),
App::getEnv('_APP_FUNCTIONS_MEMORY', APP_FUNCTION_MEMORY_DEFAULT)
), 'Runtime specification for the function and builds.', true, ['plan'])
->inject('request')
->inject('response')
@@ -796,8 +791,7 @@ Http::put('/v1/functions/:functionId')
->inject('queueForBuilds')
->inject('dbForConsole')
->inject('gitHub')
->inject('authorization')
->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, ?string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $specification, Request $request, Response $response, Database $dbForProject, Document $project, Event $queueForEvents, Build $queueForBuilds, Database $dbForConsole, GitHub $github, Authorization $authorization) use ($redeployVcs) {
->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, ?string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $specification, Request $request, Response $response, Database $dbForProject, Document $project, Event $queueForEvents, Build $queueForBuilds, Database $dbForConsole, GitHub $github) use ($redeployVcs) {
// TODO: If only branch changes, re-deploy
$function = $dbForProject->getDocument('functions', $functionId);
@@ -900,7 +894,7 @@ Http::put('/v1/functions/:functionId')
// Enforce Cold Start if spec limits change.
if ($function->getAttribute('specification') !== $specification && !empty($function->getAttribute('deployment'))) {
$executor = new Executor(System::getEnv('_APP_EXECUTOR_HOST'));
$executor = new Executor(App::getEnv('_APP_EXECUTOR_HOST'));
try {
$executor->deleteRuntime($project->getId(), $function->getAttribute('deployment'));
} catch (\Throwable $th) {
@@ -947,14 +941,14 @@ Http::put('/v1/functions/:functionId')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('schedule', $function->getAttribute('schedule'))
->setAttribute('active', !empty($function->getAttribute('schedule')) && !empty($function->getAttribute('deployment')));
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$queueForEvents->setParam('functionId', $function->getId());
$response->dynamic($function, Response::MODEL_FUNCTION);
});
Http::get('/v1/functions/:functionId/deployments/:deploymentId/download')
App::get('/v1/functions/:functionId/deployments/:deploymentId/download')
->groups(['api', 'functions'])
->desc('Download deployment')
->label('scope', 'functions.read')
@@ -1039,7 +1033,7 @@ Http::get('/v1/functions/:functionId/deployments/:deploymentId/download')
}
});
Http::patch('/v1/functions/:functionId/deployments/:deploymentId')
App::patch('/v1/functions/:functionId/deployments/:deploymentId')
->groups(['api', 'functions'])
->desc('Update deployment')
->label('scope', 'functions.write')
@@ -1059,8 +1053,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId')
->inject('dbForProject')
->inject('queueForEvents')
->inject('dbForConsole')
->inject('authorization')
->action(function (string $functionId, string $deploymentId, Response $response, Database $dbForProject, Event $queueForEvents, Database $dbForConsole, Authorization $authorization) {
->action(function (string $functionId, string $deploymentId, Response $response, Database $dbForProject, Event $queueForEvents, Database $dbForConsole) {
$function = $dbForProject->getDocument('functions', $functionId);
$deployment = $dbForProject->getDocument('deployments', $deploymentId);
@@ -1093,7 +1086,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('schedule', $function->getAttribute('schedule'))
->setAttribute('active', !empty($function->getAttribute('schedule')) && !empty($function->getAttribute('deployment')));
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$queueForEvents
->setParam('functionId', $function->getId())
@@ -1102,7 +1095,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId')
$response->dynamic($function, Response::MODEL_FUNCTION);
});
Http::delete('/v1/functions/:functionId')
App::delete('/v1/functions/:functionId')
->groups(['api', 'functions'])
->desc('Delete function')
->label('scope', 'functions.write')
@@ -1121,8 +1114,7 @@ Http::delete('/v1/functions/:functionId')
->inject('queueForDeletes')
->inject('queueForEvents')
->inject('dbForConsole')
->inject('authorization')
->action(function (string $functionId, Response $response, Database $dbForProject, Delete $queueForDeletes, Event $queueForEvents, Database $dbForConsole, Authorization $authorization) {
->action(function (string $functionId, Response $response, Database $dbForProject, Delete $queueForDeletes, Event $queueForEvents, Database $dbForConsole) {
$function = $dbForProject->getDocument('functions', $functionId);
@@ -1139,7 +1131,7 @@ Http::delete('/v1/functions/:functionId')
$schedule
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('active', false);
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$queueForDeletes
->setType(DELETE_TYPE_DOCUMENT)
@@ -1150,7 +1142,7 @@ Http::delete('/v1/functions/:functionId')
$response->noContent();
});
Http::post('/v1/functions/:functionId/deployments')
App::post('/v1/functions/:functionId/deployments')
->groups(['api', 'functions'])
->desc('Create deployment')
->label('scope', 'functions.write')
@@ -1369,7 +1361,7 @@ Http::post('/v1/functions/:functionId/deployments')
->dynamic($deployment, Response::MODEL_DEPLOYMENT);
});
Http::get('/v1/functions/:functionId/deployments')
App::get('/v1/functions/:functionId/deployments')
->groups(['api', 'functions'])
->desc('List deployments')
->label('scope', 'functions.read')
@@ -1446,7 +1438,7 @@ Http::get('/v1/functions/:functionId/deployments')
]), Response::MODEL_DEPLOYMENT_LIST);
});
Http::get('/v1/functions/:functionId/deployments/:deploymentId')
App::get('/v1/functions/:functionId/deployments/:deploymentId')
->groups(['api', 'functions'])
->desc('Get deployment')
->label('scope', 'functions.read')
@@ -1489,7 +1481,7 @@ Http::get('/v1/functions/:functionId/deployments/:deploymentId')
$response->dynamic($deployment, Response::MODEL_DEPLOYMENT);
});
Http::delete('/v1/functions/:functionId/deployments/:deploymentId')
App::delete('/v1/functions/:functionId/deployments/:deploymentId')
->groups(['api', 'functions'])
->desc('Delete deployment')
->label('scope', 'functions.write')
@@ -1553,7 +1545,7 @@ Http::delete('/v1/functions/:functionId/deployments/:deploymentId')
$response->noContent();
});
Http::post('/v1/functions/:functionId/deployments/:deploymentId/build')
App::post('/v1/functions/:functionId/deployments/:deploymentId/build')
->alias('/v1/functions/:functionId/deployments/:deploymentId/builds/:buildId')
->groups(['api', 'functions'])
->desc('Rebuild deployment')
@@ -1576,8 +1568,7 @@ Http::post('/v1/functions/:functionId/deployments/:deploymentId/build')
->inject('queueForEvents')
->inject('queueForBuilds')
->inject('deviceForFunctions')
->inject('authorization')
->action(function (string $functionId, string $deploymentId, string $buildId, Request $request, Response $response, Database $dbForProject, Document $project, Event $queueForEvents, Build $queueForBuilds, Device $deviceForFunctions, Authorization $authorization) {
->action(function (string $functionId, string $deploymentId, string $buildId, Request $request, Response $response, Database $dbForProject, Document $project, Event $queueForEvents, Build $queueForBuilds, Device $deviceForFunctions) {
$function = $dbForProject->getDocument('functions', $functionId);
if ($function->isEmpty()) {
@@ -1623,7 +1614,7 @@ Http::post('/v1/functions/:functionId/deployments/:deploymentId/build')
$response->noContent();
});
Http::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
App::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
->groups(['api', 'functions'])
->desc('Cancel deployment')
->label('scope', 'functions.write')
@@ -1641,8 +1632,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
->inject('dbForProject')
->inject('project')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $functionId, string $deploymentId, Response $response, Database $dbForProject, Document $project, Event $queueForEvents, Authorization $authorization) {
->action(function (string $functionId, string $deploymentId, Response $response, Database $dbForProject, Document $project, Event $queueForEvents) {
$function = $dbForProject->getDocument('functions', $functionId);
if ($function->isEmpty()) {
@@ -1655,7 +1645,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
throw new Exception(Exception::DEPLOYMENT_NOT_FOUND);
}
$build = $authorization->skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
$build = Authorization::skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
if ($build->isEmpty()) {
$buildId = ID::unique();
@@ -1697,7 +1687,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
$dbForProject->purgeCachedDocument('deployments', $deployment->getId());
try {
$executor = new Executor(System::getEnv('_APP_EXECUTOR_HOST'));
$executor = new Executor(App::getEnv('_APP_EXECUTOR_HOST'));
$executor->deleteRuntime($project->getId(), $deploymentId . "-build");
} catch (\Throwable $th) {
// Don't throw if the deployment doesn't exist
@@ -1713,7 +1703,7 @@ Http::patch('/v1/functions/:functionId/deployments/:deploymentId/build')
$response->dynamic($build, Response::MODEL_BUILD);
});
Http::post('/v1/functions/:functionId/executions')
App::post('/v1/functions/:functionId/executions')
->groups(['api', 'functions'])
->desc('Create execution')
->label('scope', 'execution.write')
@@ -1728,7 +1718,7 @@ Http::post('/v1/functions/:functionId/executions')
->label('sdk.request.type', Response::CONTENT_TYPE_JSON)
->param('functionId', '', new UID(), 'Function ID.')
->param('body', '', new Payload(10485760, 0), 'HTTP body of execution. Default value is empty string.', true)
->param('async', false, new Boolean(), 'Execute code in the background. Default value is false.', true)
->param('async', false, new Boolean(true), 'Execute code in the background. Default value is false.', true)
->param('path', '/', new Text(2048), 'HTTP path of execution. Path can include query params. Default value is /', true)
->param('method', 'POST', new Whitelist(['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'], true), 'HTTP method of execution. Default value is GET.', true)
->param('headers', [], new AnyOf([new Assoc(), new Text(65535)], AnyOf::TYPE_MIXED), 'HTTP headers of execution. Defaults to empty.', true)
@@ -1743,9 +1733,8 @@ Http::post('/v1/functions/:functionId/executions')
->inject('queueForUsage')
->inject('queueForFunctions')
->inject('geodb')
->inject('authorization')
->inject('authentication')
->action(function (string $functionId, string $body, bool $async, string $path, string $method, array $headers, ?string $scheduledAt, Response $response, Request $request, Document $project, Database $dbForProject, Database $dbForConsole, Document $user, Event $queueForEvents, Usage $queueForUsage, Func $queueForFunctions, Reader $geodb, Authorization $authorization, Authentication $authentication) {
->action(function (string $functionId, string $body, mixed $async, string $path, string $method, mixed $headers, ?string $scheduledAt, Response $response, Request $request, Document $project, Database $dbForProject, Database $dbForConsole, Document $user, Event $queueForEvents, Usage $queueForUsage, Func $queueForFunctions, Reader $geodb) {
$async = \strval($async) === 'true' || \strval($async) === '1';
if (!$async && !is_null($scheduledAt)) {
throw new Exception(Exception::GENERAL_BAD_REQUEST, 'Scheduled executions must run asynchronously. Set scheduledAt to a future date, or set async to true.');
@@ -1774,10 +1763,10 @@ Http::post('/v1/functions/:functionId/executions')
throw new Exception($validator->getDescription(), 400);
}
$function = $authorization->skip(fn () => $dbForProject->getDocument('functions', $functionId));
$function = Authorization::skip(fn () => $dbForProject->getDocument('functions', $functionId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($function->isEmpty() || (!$function->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::FUNCTION_NOT_FOUND);
@@ -1793,7 +1782,7 @@ Http::post('/v1/functions/:functionId/executions')
throw new Exception(Exception::FUNCTION_RUNTIME_UNSUPPORTED, 'Runtime "' . $function->getAttribute('runtime', '') . '" is not supported');
}
$deployment = $authorization->skip(fn () => $dbForProject->getDocument('deployments', $function->getAttribute('deployment', '')));
$deployment = Authorization::skip(fn () => $dbForProject->getDocument('deployments', $function->getAttribute('deployment', '')));
if ($deployment->getAttribute('resourceId') !== $function->getId()) {
throw new Exception(Exception::DEPLOYMENT_NOT_FOUND, 'Deployment not found. Create a deployment before trying to execute a function');
@@ -1804,7 +1793,7 @@ Http::post('/v1/functions/:functionId/executions')
}
/** Check if build has completed */
$build = $authorization->skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
$build = Authorization::skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
if ($build->isEmpty()) {
throw new Exception(Exception::BUILD_NOT_FOUND);
}
@@ -1813,8 +1802,10 @@ Http::post('/v1/functions/:functionId/executions')
throw new Exception(Exception::BUILD_NOT_READY);
}
if (!$authorization->isValid(new Input('execute', $function->getAttribute('execute')))) { // Check if user has write access to execute function
throw new Exception(Exception::USER_UNAUTHORIZED, $authorization->getDescription());
$validator = new Authorization('execute');
if (!$validator->isValid($function->getAttribute('execute'))) { // Check if user has write access to execute function
throw new Exception(Exception::USER_UNAUTHORIZED, $validator->getDescription());
}
$jwt = ''; // initialize
@@ -1824,7 +1815,7 @@ Http::post('/v1/functions/:functionId/executions')
foreach ($sessions as $session) {
/** @var Utopia\Database\Document $session */
if ($session->getAttribute('secret') == Auth::hash($authentication->getSecret())) { // If current session delete the cookies too
if ($session->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
$current = $session;
}
}
@@ -1908,9 +1899,8 @@ Http::post('/v1/functions/:functionId/executions')
->setContext('function', $function);
if ($async) {
if (is_null($scheduledAt)) {
$execution = $authorization->skip(fn () => $dbForProject->createDocument('executions', $execution));
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', $execution));
$queueForFunctions
->setType('http')
->setExecution($execution)
@@ -1931,7 +1921,7 @@ Http::post('/v1/functions/:functionId/executions')
'path' => $path,
'method' => $method,
'body' => $body,
'jwt' => $jwt,
'userId' => $user->getId()
];
$schedule = $dbForConsole->createDocument('schedules', new Document([
@@ -1951,7 +1941,7 @@ Http::post('/v1/functions/:functionId/executions')
->setAttribute('scheduleInternalId', $schedule->getInternalId())
->setAttribute('scheduledAt', $scheduledAt);
$execution = $authorization->skip(fn () => $dbForProject->createDocument('executions', $execution));
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', $execution));
}
return $response
@@ -2037,7 +2027,8 @@ Http::post('/v1/functions/:functionId/executions')
runtimeEntrypoint: $command,
cpus: $spec['cpus'] ?? APP_FUNCTION_CPUS_DEFAULT,
memory: $spec['memory'] ?? APP_FUNCTION_MEMORY_DEFAULT,
logging: $function->getAttribute('logging', true)
logging: $function->getAttribute('logging', true),
requestTimeout: 30
);
$headersFiltered = [];
@@ -2078,10 +2069,10 @@ Http::post('/v1/functions/:functionId/executions')
->addMetric(str_replace('{functionInternalId}', $function->getInternalId(), METRIC_FUNCTION_ID_EXECUTIONS_MB_SECONDS), (int)(($spec['memory'] ?? APP_FUNCTION_MEMORY_DEFAULT) * $execution->getAttribute('duration', 0) * ($spec['cpus'] ?? APP_FUNCTION_CPUS_DEFAULT)))
;
$execution = $authorization->skip(fn () => $dbForProject->createDocument('executions', $execution));
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', $execution));
}
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles);
@@ -2114,7 +2105,7 @@ Http::post('/v1/functions/:functionId/executions')
->dynamic($execution, Response::MODEL_EXECUTION);
});
Http::get('/v1/functions/:functionId/executions')
App::get('/v1/functions/:functionId/executions')
->groups(['api', 'functions'])
->desc('List executions')
->label('scope', 'execution.read')
@@ -2131,12 +2122,11 @@ Http::get('/v1/functions/:functionId/executions')
->inject('response')
->inject('dbForProject')
->inject('mode')
->inject('authorization')
->action(function (string $functionId, array $queries, string $search, Response $response, Database $dbForProject, string $mode, Authorization $authorization) {
$function = $authorization->skip(fn () => $dbForProject->getDocument('functions', $functionId));
->action(function (string $functionId, array $queries, string $search, Response $response, Database $dbForProject, string $mode) {
$function = Authorization::skip(fn () => $dbForProject->getDocument('functions', $functionId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($function->isEmpty() || (!$function->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::FUNCTION_NOT_FOUND);
@@ -2179,7 +2169,7 @@ Http::get('/v1/functions/:functionId/executions')
$results = $dbForProject->find('executions', $queries);
$total = $dbForProject->count('executions', $filterQueries, APP_LIMIT_COUNT);
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles);
if (!$isPrivilegedUser && !$isAppUser) {
@@ -2196,7 +2186,7 @@ Http::get('/v1/functions/:functionId/executions')
]), Response::MODEL_EXECUTION_LIST);
});
Http::get('/v1/functions/:functionId/executions/:executionId')
App::get('/v1/functions/:functionId/executions/:executionId')
->groups(['api', 'functions'])
->desc('Get execution')
->label('scope', 'execution.read')
@@ -2212,12 +2202,11 @@ Http::get('/v1/functions/:functionId/executions/:executionId')
->inject('response')
->inject('dbForProject')
->inject('mode')
->inject('authorization')
->action(function (string $functionId, string $executionId, Response $response, Database $dbForProject, string $mode, Authorization $authorization) {
$function = $authorization->skip(fn () => $dbForProject->getDocument('functions', $functionId));
->action(function (string $functionId, string $executionId, Response $response, Database $dbForProject, string $mode) {
$function = Authorization::skip(fn () => $dbForProject->getDocument('functions', $functionId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($function->isEmpty() || (!$function->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::FUNCTION_NOT_FOUND);
@@ -2233,7 +2222,7 @@ Http::get('/v1/functions/:functionId/executions/:executionId')
throw new Exception(Exception::EXECUTION_NOT_FOUND);
}
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles);
if (!$isPrivilegedUser && !$isAppUser) {
@@ -2244,7 +2233,7 @@ Http::get('/v1/functions/:functionId/executions/:executionId')
$response->dynamic($execution, Response::MODEL_EXECUTION);
});
Http::delete('/v1/functions/:functionId/executions/:executionId')
App::delete('/v1/functions/:functionId/executions/:executionId')
->groups(['api', 'functions'])
->desc('Delete execution')
->label('scope', 'execution.write')
@@ -2263,8 +2252,7 @@ Http::delete('/v1/functions/:functionId/executions/:executionId')
->inject('dbForProject')
->inject('dbForConsole')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $functionId, string $executionId, Response $response, Database $dbForProject, Database $dbForConsole, Event $queueForEvents, Authorization $authorization) {
->action(function (string $functionId, string $executionId, Response $response, Database $dbForProject, Database $dbForConsole, Event $queueForEvents) {
$function = $dbForProject->getDocument('functions', $functionId);
if ($function->isEmpty()) {
@@ -2301,7 +2289,7 @@ Http::delete('/v1/functions/:functionId/executions/:executionId')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('active', false);
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
}
}
@@ -2315,7 +2303,7 @@ Http::delete('/v1/functions/:functionId/executions/:executionId')
// Variables
Http::post('/v1/functions/:functionId/variables')
App::post('/v1/functions/:functionId/variables')
->desc('Create variable')
->groups(['api', 'functions'])
->label('scope', 'functions.write')
@@ -2334,8 +2322,7 @@ Http::post('/v1/functions/:functionId/variables')
->inject('response')
->inject('dbForProject')
->inject('dbForConsole')
->inject('authorization')
->action(function (string $functionId, string $key, string $value, Response $response, Database $dbForProject, Database $dbForConsole, Authorization $authorization) {
->action(function (string $functionId, string $key, string $value, Response $response, Database $dbForProject, Database $dbForConsole) {
$function = $dbForProject->getDocument('functions', $functionId);
if ($function->isEmpty()) {
@@ -2373,14 +2360,14 @@ Http::post('/v1/functions/:functionId/variables')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('schedule', $function->getAttribute('schedule'))
->setAttribute('active', !empty($function->getAttribute('schedule')) && !empty($function->getAttribute('deployment')));
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$response
->setStatusCode(Response::STATUS_CODE_CREATED)
->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::get('/v1/functions/:functionId/variables')
App::get('/v1/functions/:functionId/variables')
->desc('List variables')
->groups(['api', 'functions'])
->label('scope', 'functions.read')
@@ -2407,7 +2394,7 @@ Http::get('/v1/functions/:functionId/variables')
]), Response::MODEL_VARIABLE_LIST);
});
Http::get('/v1/functions/:functionId/variables/:variableId')
App::get('/v1/functions/:functionId/variables/:variableId')
->desc('Get variable')
->groups(['api', 'functions'])
->label('scope', 'functions.read')
@@ -2446,7 +2433,7 @@ Http::get('/v1/functions/:functionId/variables/:variableId')
$response->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::put('/v1/functions/:functionId/variables/:variableId')
App::put('/v1/functions/:functionId/variables/:variableId')
->desc('Update variable')
->groups(['api', 'functions'])
->label('scope', 'functions.write')
@@ -2466,8 +2453,7 @@ Http::put('/v1/functions/:functionId/variables/:variableId')
->inject('response')
->inject('dbForProject')
->inject('dbForConsole')
->inject('authorization')
->action(function (string $functionId, string $variableId, string $key, ?string $value, Response $response, Database $dbForProject, Database $dbForConsole, Authorization $authorization) {
->action(function (string $functionId, string $variableId, string $key, ?string $value, Response $response, Database $dbForProject, Database $dbForConsole) {
$function = $dbForProject->getDocument('functions', $functionId);
@@ -2503,12 +2489,12 @@ Http::put('/v1/functions/:functionId/variables/:variableId')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('schedule', $function->getAttribute('schedule'))
->setAttribute('active', !empty($function->getAttribute('schedule')) && !empty($function->getAttribute('deployment')));
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$response->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::delete('/v1/functions/:functionId/variables/:variableId')
App::delete('/v1/functions/:functionId/variables/:variableId')
->desc('Delete variable')
->groups(['api', 'functions'])
->label('scope', 'functions.write')
@@ -2525,8 +2511,7 @@ Http::delete('/v1/functions/:functionId/variables/:variableId')
->inject('response')
->inject('dbForProject')
->inject('dbForConsole')
->inject('authorization')
->action(function (string $functionId, string $variableId, Response $response, Database $dbForProject, Database $dbForConsole, Authorization $authorization) {
->action(function (string $functionId, string $variableId, Response $response, Database $dbForProject, Database $dbForConsole) {
$function = $dbForProject->getDocument('functions', $functionId);
if ($function->isEmpty()) {
@@ -2552,12 +2537,12 @@ Http::delete('/v1/functions/:functionId/variables/:variableId')
->setAttribute('resourceUpdatedAt', DateTime::now())
->setAttribute('schedule', $function->getAttribute('schedule'))
->setAttribute('active', !empty($function->getAttribute('schedule')) && !empty($function->getAttribute('deployment')));
$authorization->skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
Authorization::skip(fn () => $dbForConsole->updateDocument('schedules', $schedule->getId(), $schedule));
$response->noContent();
});
Http::get('/v1/functions/templates')
App::get('/v1/functions/templates')
->groups(['api'])
->desc('List function templates')
->label('scope', 'public')
@@ -2595,7 +2580,7 @@ Http::get('/v1/functions/templates')
]), Response::MODEL_TEMPLATE_FUNCTION_LIST);
});
Http::get('/v1/functions/templates/:templateId')
App::get('/v1/functions/templates/:templateId')
->desc('Get function template')
->label('scope', 'public')
->label('sdk.namespace', 'functions')
@@ -2610,10 +2595,9 @@ Http::get('/v1/functions/templates/:templateId')
->action(function (string $templateId, Response $response) {
$templates = Config::getParam('function-templates', []);
$array = \array_filter($templates, function ($template) use ($templateId) {
$template = array_shift(\array_filter($templates, function ($template) use ($templateId) {
return $template['id'] === $templateId;
});
$template = array_shift($array);
}));
if (empty($template)) {
throw new Exception(Exception::FUNCTION_TEMPLATE_NOT_FOUND);
app/controllers/api/graphql.php
+14 -15
View File
@@ -14,28 +14,27 @@ use GraphQL\Validator\Rules\DisableIntrospection;
use GraphQL\Validator\Rules\QueryComplexity;
use GraphQL\Validator\Rules\QueryDepth;
use Swoole\Coroutine\WaitGroup;
use Utopia\App;
use Utopia\Database\Document;
use Utopia\Database\Validator\Authorization;
use Utopia\Http\Http;
use Utopia\Http\Validator\JSON;
use Utopia\Http\Validator\Text;
use Utopia\System\System;
use Utopia\Validator\JSON;
use Utopia\Validator\Text;
Http::init()
App::init()
->groups(['graphql'])
->inject('project')
->inject('authorization')
->action(function (Document $project, Authorization $authorization) {
->action(function (Document $project) {
if (
array_key_exists('graphql', $project->getAttribute('apis', []))
&& !$project->getAttribute('apis', [])['graphql']
&& !(Auth::isPrivilegedUser($authorization->getRoles()) || Auth::isAppUser($authorization->getRoles()))
&& !(Auth::isPrivilegedUser(Authorization::getRoles()) || Auth::isAppUser(Authorization::getRoles()))
) {
throw new AppwriteException(AppwriteException::GENERAL_API_DISABLED);
}
});
Http::get('/v1/graphql')
App::get('/v1/graphql')
->desc('GraphQL endpoint')
->groups(['graphql'])
->label('scope', 'graphql')
@@ -75,7 +74,7 @@ Http::get('/v1/graphql')
->json($output);
});
Http::post('/v1/graphql/mutation')
App::post('/v1/graphql/mutation')
->desc('GraphQL endpoint')
->groups(['graphql'])
->label('scope', 'graphql')
@@ -120,7 +119,7 @@ Http::post('/v1/graphql/mutation')
->json($output);
});
Http::post('/v1/graphql')
App::post('/v1/graphql')
->desc('GraphQL endpoint')
->groups(['graphql'])
->label('scope', 'graphql')
@@ -157,6 +156,7 @@ Http::post('/v1/graphql')
if (\str_starts_with($type, 'multipart/form-data')) {
$query = parseMultipart($query, $request);
}
$output = execute($schema, $promiseAdapter, $query);
$response
@@ -205,7 +205,7 @@ function execute(
$validations[] = new QueryComplexity($maxComplexity);
$validations[] = new QueryDepth($maxDepth);
}
if (Http::getMode() === Http::MODE_TYPE_PRODUCTION) {
if (App::getMode() === App::MODE_TYPE_PRODUCTION) {
$flags = DebugFlag::NONE;
}
@@ -306,10 +306,9 @@ function processResult($result, $debugFlags): array
);
}
Http::shutdown()
App::shutdown()
->groups(['schema'])
->inject('project')
->inject('schemaVariable')
->action(function (Document $project, Schema $schemaVariable) {
$schemaVariable->setDirty($project->getId());
->action(function (Document $project) {
Schema::setDirty($project->getId());
});
app/controllers/api/health.php
+151 -189
View File
@@ -3,19 +3,12 @@
use Appwrite\ClamAV\Network;
use Appwrite\Event\Event;
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Database\Adapter\MariaDB;
use Utopia\Database\Adapter\MySQL;
use Utopia\Database\Document;
use Utopia\Domains\Validator\PublicDomain;
use Utopia\Http\Http;
use Utopia\Http\Validator\Domain;
use Utopia\Http\Validator\Integer;
use Utopia\Http\Validator\Multiple;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Pools\Group;
use Utopia\Queue\Client;
use Utopia\Queue\Connection;
use Utopia\Registry\Registry;
@@ -23,8 +16,13 @@ use Utopia\Storage\Device;
use Utopia\Storage\Device\Local;
use Utopia\Storage\Storage;
use Utopia\System\System;
use Utopia\Validator\Domain;
use Utopia\Validator\Integer;
use Utopia\Validator\Multiple;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
Http::get('/v1/health')
App::get('/v1/health')
->desc('Get HTTP')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -47,7 +45,7 @@ Http::get('/v1/health')
$response->dynamic(new Document($output), Response::MODEL_HEALTH_STATUS);
});
Http::get('/v1/health/version')
App::get('/v1/health/version')
->desc('Get version')
->groups(['api', 'health'])
->label('scope', 'public')
@@ -59,7 +57,7 @@ Http::get('/v1/health/version')
$response->dynamic(new Document([ 'version' => APP_VERSION_STABLE ]), Response::MODEL_HEALTH_VERSION);
});
Http::get('/v1/health/db')
App::get('/v1/health/db')
->desc('Get DB')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -72,34 +70,21 @@ Http::get('/v1/health/db')
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->inject('connections')
->action(function (Response $response, array $pools, Connections $connections) {
->action(function (Response $response, Group $pools) {
$output = [];
$configs = [
'console' => Config::getParam('pools-console'),
'database' => Config::getParam('pools-database'),
'Console.DB' => Config::getParam('pools-console'),
'Projects.DB' => Config::getParam('pools-database'),
];
foreach ($configs as $key => $config) {
foreach ($config as $database) {
$checkStart = \microtime(true);
try {
$adapter = $pools->get($database)->pop()->getResource();
$pool = $pools['pools-'.$key.'-'.$database]['pool'];
$dsn = $pools['pools-'.$key.'-'.$database]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = match ($dsn->getScheme()) {
'mariadb' => new MariaDB($connection),
'mysql' => new MySQL($connection),
default => null
};
$adapter->setDatabase($dsn->getPath());
$checkStart = \microtime(true);
if ($adapter->ping()) {
$output[] = new Document([
@@ -126,7 +111,7 @@ Http::get('/v1/health/db')
]), Response::MODEL_HEALTH_STATUS_LIST);
});
Http::get('/v1/health/cache')
App::get('/v1/health/cache')
->desc('Get cache')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -139,8 +124,7 @@ Http::get('/v1/health/cache')
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->inject('connections')
->action(function (Response $response, array $pools, Connections $connections) {
->action(function (Response $response, Group $pools) {
$output = [];
@@ -150,142 +134,8 @@ Http::get('/v1/health/cache')
foreach ($configs as $key => $config) {
foreach ($config as $database) {
$checkStart = \microtime(true);
try {
$pool = $pools['pools-cache-' . $database]['pool'];
$dsn = $pools['pools-cache-' . $database]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = new Connection\Redis($dsn->getHost(), $dsn->getPort());
if ($adapter->ping()) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'pass',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} else {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
} catch (\Throwable $th) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} finally {
$connections->reclaim();
}
}
}
$response->dynamic(new Document([
'statuses' => $output,
'total' => count($output),
]), Response::MODEL_HEALTH_STATUS_LIST);
});
Http::get('/v1/health/queue')
->desc('Get queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY])
->label('sdk.namespace', 'health')
->label('sdk.method', 'getQueue')
->label('sdk.description', '/docs/references/health/get-queue.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->inject('connections')
->action(function (Response $response, array $pools, Connections $connections) {
$output = [];
$configs = [
'Queue' => Config::getParam('pools-queue'),
];
foreach ($configs as $key => $config) {
$checkStart = \microtime(true);
foreach ($config as $database) {
try {
$pool = $pools['pools-queue-' . $database]['pool'];
$dsn = $pools['pools-queue-' . $database]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = new Connection\Redis($dsn->getHost(), $dsn->getPort());
if ($adapter->ping()) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'pass',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} else {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
} catch (\Throwable $th) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} finally {
$connections->reclaim();
}
}
}
$response->dynamic(new Document([
'statuses' => $output,
'total' => count($output),
]), Response::MODEL_HEALTH_STATUS_LIST);
});
Http::get('/v1/health/pubsub')
->desc('Get pubsub')
->groups(['api', 'health'])
->label('scope', 'health.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY])
->label('sdk.namespace', 'health')
->label('sdk.method', 'getPubSub')
->label('sdk.description', '/docs/references/health/get-pubsub.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->inject('connections')
->action(function (Response $response, array $pools, Connections $connections) {
$output = [];
$configs = [
'PubSub' => Config::getParam('pools-pubsub'),
];
foreach ($configs as $key => $config) {
foreach ($config as $database) {
try {
$pool = $pools['pools-pubsub-' . $database]['pool'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = new Connection\Redis($connection);
$adapter = $pools->get($database)->pop()->getResource();
$checkStart = \microtime(true);
@@ -308,8 +158,6 @@ Http::get('/v1/health/pubsub')
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} finally {
$connections->reclaim();
}
}
}
@@ -320,7 +168,121 @@ Http::get('/v1/health/pubsub')
]), Response::MODEL_HEALTH_STATUS_LIST);
});
Http::get('/v1/health/time')
App::get('/v1/health/queue')
->desc('Get queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY])
->label('sdk.namespace', 'health')
->label('sdk.method', 'getQueue')
->label('sdk.description', '/docs/references/health/get-queue.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->action(function (Response $response, Group $pools) {
$output = [];
$configs = [
'Queue' => Config::getParam('pools-queue'),
];
foreach ($configs as $key => $config) {
foreach ($config as $database) {
try {
$adapter = $pools->get($database)->pop()->getResource();
$checkStart = \microtime(true);
if ($adapter->ping()) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'pass',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} else {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
} catch (\Throwable $th) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
}
}
$response->dynamic(new Document([
'statuses' => $output,
'total' => count($output),
]), Response::MODEL_HEALTH_STATUS_LIST);
});
App::get('/v1/health/pubsub')
->desc('Get pubsub')
->groups(['api', 'health'])
->label('scope', 'health.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY])
->label('sdk.namespace', 'health')
->label('sdk.method', 'getPubSub')
->label('sdk.description', '/docs/references/health/get-pubsub.md')
->label('sdk.response.code', Response::STATUS_CODE_OK)
->label('sdk.response.type', Response::CONTENT_TYPE_JSON)
->label('sdk.response.model', Response::MODEL_HEALTH_STATUS)
->inject('response')
->inject('pools')
->action(function (Response $response, Group $pools) {
$output = [];
$configs = [
'PubSub' => Config::getParam('pools-pubsub'),
];
foreach ($configs as $key => $config) {
foreach ($config as $database) {
try {
$adapter = $pools->get($database)->pop()->getResource();
$checkStart = \microtime(true);
if ($adapter->ping()) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'pass',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
} else {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
} catch (\Throwable $th) {
$output[] = new Document([
'name' => $key . " ($database)",
'status' => 'fail',
'ping' => \round((\microtime(true) - $checkStart) / 1000)
]);
}
}
}
$response->dynamic(new Document([
'statuses' => $output,
'total' => count($output),
]), Response::MODEL_HEALTH_STATUS_LIST);
});
App::get('/v1/health/time')
->desc('Get time')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -377,7 +339,7 @@ Http::get('/v1/health/time')
$response->dynamic(new Document($output), Response::MODEL_HEALTH_TIME);
});
Http::get('/v1/health/queue/webhooks')
App::get('/v1/health/queue/webhooks')
->desc('Get webhooks queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -404,7 +366,7 @@ Http::get('/v1/health/queue/webhooks')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/logs')
App::get('/v1/health/queue/logs')
->desc('Get logs queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -431,7 +393,7 @@ Http::get('/v1/health/queue/logs')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/certificate')
App::get('/v1/health/certificate')
->desc('Get the SSL certificate for a domain')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -481,7 +443,7 @@ Http::get('/v1/health/certificate')
]), Response::MODEL_HEALTH_CERTIFICATE);
}, ['response']);
Http::get('/v1/health/queue/certificates')
App::get('/v1/health/queue/certificates')
->desc('Get certificates queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -508,7 +470,7 @@ Http::get('/v1/health/queue/certificates')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/builds')
App::get('/v1/health/queue/builds')
->desc('Get builds queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -535,7 +497,7 @@ Http::get('/v1/health/queue/builds')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/databases')
App::get('/v1/health/queue/databases')
->desc('Get databases queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -563,7 +525,7 @@ Http::get('/v1/health/queue/databases')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/deletes')
App::get('/v1/health/queue/deletes')
->desc('Get deletes queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -590,7 +552,7 @@ Http::get('/v1/health/queue/deletes')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/mails')
App::get('/v1/health/queue/mails')
->desc('Get mails queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -617,7 +579,7 @@ Http::get('/v1/health/queue/mails')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/messaging')
App::get('/v1/health/queue/messaging')
->desc('Get messaging queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -644,7 +606,7 @@ Http::get('/v1/health/queue/messaging')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/migrations')
App::get('/v1/health/queue/migrations')
->desc('Get migrations queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -671,7 +633,7 @@ Http::get('/v1/health/queue/migrations')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/functions')
App::get('/v1/health/queue/functions')
->desc('Get functions queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -698,7 +660,7 @@ Http::get('/v1/health/queue/functions')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
}, ['response']);
Http::get('/v1/health/queue/usage')
App::get('/v1/health/queue/usage')
->desc('Get usage queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -725,7 +687,7 @@ Http::get('/v1/health/queue/usage')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
});
Http::get('/v1/health/queue/usage-dump')
App::get('/v1/health/queue/usage-dump')
->desc('Get usage dump queue')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -752,7 +714,7 @@ Http::get('/v1/health/queue/usage-dump')
$response->dynamic(new Document([ 'size' => $size ]), Response::MODEL_HEALTH_QUEUE);
});
Http::get('/v1/health/storage/local')
App::get('/v1/health/storage/local')
->desc('Get local storage')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -795,7 +757,7 @@ Http::get('/v1/health/storage/local')
$response->dynamic(new Document($output), Response::MODEL_HEALTH_STATUS);
});
Http::get('/v1/health/storage')
App::get('/v1/health/storage')
->desc('Get storage')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -836,7 +798,7 @@ Http::get('/v1/health/storage')
$response->dynamic(new Document($output), Response::MODEL_HEALTH_STATUS);
});
Http::get('/v1/health/anti-virus')
App::get('/v1/health/anti-virus')
->desc('Get antivirus')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -875,7 +837,7 @@ Http::get('/v1/health/anti-virus')
$response->dynamic(new Document($output), Response::MODEL_HEALTH_ANTIVIRUS);
});
Http::get('/v1/health/queue/failed/:name')
App::get('/v1/health/queue/failed/:name')
->desc('Get number of failed queue jobs')
->groups(['api', 'health'])
->label('scope', 'health.read')
@@ -916,7 +878,7 @@ Http::get('/v1/health/queue/failed/:name')
$response->dynamic(new Document([ 'size' => $failed ]), Response::MODEL_HEALTH_QUEUE);
});
Http::get('/v1/health/stats') // Currently only used internally
App::get('/v1/health/stats') // Currently only used internally
->desc('Get system stats')
->groups(['api', 'health'])
->label('scope', 'root')
app/controllers/api/locale.php
+10 -10
View File
@@ -3,12 +3,12 @@
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Database\Document;
use Utopia\Http\Http;
use Utopia\Locale\Locale;
Http::get('/v1/locale')
App::get('/v1/locale')
->desc('Get user locale')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -68,8 +68,8 @@ Http::get('/v1/locale')
$response->dynamic(new Document($output), Response::MODEL_LOCALE);
});
Http::get('/v1/locale/codes')
->desc('List Locale Codes')
App::get('/v1/locale/codes')
->desc('List locale codes')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
@@ -90,7 +90,7 @@ Http::get('/v1/locale/codes')
]), Response::MODEL_LOCALE_CODE_LIST);
});
Http::get('/v1/locale/countries')
App::get('/v1/locale/countries')
->desc('List countries')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -123,7 +123,7 @@ Http::get('/v1/locale/countries')
$response->dynamic(new Document(['countries' => $output, 'total' => \count($output)]), Response::MODEL_COUNTRY_LIST);
});
Http::get('/v1/locale/countries/eu')
App::get('/v1/locale/countries/eu')
->desc('List EU countries')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -158,7 +158,7 @@ Http::get('/v1/locale/countries/eu')
$response->dynamic(new Document(['countries' => $output, 'total' => \count($output)]), Response::MODEL_COUNTRY_LIST);
});
Http::get('/v1/locale/countries/phones')
App::get('/v1/locale/countries/phones')
->desc('List countries phone codes')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -192,7 +192,7 @@ Http::get('/v1/locale/countries/phones')
$response->dynamic(new Document(['phones' => $output, 'total' => \count($output)]), Response::MODEL_PHONE_LIST);
});
Http::get('/v1/locale/continents')
App::get('/v1/locale/continents')
->desc('List continents')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -224,7 +224,7 @@ Http::get('/v1/locale/continents')
$response->dynamic(new Document(['continents' => $output, 'total' => \count($output)]), Response::MODEL_CONTINENT_LIST);
});
Http::get('/v1/locale/currencies')
App::get('/v1/locale/currencies')
->desc('List currencies')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
@@ -247,7 +247,7 @@ Http::get('/v1/locale/currencies')
});
Http::get('/v1/locale/languages')
App::get('/v1/locale/languages')
->desc('List languages')
->groups(['api', 'locale'])
->label('scope', 'locale.read')
app/controllers/api/messaging.php
+86 -95
View File
@@ -20,6 +20,7 @@ use Appwrite\Utopia\Database\Validator\Queries\Targets;
use Appwrite\Utopia\Database\Validator\Queries\Topics;
use Appwrite\Utopia\Response;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\Audit\Audit;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
@@ -29,27 +30,25 @@ use Utopia\Database\Exception\Query as QueryException;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Authorization\Input;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\Queries;
use Utopia\Database\Validator\Query\Limit;
use Utopia\Database\Validator\Query\Offset;
use Utopia\Database\Validator\Roles;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Integer;
use Utopia\Http\Validator\JSON;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Locale\Locale;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Boolean;
use Utopia\Validator\Integer;
use Utopia\Validator\JSON;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
use function Swoole\Coroutine\batch;
Http::post('/v1/messaging/providers/mailgun')
App::post('/v1/messaging/providers/mailgun')
->desc('Create Mailgun provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -136,7 +135,7 @@ Http::post('/v1/messaging/providers/mailgun')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/sendgrid')
App::post('/v1/messaging/providers/sendgrid')
->desc('Create Sendgrid provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -211,7 +210,7 @@ Http::post('/v1/messaging/providers/sendgrid')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/smtp')
App::post('/v1/messaging/providers/smtp')
->desc('Create SMTP provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -299,7 +298,7 @@ Http::post('/v1/messaging/providers/smtp')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/msg91')
App::post('/v1/messaging/providers/msg91')
->desc('Create Msg91 provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -375,7 +374,7 @@ Http::post('/v1/messaging/providers/msg91')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/telesign')
App::post('/v1/messaging/providers/telesign')
->desc('Create Telesign provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -452,7 +451,7 @@ Http::post('/v1/messaging/providers/telesign')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/textmagic')
App::post('/v1/messaging/providers/textmagic')
->desc('Create Textmagic provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -529,7 +528,7 @@ Http::post('/v1/messaging/providers/textmagic')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/twilio')
App::post('/v1/messaging/providers/twilio')
->desc('Create Twilio provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -606,7 +605,7 @@ Http::post('/v1/messaging/providers/twilio')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/vonage')
App::post('/v1/messaging/providers/vonage')
->desc('Create Vonage provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -683,7 +682,7 @@ Http::post('/v1/messaging/providers/vonage')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/fcm')
App::post('/v1/messaging/providers/fcm')
->desc('Create FCM provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -746,7 +745,7 @@ Http::post('/v1/messaging/providers/fcm')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::post('/v1/messaging/providers/apns')
App::post('/v1/messaging/providers/apns')
->desc('Create APNS provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.create')
@@ -832,7 +831,7 @@ Http::post('/v1/messaging/providers/apns')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::get('/v1/messaging/providers')
App::get('/v1/messaging/providers')
->desc('List providers')
->groups(['api', 'messaging'])
->label('scope', 'providers.read')
@@ -847,8 +846,7 @@ Http::get('/v1/messaging/providers')
->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true)
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (array $queries, string $search, Database $dbForProject, Response $response, Authorization $authorization) {
->action(function (array $queries, string $search, Database $dbForProject, Response $response) {
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
@@ -869,7 +867,7 @@ Http::get('/v1/messaging/providers')
if ($cursor) {
$providerId = $cursor->getValue();
$cursorDocument = $authorization->skip(fn () => $dbForProject->getDocument('providers', $providerId));
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('providers', $providerId));
if ($cursorDocument->isEmpty()) {
throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Provider '{$providerId}' for the 'cursor' value not found.");
@@ -884,7 +882,7 @@ Http::get('/v1/messaging/providers')
]), Response::MODEL_PROVIDER_LIST);
});
Http::get('/v1/messaging/providers/:providerId/logs')
App::get('/v1/messaging/providers/:providerId/logs')
->desc('List provider logs')
->groups(['api', 'messaging'])
->label('scope', 'providers.read')
@@ -972,7 +970,7 @@ Http::get('/v1/messaging/providers/:providerId/logs')
]), Response::MODEL_LOG_LIST);
});
Http::get('/v1/messaging/providers/:providerId')
App::get('/v1/messaging/providers/:providerId')
->desc('Get provider')
->groups(['api', 'messaging'])
->label('scope', 'providers.read')
@@ -996,7 +994,7 @@ Http::get('/v1/messaging/providers/:providerId')
$response->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/mailgun/:providerId')
App::patch('/v1/messaging/providers/mailgun/:providerId')
->desc('Update Mailgun provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1102,7 +1100,7 @@ Http::patch('/v1/messaging/providers/mailgun/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/sendgrid/:providerId')
App::patch('/v1/messaging/providers/sendgrid/:providerId')
->desc('Update Sendgrid provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1193,7 +1191,7 @@ Http::patch('/v1/messaging/providers/sendgrid/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/smtp/:providerId')
App::patch('/v1/messaging/providers/smtp/:providerId')
->desc('Update SMTP provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1315,7 +1313,7 @@ Http::patch('/v1/messaging/providers/smtp/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/msg91/:providerId')
App::patch('/v1/messaging/providers/msg91/:providerId')
->desc('Update Msg91 provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1395,7 +1393,7 @@ Http::patch('/v1/messaging/providers/msg91/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/telesign/:providerId')
App::patch('/v1/messaging/providers/telesign/:providerId')
->desc('Update Telesign provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1477,7 +1475,7 @@ Http::patch('/v1/messaging/providers/telesign/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/textmagic/:providerId')
App::patch('/v1/messaging/providers/textmagic/:providerId')
->desc('Update Textmagic provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1559,7 +1557,7 @@ Http::patch('/v1/messaging/providers/textmagic/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/twilio/:providerId')
App::patch('/v1/messaging/providers/twilio/:providerId')
->desc('Update Twilio provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1641,7 +1639,7 @@ Http::patch('/v1/messaging/providers/twilio/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/vonage/:providerId')
App::patch('/v1/messaging/providers/vonage/:providerId')
->desc('Update Vonage provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1723,7 +1721,7 @@ Http::patch('/v1/messaging/providers/vonage/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::patch('/v1/messaging/providers/fcm/:providerId')
App::patch('/v1/messaging/providers/fcm/:providerId')
->desc('Update FCM provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1792,7 +1790,7 @@ Http::patch('/v1/messaging/providers/fcm/:providerId')
});
Http::patch('/v1/messaging/providers/apns/:providerId')
App::patch('/v1/messaging/providers/apns/:providerId')
->desc('Update APNS provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.update')
@@ -1887,7 +1885,7 @@ Http::patch('/v1/messaging/providers/apns/:providerId')
->dynamic($provider, Response::MODEL_PROVIDER);
});
Http::delete('/v1/messaging/providers/:providerId')
App::delete('/v1/messaging/providers/:providerId')
->desc('Delete provider')
->groups(['api', 'messaging'])
->label('audits.event', 'provider.delete')
@@ -1922,7 +1920,7 @@ Http::delete('/v1/messaging/providers/:providerId')
->noContent();
});
Http::post('/v1/messaging/topics')
App::post('/v1/messaging/topics')
->desc('Create topic')
->groups(['api', 'messaging'])
->label('audits.event', 'topic.create')
@@ -1965,7 +1963,7 @@ Http::post('/v1/messaging/topics')
->dynamic($topic, Response::MODEL_TOPIC);
});
Http::get('/v1/messaging/topics')
App::get('/v1/messaging/topics')
->desc('List topics')
->groups(['api', 'messaging'])
->label('scope', 'topics.read')
@@ -1980,8 +1978,7 @@ Http::get('/v1/messaging/topics')
->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true)
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (array $queries, string $search, Database $dbForProject, Response $response, Authorization $authorization) {
->action(function (array $queries, string $search, Database $dbForProject, Response $response) {
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
@@ -2002,7 +1999,7 @@ Http::get('/v1/messaging/topics')
if ($cursor) {
$topicId = $cursor->getValue();
$cursorDocument = $authorization->skip(fn () => $dbForProject->getDocument('topics', $topicId));
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('topics', $topicId));
if ($cursorDocument->isEmpty()) {
throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Topic '{$topicId}' for the 'cursor' value not found.");
@@ -2017,7 +2014,7 @@ Http::get('/v1/messaging/topics')
]), Response::MODEL_TOPIC_LIST);
});
Http::get('/v1/messaging/topics/:topicId/logs')
App::get('/v1/messaging/topics/:topicId/logs')
->desc('List topic logs')
->groups(['api', 'messaging'])
->label('scope', 'topics.read')
@@ -2034,8 +2031,7 @@ Http::get('/v1/messaging/topics/:topicId/logs')
->inject('dbForProject')
->inject('locale')
->inject('geodb')
->inject('authorization')
->action(function (string $topicId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb, Authorization $authorization) {
->action(function (string $topicId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb) {
$topic = $dbForProject->getDocument('topics', $topicId);
if ($topic->isEmpty()) {
@@ -2107,7 +2103,7 @@ Http::get('/v1/messaging/topics/:topicId/logs')
]), Response::MODEL_LOG_LIST);
});
Http::get('/v1/messaging/topics/:topicId')
App::get('/v1/messaging/topics/:topicId')
->desc('Get topic')
->groups(['api', 'messaging'])
->label('scope', 'topics.read')
@@ -2132,7 +2128,7 @@ Http::get('/v1/messaging/topics/:topicId')
->dynamic($topic, Response::MODEL_TOPIC);
});
Http::patch('/v1/messaging/topics/:topicId')
App::patch('/v1/messaging/topics/:topicId')
->desc('Update topic')
->groups(['api', 'messaging'])
->label('audits.event', 'topic.update')
@@ -2176,7 +2172,7 @@ Http::patch('/v1/messaging/topics/:topicId')
->dynamic($topic, Response::MODEL_TOPIC);
});
Http::delete('/v1/messaging/topics/:topicId')
App::delete('/v1/messaging/topics/:topicId')
->desc('Delete topic')
->groups(['api', 'messaging'])
->label('audits.event', 'topic.delete')
@@ -2216,7 +2212,7 @@ Http::delete('/v1/messaging/topics/:topicId')
->noContent();
});
Http::post('/v1/messaging/topics/:topicId/subscribers')
App::post('/v1/messaging/topics/:topicId/subscribers')
->desc('Create subscriber')
->groups(['api', 'messaging'])
->label('audits.event', 'subscriber.create')
@@ -2236,27 +2232,28 @@ Http::post('/v1/messaging/topics/:topicId/subscribers')
->inject('queueForEvents')
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (string $subscriberId, string $topicId, string $targetId, Event $queueForEvents, Database $dbForProject, Response $response, Authorization $authorization) {
->action(function (string $subscriberId, string $topicId, string $targetId, Event $queueForEvents, Database $dbForProject, Response $response) {
$subscriberId = $subscriberId == 'unique()' ? ID::unique() : $subscriberId;
$topic = $authorization->skip(fn () => $dbForProject->getDocument('topics', $topicId));
$topic = Authorization::skip(fn () => $dbForProject->getDocument('topics', $topicId));
if ($topic->isEmpty()) {
throw new Exception(Exception::TOPIC_NOT_FOUND);
}
if (!$authorization->isValid(new Input('subscribe', $topic->getAttribute('subscribe')))) {
throw new Exception(Exception::USER_UNAUTHORIZED, $authorization->getDescription());
$validator = new Authorization('subscribe');
if (!$validator->isValid($topic->getAttribute('subscribe'))) {
throw new Exception(Exception::USER_UNAUTHORIZED, $validator->getDescription());
}
$target = $authorization->skip(fn () => $dbForProject->getDocument('targets', $targetId));
$target = Authorization::skip(fn () => $dbForProject->getDocument('targets', $targetId));
if ($target->isEmpty()) {
throw new Exception(Exception::USER_TARGET_NOT_FOUND);
}
$user = $authorization->skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
$user = Authorization::skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
$subscriber = new Document([
'$id' => $subscriberId,
@@ -2289,7 +2286,7 @@ Http::post('/v1/messaging/topics/:topicId/subscribers')
default => throw new Exception(Exception::TARGET_PROVIDER_INVALID_TYPE),
};
$authorization->skip(fn () => $dbForProject->increaseDocumentAttribute(
Authorization::skip(fn () => $dbForProject->increaseDocumentAttribute(
'topics',
$topicId,
$totalAttribute,
@@ -2311,7 +2308,7 @@ Http::post('/v1/messaging/topics/:topicId/subscribers')
->dynamic($subscriber, Response::MODEL_SUBSCRIBER);
});
Http::get('/v1/messaging/topics/:topicId/subscribers')
App::get('/v1/messaging/topics/:topicId/subscribers')
->desc('List subscribers')
->groups(['api', 'messaging'])
->label('scope', 'subscribers.read')
@@ -2327,8 +2324,7 @@ Http::get('/v1/messaging/topics/:topicId/subscribers')
->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true)
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (string $topicId, array $queries, string $search, Database $dbForProject, Response $response, Authorization $authorization) {
->action(function (string $topicId, array $queries, string $search, Database $dbForProject, Response $response) {
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
@@ -2339,7 +2335,7 @@ Http::get('/v1/messaging/topics/:topicId/subscribers')
$queries[] = Query::search('search', $search);
}
$topic = $authorization->skip(fn () => $dbForProject->getDocument('topics', $topicId));
$topic = Authorization::skip(fn () => $dbForProject->getDocument('topics', $topicId));
if ($topic->isEmpty()) {
throw new Exception(Exception::TOPIC_NOT_FOUND);
@@ -2357,7 +2353,7 @@ Http::get('/v1/messaging/topics/:topicId/subscribers')
if ($cursor) {
$subscriberId = $cursor->getValue();
$cursorDocument = $authorization->skip(fn () => $dbForProject->getDocument('subscribers', $subscriberId));
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('subscribers', $subscriberId));
if ($cursorDocument->isEmpty()) {
throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Subscriber '{$subscriberId}' for the 'cursor' value not found.");
@@ -2368,10 +2364,10 @@ Http::get('/v1/messaging/topics/:topicId/subscribers')
$subscribers = $dbForProject->find('subscribers', $queries);
$subscribers = batch(\array_map(function (Document $subscriber) use ($dbForProject, $authorization) {
return function () use ($subscriber, $dbForProject, $authorization) {
$target = $authorization->skip(fn () => $dbForProject->getDocument('targets', $subscriber->getAttribute('targetId')));
$user = $authorization->skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
$subscribers = batch(\array_map(function (Document $subscriber) use ($dbForProject) {
return function () use ($subscriber, $dbForProject) {
$target = Authorization::skip(fn () => $dbForProject->getDocument('targets', $subscriber->getAttribute('targetId')));
$user = Authorization::skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
return $subscriber
->setAttribute('target', $target)
@@ -2386,7 +2382,7 @@ Http::get('/v1/messaging/topics/:topicId/subscribers')
]), Response::MODEL_SUBSCRIBER_LIST);
});
Http::get('/v1/messaging/subscribers/:subscriberId/logs')
App::get('/v1/messaging/subscribers/:subscriberId/logs')
->desc('List subscriber logs')
->groups(['api', 'messaging'])
->label('scope', 'subscribers.read')
@@ -2403,8 +2399,7 @@ Http::get('/v1/messaging/subscribers/:subscriberId/logs')
->inject('dbForProject')
->inject('locale')
->inject('geodb')
->inject('authorization')
->action(function (string $subscriberId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb, Authorization $authorization) {
->action(function (string $subscriberId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb) {
$subscriber = $dbForProject->getDocument('subscribers', $subscriberId);
if ($subscriber->isEmpty()) {
@@ -2476,7 +2471,7 @@ Http::get('/v1/messaging/subscribers/:subscriberId/logs')
]), Response::MODEL_LOG_LIST);
});
Http::get('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
App::get('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->desc('Get subscriber')
->groups(['api', 'messaging'])
->label('scope', 'subscribers.read')
@@ -2491,9 +2486,8 @@ Http::get('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->param('subscriberId', '', new UID(), 'Subscriber ID.')
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (string $topicId, string $subscriberId, Database $dbForProject, Response $response, Authorization $authorization) {
$topic = $authorization->skip(fn () => $dbForProject->getDocument('topics', $topicId));
->action(function (string $topicId, string $subscriberId, Database $dbForProject, Response $response) {
$topic = Authorization::skip(fn () => $dbForProject->getDocument('topics', $topicId));
if ($topic->isEmpty()) {
throw new Exception(Exception::TOPIC_NOT_FOUND);
@@ -2505,8 +2499,8 @@ Http::get('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
throw new Exception(Exception::SUBSCRIBER_NOT_FOUND);
}
$target = $authorization->skip(fn () => $dbForProject->getDocument('targets', $subscriber->getAttribute('targetId')));
$user = $authorization->skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
$target = Authorization::skip(fn () => $dbForProject->getDocument('targets', $subscriber->getAttribute('targetId')));
$user = Authorization::skip(fn () => $dbForProject->getDocument('users', $target->getAttribute('userId')));
$subscriber
->setAttribute('target', $target)
@@ -2516,7 +2510,7 @@ Http::get('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->dynamic($subscriber, Response::MODEL_SUBSCRIBER);
});
Http::delete('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
App::delete('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->desc('Delete subscriber')
->groups(['api', 'messaging'])
->label('audits.event', 'subscriber.delete')
@@ -2535,9 +2529,8 @@ Http::delete('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->inject('queueForEvents')
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (string $topicId, string $subscriberId, Event $queueForEvents, Database $dbForProject, Response $response, Authorization $authorization) {
$topic = $authorization->skip(fn () => $dbForProject->getDocument('topics', $topicId));
->action(function (string $topicId, string $subscriberId, Event $queueForEvents, Database $dbForProject, Response $response) {
$topic = Authorization::skip(fn () => $dbForProject->getDocument('topics', $topicId));
if ($topic->isEmpty()) {
throw new Exception(Exception::TOPIC_NOT_FOUND);
@@ -2560,7 +2553,7 @@ Http::delete('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
default => throw new Exception(Exception::TARGET_PROVIDER_INVALID_TYPE),
};
$authorization->skip(fn () => $dbForProject->decreaseDocumentAttribute(
Authorization::skip(fn () => $dbForProject->decreaseDocumentAttribute(
'topics',
$topicId,
$totalAttribute,
@@ -2576,7 +2569,7 @@ Http::delete('/v1/messaging/topics/:topicId/subscribers/:subscriberId')
->noContent();
});
Http::post('/v1/messaging/messages/email')
App::post('/v1/messaging/messages/email')
->desc('Create email')
->groups(['api', 'messaging'])
->label('audits.event', 'message.create')
@@ -2728,7 +2721,7 @@ Http::post('/v1/messaging/messages/email')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::post('/v1/messaging/messages/sms')
App::post('/v1/messaging/messages/sms')
->desc('Create SMS')
->groups(['api', 'messaging'])
->label('audits.event', 'message.create')
@@ -2844,7 +2837,7 @@ Http::post('/v1/messaging/messages/sms')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::post('/v1/messaging/messages/push')
App::post('/v1/messaging/messages/push')
->desc('Create push notification')
->groups(['api', 'messaging'])
->label('audits.event', 'message.create')
@@ -3020,7 +3013,7 @@ Http::post('/v1/messaging/messages/push')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::get('/v1/messaging/messages')
App::get('/v1/messaging/messages')
->desc('List messages')
->groups(['api', 'messaging'])
->label('scope', 'messages.read')
@@ -3035,8 +3028,7 @@ Http::get('/v1/messaging/messages')
->param('search', '', new Text(256), 'Search term to filter your list results. Max length: 256 chars.', true)
->inject('dbForProject')
->inject('response')
->inject('authorization')
->action(function (array $queries, string $search, Database $dbForProject, Response $response, Authorization $authorization) {
->action(function (array $queries, string $search, Database $dbForProject, Response $response) {
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
@@ -3057,7 +3049,7 @@ Http::get('/v1/messaging/messages')
if ($cursor) {
$messageId = $cursor->getValue();
$cursorDocument = $authorization->skip(fn () => $dbForProject->getDocument('messages', $messageId));
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('messages', $messageId));
if ($cursorDocument->isEmpty()) {
throw new Exception(Exception::GENERAL_CURSOR_NOT_FOUND, "Message '{$messageId}' for the 'cursor' value not found.");
@@ -3072,7 +3064,7 @@ Http::get('/v1/messaging/messages')
]), Response::MODEL_MESSAGE_LIST);
});
Http::get('/v1/messaging/messages/:messageId/logs')
App::get('/v1/messaging/messages/:messageId/logs')
->desc('List message logs')
->groups(['api', 'messaging'])
->label('scope', 'messages.read')
@@ -3089,8 +3081,7 @@ Http::get('/v1/messaging/messages/:messageId/logs')
->inject('dbForProject')
->inject('locale')
->inject('geodb')
->inject('authorization')
->action(function (string $messageId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb, Authorization $authorization) {
->action(function (string $messageId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb) {
$message = $dbForProject->getDocument('messages', $messageId);
if ($message->isEmpty()) {
@@ -3162,7 +3153,7 @@ Http::get('/v1/messaging/messages/:messageId/logs')
]), Response::MODEL_LOG_LIST);
});
Http::get('/v1/messaging/messages/:messageId/targets')
App::get('/v1/messaging/messages/:messageId/targets')
->desc('List message targets')
->groups(['api', 'messaging'])
->label('scope', 'messages.read')
@@ -3227,7 +3218,7 @@ Http::get('/v1/messaging/messages/:messageId/targets')
]), Response::MODEL_TARGET_LIST);
});
Http::get('/v1/messaging/messages/:messageId')
App::get('/v1/messaging/messages/:messageId')
->desc('Get message')
->groups(['api', 'messaging'])
->label('scope', 'messages.read')
@@ -3251,7 +3242,7 @@ Http::get('/v1/messaging/messages/:messageId')
$response->dynamic($message, Response::MODEL_MESSAGE);
});
Http::patch('/v1/messaging/messages/email/:messageId')
App::patch('/v1/messaging/messages/email/:messageId')
->desc('Update email')
->groups(['api', 'messaging'])
->label('audits.event', 'message.update')
@@ -3451,7 +3442,7 @@ Http::patch('/v1/messaging/messages/email/:messageId')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::patch('/v1/messaging/messages/sms/:messageId')
App::patch('/v1/messaging/messages/sms/:messageId')
->desc('Update SMS')
->groups(['api', 'messaging'])
->label('audits.event', 'message.update')
@@ -3606,7 +3597,7 @@ Http::patch('/v1/messaging/messages/sms/:messageId')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::patch('/v1/messaging/messages/push/:messageId')
App::patch('/v1/messaging/messages/push/:messageId')
->desc('Update push notification')
->groups(['api', 'messaging'])
->label('audits.event', 'message.update')
@@ -3844,7 +3835,7 @@ Http::patch('/v1/messaging/messages/push/:messageId')
->dynamic($message, Response::MODEL_MESSAGE);
});
Http::delete('/v1/messaging/messages/:messageId')
App::delete('/v1/messaging/messages/:messageId')
->desc('Delete message')
->groups(['api', 'messaging'])
->label('audits.event', 'message.delete')
app/controllers/api/migrations.php
+45 -40
View File
@@ -9,6 +9,7 @@ use Appwrite\Role;
use Appwrite\Utopia\Database\Validator\Queries\Migrations;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
@@ -16,24 +17,23 @@ use Utopia\Database\Exception\Query as QueryException;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Query;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Host;
use Utopia\Http\Validator\Integer;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\URL;
use Utopia\Http\Validator\WhiteList;
use Utopia\Migration\Sources\Appwrite;
use Utopia\Migration\Sources\Firebase;
use Utopia\Migration\Sources\NHost;
use Utopia\Migration\Sources\Supabase;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Host;
use Utopia\Validator\Integer;
use Utopia\Validator\Text;
use Utopia\Validator\URL;
use Utopia\Validator\WhiteList;
include_once __DIR__ . '/../shared/api.php';
Http::post('/v1/migrations/appwrite')
App::post('/v1/migrations/appwrite')
->groups(['api', 'migrations'])
->desc('Migrate Appwrite Data')
->desc('Migrate Appwrite data')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].create')
->label('audits.event', 'migration.create')
@@ -60,6 +60,7 @@ Http::post('/v1/migrations/appwrite')
'status' => 'pending',
'stage' => 'init',
'source' => Appwrite::getName(),
'destination' => Appwrite::getName(),
'credentials' => [
'endpoint' => $endpoint,
'projectId' => $projectId,
@@ -85,9 +86,9 @@ Http::post('/v1/migrations/appwrite')
->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::post('/v1/migrations/firebase/oauth')
App::post('/v1/migrations/firebase/oauth')
->groups(['api', 'migrations'])
->desc('Migrate Firebase Data (OAuth)')
->desc('Migrate Firebase data (OAuth)')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].create')
->label('audits.event', 'migration.create')
@@ -164,6 +165,7 @@ Http::post('/v1/migrations/firebase/oauth')
'status' => 'pending',
'stage' => 'init',
'source' => Firebase::getName(),
'destination' => Appwrite::getName(),
'credentials' => [
'serviceAccount' => json_encode($serviceAccount),
],
@@ -187,9 +189,9 @@ Http::post('/v1/migrations/firebase/oauth')
->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::post('/v1/migrations/firebase')
App::post('/v1/migrations/firebase')
->groups(['api', 'migrations'])
->desc('Migrate Firebase Data (Service Account)')
->desc('Migrate Firebase data (Service Account)')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].create')
->label('audits.event', 'migration.create')
@@ -224,6 +226,7 @@ Http::post('/v1/migrations/firebase')
'status' => 'pending',
'stage' => 'init',
'source' => Firebase::getName(),
'destination' => Appwrite::getName(),
'credentials' => [
'serviceAccount' => $serviceAccount,
],
@@ -247,9 +250,9 @@ Http::post('/v1/migrations/firebase')
->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::post('/v1/migrations/supabase')
App::post('/v1/migrations/supabase')
->groups(['api', 'migrations'])
->desc('Migrate Supabase Data')
->desc('Migrate Supabase data')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].create')
->label('audits.event', 'migration.create')
@@ -279,6 +282,7 @@ Http::post('/v1/migrations/supabase')
'status' => 'pending',
'stage' => 'init',
'source' => Supabase::getName(),
'destination' => Appwrite::getName(),
'credentials' => [
'endpoint' => $endpoint,
'apiKey' => $apiKey,
@@ -307,9 +311,9 @@ Http::post('/v1/migrations/supabase')
->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::post('/v1/migrations/nhost')
App::post('/v1/migrations/nhost')
->groups(['api', 'migrations'])
->desc('Migrate NHost Data')
->desc('Migrate NHost data')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].create')
->label('audits.event', 'migration.create')
@@ -340,6 +344,7 @@ Http::post('/v1/migrations/nhost')
'status' => 'pending',
'stage' => 'init',
'source' => NHost::getName(),
'destination' => Appwrite::getName(),
'credentials' => [
'subdomain' => $subdomain,
'region' => $region,
@@ -369,9 +374,9 @@ Http::post('/v1/migrations/nhost')
->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::get('/v1/migrations')
App::get('/v1/migrations')
->groups(['api', 'migrations'])
->desc('List Migrations')
->desc('List migrations')
->label('scope', 'migrations.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'migrations')
@@ -422,9 +427,9 @@ Http::get('/v1/migrations')
]), Response::MODEL_MIGRATION_LIST);
});
Http::get('/v1/migrations/:migrationId')
App::get('/v1/migrations/:migrationId')
->groups(['api', 'migrations'])
->desc('Get Migration')
->desc('Get migration')
->label('scope', 'migrations.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'migrations')
@@ -446,9 +451,9 @@ Http::get('/v1/migrations/:migrationId')
$response->dynamic($migration, Response::MODEL_MIGRATION);
});
Http::get('/v1/migrations/appwrite/report')
App::get('/v1/migrations/appwrite/report')
->groups(['api', 'migrations'])
->desc('Generate a report on Appwrite Data')
->desc('Generate a report on Appwrite data')
->label('scope', 'migrations.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'migrations')
@@ -488,9 +493,9 @@ Http::get('/v1/migrations/appwrite/report')
->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT);
});
Http::get('/v1/migrations/firebase/report')
App::get('/v1/migrations/firebase/report')
->groups(['api', 'migrations'])
->desc('Generate a report on Firebase Data')
->desc('Generate a report on Firebase data')
->label('scope', 'migrations.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'migrations')
@@ -535,9 +540,9 @@ Http::get('/v1/migrations/firebase/report')
->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT);
});
Http::get('/v1/migrations/firebase/report/oauth')
App::get('/v1/migrations/firebase/report/oauth')
->groups(['api', 'migrations'])
->desc('Generate a report on Firebase Data using OAuth')
->desc('Generate a report on Firebase data using OAuth')
->label('scope', 'migrations.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'migrations')
@@ -626,8 +631,8 @@ Http::get('/v1/migrations/firebase/report/oauth')
->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT);
});
Http::get('/v1/migrations/firebase/connect')
->desc('Authorize with firebase')
App::get('/v1/migrations/firebase/connect')
->desc('Authorize with Firebase')
->groups(['api', 'migrations'])
->label('scope', 'migrations.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -668,7 +673,7 @@ Http::get('/v1/migrations/firebase/connect')
->redirect($url);
});
Http::get('/v1/migrations/firebase/redirect')
App::get('/v1/migrations/firebase/redirect')
->desc('Capture and receive data on Firebase authorization')
->groups(['api', 'migrations'])
->label('scope', 'public')
@@ -780,8 +785,8 @@ Http::get('/v1/migrations/firebase/redirect')
->redirect($redirect);
});
Http::get('/v1/migrations/firebase/projects')
->desc('List Firebase Projects')
App::get('/v1/migrations/firebase/projects')
->desc('List Firebase projects')
->groups(['api', 'migrations'])
->label('scope', 'migrations.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -869,8 +874,8 @@ Http::get('/v1/migrations/firebase/projects')
]), Response::MODEL_MIGRATION_FIREBASE_PROJECT_LIST);
});
Http::get('/v1/migrations/firebase/deauthorize')
->desc('Revoke Appwrite\'s authorization to access Firebase Projects')
App::get('/v1/migrations/firebase/deauthorize')
->desc('Revoke Appwrite\'s authorization to access Firebase projects')
->groups(['api', 'migrations'])
->label('scope', 'migrations.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -897,7 +902,7 @@ Http::get('/v1/migrations/firebase/deauthorize')
$response->noContent();
});
Http::get('/v1/migrations/supabase/report')
App::get('/v1/migrations/supabase/report')
->groups(['api', 'migrations'])
->desc('Generate a report on Supabase Data')
->label('scope', 'migrations.write')
@@ -940,7 +945,7 @@ Http::get('/v1/migrations/supabase/report')
->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT);
});
Http::get('/v1/migrations/nhost/report')
App::get('/v1/migrations/nhost/report')
->groups(['api', 'migrations'])
->desc('Generate a report on NHost Data')
->label('scope', 'migrations.write')
@@ -983,9 +988,9 @@ Http::get('/v1/migrations/nhost/report')
->dynamic(new Document($report), Response::MODEL_MIGRATION_REPORT);
});
Http::patch('/v1/migrations/:migrationId')
App::patch('/v1/migrations/:migrationId')
->groups(['api', 'migrations'])
->desc('Retry Migration')
->desc('Retry migration')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].retry')
->label('audits.event', 'migration.retry')
@@ -1028,9 +1033,9 @@ Http::patch('/v1/migrations/:migrationId')
$response->noContent();
});
Http::delete('/v1/migrations/:migrationId')
App::delete('/v1/migrations/:migrationId')
->groups(['api', 'migrations'])
->desc('Delete Migration')
->desc('Delete migration')
->label('scope', 'migrations.write')
->label('event', 'migrations.[migrationId].delete')
->label('audits.event', 'migrationId.delete')
app/controllers/api/project.php
+39 -17
View File
@@ -2,6 +2,7 @@
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Exception\Duplicate as DuplicateException;
@@ -12,11 +13,10 @@ use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Datetime as DateTimeValidator;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
Http::get('/v1/project/usage')
App::get('/v1/project/usage')
->desc('Get project usage stats')
->groups(['api', 'usage'])
->label('scope', 'projects.read')
@@ -31,8 +31,7 @@ Http::get('/v1/project/usage')
->param('period', '1d', new WhiteList(['1h', '1d']), 'Period used', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $startDate, string $endDate, string $period, Response $response, Database $dbForProject, Authorization $authorization) {
->action(function (string $startDate, string $endDate, string $period, Response $response, Database $dbForProject) {
$stats = $total = $usage = [];
$format = 'Y-m-d 00:00:00';
$firstDay = (new DateTime($startDate))->format($format);
@@ -48,6 +47,7 @@ Http::get('/v1/project/usage')
METRIC_USERS,
METRIC_BUCKETS,
METRIC_FILES_STORAGE,
METRIC_DATABASES_STORAGE,
METRIC_DEPLOYMENTS_STORAGE,
METRIC_BUILDS_STORAGE
],
@@ -57,6 +57,7 @@ Http::get('/v1/project/usage')
METRIC_NETWORK_OUTBOUND,
METRIC_USERS,
METRIC_EXECUTIONS,
METRIC_DATABASES_STORAGE,
METRIC_EXECUTIONS_MB_SECONDS,
METRIC_BUILDS_MB_SECONDS
]
@@ -77,7 +78,7 @@ Http::get('/v1/project/usage')
'1d' => 'Y-m-d\T00:00:00.000P',
};
$authorization->skip(function () use ($dbForProject, $firstDay, $lastDay, $period, $metrics, $limit, &$total, &$stats) {
Authorization::skip(function () use ($dbForProject, $firstDay, $lastDay, $period, $metrics, $limit, &$total, &$stats) {
foreach ($metrics['total'] as $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
@@ -183,6 +184,23 @@ Http::get('/v1/project/usage')
];
}, $dbForProject->find('buckets'));
$databasesStorageBreakdown = array_map(function ($database) use ($dbForProject) {
$id = $database->getId();
$name = $database->getAttribute('name');
$metric = str_replace('{databaseInternalId}', $database->getInternalId(), METRIC_DATABASE_ID_STORAGE);
$value = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
Query::equal('period', ['inf'])
]);
return [
'resourceId' => $id,
'name' => $name,
'value' => $value['value'] ?? 0,
];
}, $dbForProject->find('databases'));
$functionsStorageBreakdown = array_map(function ($function) use ($dbForProject) {
$id = $function->getId();
$name = $function->getAttribute('name');
@@ -270,6 +288,7 @@ Http::get('/v1/project/usage')
'buildsMbSecondsTotal' => $total[METRIC_BUILDS_MB_SECONDS],
'documentsTotal' => $total[METRIC_DOCUMENTS],
'databasesTotal' => $total[METRIC_DATABASES],
'databasesStorageTotal' => $total[METRIC_DATABASES_STORAGE],
'usersTotal' => $total[METRIC_USERS],
'bucketsTotal' => $total[METRIC_BUCKETS],
'filesStorageTotal' => $total[METRIC_FILES_STORAGE],
@@ -277,7 +296,10 @@ Http::get('/v1/project/usage')
'buildsStorageTotal' => $total[METRIC_BUILDS_STORAGE],
'deploymentsStorageTotal' => $total[METRIC_DEPLOYMENTS_STORAGE],
'executionsBreakdown' => $executionsBreakdown,
'executionsMbSecondsBreakdown' => $executionsMbSecondsBreakdown,
'buildsMbSecondsBreakdown' => $buildsMbSecondsBreakdown,
'bucketsBreakdown' => $bucketsBreakdown,
'databasesStorageBreakdown' => $databasesStorageBreakdown,
'executionsMbSecondsBreakdown' => $executionsMbSecondsBreakdown,
'buildsMbSecondsBreakdown' => $buildsMbSecondsBreakdown,
'functionsStorageBreakdown' => $functionsStorageBreakdown,
@@ -286,8 +308,8 @@ Http::get('/v1/project/usage')
// Variables
Http::post('/v1/project/variables')
->desc('Create Variable')
App::post('/v1/project/variables')
->desc('Create variable')
->groups(['api'])
->label('scope', 'projects.write')
->label('audits.event', 'variable.create')
@@ -341,8 +363,8 @@ Http::post('/v1/project/variables')
->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::get('/v1/project/variables')
->desc('List Variables')
App::get('/v1/project/variables')
->desc('List variables')
->groups(['api'])
->label('scope', 'projects.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -366,8 +388,8 @@ Http::get('/v1/project/variables')
]), Response::MODEL_VARIABLE_LIST);
});
Http::get('/v1/project/variables/:variableId')
->desc('Get Variable')
App::get('/v1/project/variables/:variableId')
->desc('Get variable')
->groups(['api'])
->label('scope', 'projects.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -390,8 +412,8 @@ Http::get('/v1/project/variables/:variableId')
$response->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::put('/v1/project/variables/:variableId')
->desc('Update Variable')
App::put('/v1/project/variables/:variableId')
->desc('Update variable')
->groups(['api'])
->label('scope', 'projects.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -436,8 +458,8 @@ Http::put('/v1/project/variables/:variableId')
$response->dynamic($variable, Response::MODEL_VARIABLE);
});
Http::delete('/v1/project/variables/:variableId')
->desc('Delete Variable')
App::delete('/v1/project/variables/:variableId')
->desc('Delete variable')
->groups(['api'])
->label('scope', 'projects.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
app/controllers/api/projects.php
+146 -151
View File
@@ -13,16 +13,14 @@ use Appwrite\Network\Validator\Origin;
use Appwrite\Template\Template;
use Appwrite\Utopia\Database\Validator\ProjectId;
use Appwrite\Utopia\Database\Validator\Queries\Projects;
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use PHPMailer\PHPMailer\PHPMailer;
use Utopia\Abuse\Adapters\Database\TimeLimit;
use Utopia\App;
use Utopia\Audit\Audit;
use Utopia\Cache\Cache;
use Utopia\Config\Config;
use Utopia\Database\Adapter\MariaDB;
use Utopia\Database\Adapter\MySQL;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
@@ -32,25 +30,24 @@ use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\UID;
use Utopia\Domains\Validator\PublicDomain;
use Utopia\DSN\DSN;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Hostname;
use Utopia\Http\Validator\Integer;
use Utopia\Http\Validator\Multiple;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\URL;
use Utopia\Http\Validator\WhiteList;
use Utopia\Locale\Locale;
use Utopia\Pools\Group;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Boolean;
use Utopia\Validator\Hostname;
use Utopia\Validator\Integer;
use Utopia\Validator\Multiple;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\URL;
use Utopia\Validator\WhiteList;
Http::init()
App::init()
->groups(['projects'])
->inject('project')
->action(function (Document $project) {
@@ -59,7 +56,7 @@ Http::init()
}
});
Http::post('/v1/projects')
App::post('/v1/projects')
->desc('Create project')
->groups(['api', 'projects'])
->label('audits.event', 'projects.create')
@@ -89,9 +86,8 @@ Http::post('/v1/projects')
->inject('cache')
->inject('pools')
->inject('hooks')
->inject('authorization')
->inject('connections')
->action(function (string $projectId, string $name, string $teamId, string $region, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, Request $request, Response $response, Database $dbForConsole, Cache $cache, array $pools, Hooks $hooks, Authorization $authorization, Connections $connections) {
->action(function (string $projectId, string $name, string $teamId, string $region, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, Request $request, Response $response, Database $dbForConsole, Cache $cache, Group $pools, Hooks $hooks) {
$team = $dbForConsole->getDocument('teams', $teamId);
if ($team->isEmpty()) {
@@ -193,21 +189,8 @@ Http::post('/v1/projects')
$dsn = new DSN('mysql://' . $dsn);
}
$pool = $pools['pools-database-' . $dsn->getHost()]['pool'];
$connectionDsn = $pools['pools-database-' . $dsn->getHost()]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = match ($connectionDsn->getScheme()) {
'mariadb' => new MariaDB($connection),
'mysql' => new MySQL($connection),
default => null
};
$adapter->setDatabase($connectionDsn->getPath());
$adapter = $pools->get($dsn->getHost())->pop()->getResource();
$dbForProject = new Database($adapter, $cache);
$dbForProject->setAuthorization($authorization);
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$dbForProject
@@ -225,8 +208,10 @@ Http::post('/v1/projects')
$audit = new Audit($dbForProject);
$audit->setup();
$abuse = new TimeLimit('', 0, 1, $dbForProject);
$abuse->setup();
/** @var array $collections */
$collections = Config::getParam('collections', [])['projects'] ?? [];
@@ -249,17 +234,17 @@ Http::post('/v1/projects')
// Collection already exists
}
}
$connections->reclaim();
// Hook allowing instant project mirroring during migration
// Outside of migration, hook is not registered and has no effect
$hooks->trigger('afterProjectCreation', [$project, $pools, $cache]);
$hooks->trigger('afterProjectCreation', [ $project, $pools, $cache ]);
$response
->setStatusCode(Response::STATUS_CODE_CREATED)
->dynamic($project, Response::MODEL_PROJECT);
});
Http::get('/v1/projects')
App::get('/v1/projects')
->desc('List projects')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
@@ -274,6 +259,7 @@ Http::get('/v1/projects')
->inject('response')
->inject('dbForConsole')
->action(function (array $queries, string $search, Response $response, Database $dbForConsole) {
try {
$queries = Query::parseQueries($queries);
} catch (QueryException $e) {
@@ -311,7 +297,7 @@ Http::get('/v1/projects')
]), Response::MODEL_PROJECT_LIST);
});
Http::get('/v1/projects/:projectId')
App::get('/v1/projects/:projectId')
->desc('Get project')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
@@ -325,6 +311,7 @@ Http::get('/v1/projects/:projectId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -334,7 +321,7 @@ Http::get('/v1/projects/:projectId')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId')
App::patch('/v1/projects/:projectId')
->desc('Update project')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -358,34 +345,31 @@ Http::patch('/v1/projects/:projectId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $name, string $description, string $logo, string $url, string $legalName, string $legalCountry, string $legalState, string $legalCity, string $legalAddress, string $legalTaxId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$project = $dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('name', $name)
->setAttribute('description', $description)
->setAttribute('logo', $logo)
->setAttribute('url', $url)
->setAttribute('legalName', $legalName)
->setAttribute('legalCountry', $legalCountry)
->setAttribute('legalState', $legalState)
->setAttribute('legalCity', $legalCity)
->setAttribute('legalAddress', $legalAddress)
->setAttribute('legalTaxId', $legalTaxId)
->setAttribute('search', implode(' ', [$projectId, $name]))
);
$project = $dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('name', $name)
->setAttribute('description', $description)
->setAttribute('logo', $logo)
->setAttribute('url', $url)
->setAttribute('legalName', $legalName)
->setAttribute('legalCountry', $legalCountry)
->setAttribute('legalState', $legalState)
->setAttribute('legalCity', $legalCity)
->setAttribute('legalAddress', $legalAddress)
->setAttribute('legalTaxId', $legalTaxId)
->setAttribute('search', implode(' ', [$projectId, $name])));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/team')
->desc('Update Project Team')
App::patch('/v1/projects/:projectId/team')
->desc('Update project team')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
@@ -399,6 +383,7 @@ Http::patch('/v1/projects/:projectId/team')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $teamId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
$team = $dbForConsole->getDocument('teams', $teamId);
@@ -451,7 +436,7 @@ Http::patch('/v1/projects/:projectId/team')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/service')
App::patch('/v1/projects/:projectId/service')
->desc('Update service status')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -467,6 +452,7 @@ Http::patch('/v1/projects/:projectId/service')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $service, bool $status, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -481,7 +467,7 @@ Http::patch('/v1/projects/:projectId/service')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/service/all')
App::patch('/v1/projects/:projectId/service/all')
->desc('Update all service status')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -496,6 +482,7 @@ Http::patch('/v1/projects/:projectId/service/all')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, bool $status, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -514,7 +501,7 @@ Http::patch('/v1/projects/:projectId/service/all')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/api')
App::patch('/v1/projects/:projectId/api')
->desc('Update API status')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -530,6 +517,7 @@ Http::patch('/v1/projects/:projectId/api')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $api, bool $status, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -544,7 +532,7 @@ Http::patch('/v1/projects/:projectId/api')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/api/all')
App::patch('/v1/projects/:projectId/api/all')
->desc('Update all API status')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -559,6 +547,7 @@ Http::patch('/v1/projects/:projectId/api/all')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, bool $status, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -577,7 +566,7 @@ Http::patch('/v1/projects/:projectId/api/all')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/oauth2')
App::patch('/v1/projects/:projectId/oauth2')
->desc('Update project OAuth2')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -595,6 +584,7 @@ Http::patch('/v1/projects/:projectId/oauth2')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $provider, ?string $appId, ?string $secret, ?bool $enabled, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -620,7 +610,7 @@ Http::patch('/v1/projects/:projectId/oauth2')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/session-alerts')
App::patch('/v1/projects/:projectId/auth/session-alerts')
->desc('Update project sessions emails')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -651,7 +641,7 @@ Http::patch('/v1/projects/:projectId/auth/session-alerts')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/limit')
App::patch('/v1/projects/:projectId/auth/limit')
->desc('Update project users limit')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -666,6 +656,7 @@ Http::patch('/v1/projects/:projectId/auth/limit')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, int $limit, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -675,17 +666,13 @@ Http::patch('/v1/projects/:projectId/auth/limit')
$auths = $project->getAttribute('auths', []);
$auths['limit'] = $limit;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/duration')
App::patch('/v1/projects/:projectId/auth/duration')
->desc('Update project authentication duration')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -700,6 +687,7 @@ Http::patch('/v1/projects/:projectId/auth/duration')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, int $duration, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -709,17 +697,13 @@ Http::patch('/v1/projects/:projectId/auth/duration')
$auths = $project->getAttribute('auths', []);
$auths['duration'] = $duration;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/:method')
App::patch('/v1/projects/:projectId/auth/:method')
->desc('Update project auth method status. Use this endpoint to enable or disable a given auth method for this project.')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -735,9 +719,10 @@ Http::patch('/v1/projects/:projectId/auth/:method')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $method, bool $status, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
$authConfig = Config::getParam('auth')[$method] ?? [];
$authKey = $authConfig['key'] ?? '';
$auth = Config::getParam('auth')[$method] ?? [];
$authKey = $auth['key'] ?? '';
$status = ($status === '1' || $status === 'true' || $status === 1 || $status === true);
if ($project->isEmpty()) {
@@ -752,7 +737,7 @@ Http::patch('/v1/projects/:projectId/auth/:method')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/password-history')
App::patch('/v1/projects/:projectId/auth/password-history')
->desc('Update authentication password history. Use this endpoint to set the number of password history to save and 0 to disable password history.')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -767,6 +752,7 @@ Http::patch('/v1/projects/:projectId/auth/password-history')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, int $limit, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -776,17 +762,13 @@ Http::patch('/v1/projects/:projectId/auth/password-history')
$auths = $project->getAttribute('auths', []);
$auths['passwordHistory'] = $limit;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/password-dictionary')
App::patch('/v1/projects/:projectId/auth/password-dictionary')
->desc('Update authentication password dictionary status. Use this endpoint to enable or disable the dicitonary check for user password')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -801,6 +783,7 @@ Http::patch('/v1/projects/:projectId/auth/password-dictionary')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, bool $enabled, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -810,17 +793,13 @@ Http::patch('/v1/projects/:projectId/auth/password-dictionary')
$auths = $project->getAttribute('auths', []);
$auths['passwordDictionary'] = $enabled;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/personal-data')
App::patch('/v1/projects/:projectId/auth/personal-data')
->desc('Enable or disable checking user passwords for similarity with their personal data.')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -835,6 +814,7 @@ Http::patch('/v1/projects/:projectId/auth/personal-data')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, bool $enabled, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -844,17 +824,13 @@ Http::patch('/v1/projects/:projectId/auth/personal-data')
$auths = $project->getAttribute('auths', []);
$auths['personalDataCheck'] = $enabled;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/max-sessions')
App::patch('/v1/projects/:projectId/auth/max-sessions')
->desc('Update project user sessions limit')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -869,6 +845,7 @@ Http::patch('/v1/projects/:projectId/auth/max-sessions')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, int $limit, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -878,17 +855,13 @@ Http::patch('/v1/projects/:projectId/auth/max-sessions')
$auths = $project->getAttribute('auths', []);
$auths['maxSessions'] = $limit;
$dbForConsole->updateDocument(
'projects',
$project->getId(),
$project
->setAttribute('auths', $auths)
);
$dbForConsole->updateDocument('projects', $project->getId(), $project
->setAttribute('auths', $auths));
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::patch('/v1/projects/:projectId/auth/mock-numbers')
App::patch('/v1/projects/:projectId/auth/mock-numbers')
->desc('Update the mock numbers for the project')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -927,7 +900,7 @@ Http::patch('/v1/projects/:projectId/auth/mock-numbers')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::delete('/v1/projects/:projectId')
App::delete('/v1/projects/:projectId')
->desc('Delete project')
->groups(['api', 'projects'])
->label('audits.event', 'projects.delete')
@@ -950,6 +923,7 @@ Http::delete('/v1/projects/:projectId')
}
$queueForDeletes
->setProject($project)
->setType(DELETE_TYPE_DOCUMENT)
->setDocument($project);
@@ -962,7 +936,7 @@ Http::delete('/v1/projects/:projectId')
// Webhooks
Http::post('/v1/projects/:projectId/webhooks')
App::post('/v1/projects/:projectId/webhooks')
->desc('Create webhook')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -983,13 +957,14 @@ Http::post('/v1/projects/:projectId/webhooks')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $name, bool $enabled, array $events, string $url, bool $security, string $httpUser, string $httpPass, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
$security = (bool)filter_var($security, FILTER_VALIDATE_BOOLEAN);
$security = (bool) filter_var($security, FILTER_VALIDATE_BOOLEAN);
$webhook = new Document([
'$id' => ID::unique(),
@@ -1019,7 +994,7 @@ Http::post('/v1/projects/:projectId/webhooks')
->dynamic($webhook, Response::MODEL_WEBHOOK);
});
Http::get('/v1/projects/:projectId/webhooks')
App::get('/v1/projects/:projectId/webhooks')
->desc('List webhooks')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
@@ -1033,6 +1008,7 @@ Http::get('/v1/projects/:projectId/webhooks')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1050,7 +1026,7 @@ Http::get('/v1/projects/:projectId/webhooks')
]), Response::MODEL_WEBHOOK_LIST);
});
Http::get('/v1/projects/:projectId/webhooks/:webhookId')
App::get('/v1/projects/:projectId/webhooks/:webhookId')
->desc('Get webhook')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
@@ -1065,6 +1041,7 @@ Http::get('/v1/projects/:projectId/webhooks/:webhookId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $webhookId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1083,7 +1060,7 @@ Http::get('/v1/projects/:projectId/webhooks/:webhookId')
$response->dynamic($webhook, Response::MODEL_WEBHOOK);
});
Http::put('/v1/projects/:projectId/webhooks/:webhookId')
App::put('/v1/projects/:projectId/webhooks/:webhookId')
->desc('Update webhook')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1105,6 +1082,7 @@ Http::put('/v1/projects/:projectId/webhooks/:webhookId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $webhookId, string $name, bool $enabled, array $events, string $url, bool $security, string $httpUser, string $httpPass, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1141,7 +1119,7 @@ Http::put('/v1/projects/:projectId/webhooks/:webhookId')
$response->dynamic($webhook, Response::MODEL_WEBHOOK);
});
Http::patch('/v1/projects/:projectId/webhooks/:webhookId/signature')
App::patch('/v1/projects/:projectId/webhooks/:webhookId/signature')
->desc('Update webhook signature key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1156,6 +1134,7 @@ Http::patch('/v1/projects/:projectId/webhooks/:webhookId/signature')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $webhookId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1179,7 +1158,7 @@ Http::patch('/v1/projects/:projectId/webhooks/:webhookId/signature')
$response->dynamic($webhook, Response::MODEL_WEBHOOK);
});
Http::delete('/v1/projects/:projectId/webhooks/:webhookId')
App::delete('/v1/projects/:projectId/webhooks/:webhookId')
->desc('Delete webhook')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1193,6 +1172,7 @@ Http::delete('/v1/projects/:projectId/webhooks/:webhookId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $webhookId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1217,10 +1197,10 @@ Http::delete('/v1/projects/:projectId/webhooks/:webhookId')
// Keys
Http::post('/v1/projects/:projectId/keys')
App::post('/v1/projects/:projectId/keys')
->desc('Create key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('scope', 'keys.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'createKey')
@@ -1234,6 +1214,7 @@ Http::post('/v1/projects/:projectId/keys')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $name, array $scopes, ?string $expire, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1266,10 +1247,10 @@ Http::post('/v1/projects/:projectId/keys')
->dynamic($key, Response::MODEL_KEY);
});
Http::get('/v1/projects/:projectId/keys')
App::get('/v1/projects/:projectId/keys')
->desc('List keys')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('scope', 'keys.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'listKeys')
@@ -1280,6 +1261,7 @@ Http::get('/v1/projects/:projectId/keys')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1297,10 +1279,10 @@ Http::get('/v1/projects/:projectId/keys')
]), Response::MODEL_KEY_LIST);
});
Http::get('/v1/projects/:projectId/keys/:keyId')
App::get('/v1/projects/:projectId/keys/:keyId')
->desc('Get key')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('scope', 'keys.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'getKey')
@@ -1312,6 +1294,7 @@ Http::get('/v1/projects/:projectId/keys/:keyId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $keyId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1330,10 +1313,10 @@ Http::get('/v1/projects/:projectId/keys/:keyId')
$response->dynamic($key, Response::MODEL_KEY);
});
Http::put('/v1/projects/:projectId/keys/:keyId')
App::put('/v1/projects/:projectId/keys/:keyId')
->desc('Update key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('scope', 'keys.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'updateKey')
@@ -1348,6 +1331,7 @@ Http::put('/v1/projects/:projectId/keys/:keyId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $keyId, string $name, array $scopes, ?string $expire, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1375,10 +1359,10 @@ Http::put('/v1/projects/:projectId/keys/:keyId')
$response->dynamic($key, Response::MODEL_KEY);
});
Http::delete('/v1/projects/:projectId/keys/:keyId')
App::delete('/v1/projects/:projectId/keys/:keyId')
->desc('Delete key')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('scope', 'keys.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'deleteKey')
@@ -1389,6 +1373,7 @@ Http::delete('/v1/projects/:projectId/keys/:keyId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $keyId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1413,7 +1398,7 @@ Http::delete('/v1/projects/:projectId/keys/:keyId')
// JWT Keys
Http::post('/v1/projects/:projectId/jwts')
App::post('/v1/projects/:projectId/jwts')
->groups(['api', 'projects'])
->desc('Create JWT')
->label('scope', 'projects.write')
@@ -1448,11 +1433,11 @@ Http::post('/v1/projects/:projectId/jwts')
// Platforms
Http::post('/v1/projects/:projectId/platforms')
App::post('/v1/projects/:projectId/platforms')
->desc('Create platform')
->groups(['api', 'projects'])
->label('audits.event', 'platforms.create')
->label('scope', 'projects.write')
->label('scope', 'platforms.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'createPlatform')
@@ -1499,10 +1484,10 @@ Http::post('/v1/projects/:projectId/platforms')
->dynamic($platform, Response::MODEL_PLATFORM);
});
Http::get('/v1/projects/:projectId/platforms')
App::get('/v1/projects/:projectId/platforms')
->desc('List platforms')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('scope', 'platforms.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'listPlatforms')
@@ -1513,6 +1498,7 @@ Http::get('/v1/projects/:projectId/platforms')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1530,10 +1516,10 @@ Http::get('/v1/projects/:projectId/platforms')
]), Response::MODEL_PLATFORM_LIST);
});
Http::get('/v1/projects/:projectId/platforms/:platformId')
App::get('/v1/projects/:projectId/platforms/:platformId')
->desc('Get platform')
->groups(['api', 'projects'])
->label('scope', 'projects.read')
->label('scope', 'platforms.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'getPlatform')
@@ -1545,6 +1531,7 @@ Http::get('/v1/projects/:projectId/platforms/:platformId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $platformId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1563,10 +1550,10 @@ Http::get('/v1/projects/:projectId/platforms/:platformId')
$response->dynamic($platform, Response::MODEL_PLATFORM);
});
Http::put('/v1/projects/:projectId/platforms/:platformId')
App::put('/v1/projects/:projectId/platforms/:platformId')
->desc('Update platform')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
->label('scope', 'platforms.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'updatePlatform')
@@ -1610,11 +1597,11 @@ Http::put('/v1/projects/:projectId/platforms/:platformId')
$response->dynamic($platform, Response::MODEL_PLATFORM);
});
Http::delete('/v1/projects/:projectId/platforms/:platformId')
App::delete('/v1/projects/:projectId/platforms/:platformId')
->desc('Delete platform')
->groups(['api', 'projects'])
->label('audits.event', 'platforms.delete')
->label('scope', 'projects.write')
->label('scope', 'platforms.write')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'projects')
->label('sdk.method', 'deletePlatform')
@@ -1625,6 +1612,7 @@ Http::delete('/v1/projects/:projectId/platforms/:platformId')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $platformId, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1649,7 +1637,7 @@ Http::delete('/v1/projects/:projectId/platforms/:platformId')
// CUSTOM SMTP and Templates
Http::patch('/v1/projects/:projectId/smtp')
App::patch('/v1/projects/:projectId/smtp')
->desc('Update SMTP')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1672,6 +1660,7 @@ Http::patch('/v1/projects/:projectId/smtp')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, bool $enabled, string $senderName, string $senderEmail, string $replyTo, string $host, int $port, string $username, string $password, string $secure, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1738,7 +1727,7 @@ Http::patch('/v1/projects/:projectId/smtp')
$response->dynamic($project, Response::MODEL_PROJECT);
});
Http::post('/v1/projects/:projectId/smtp/tests')
App::post('/v1/projects/:projectId/smtp/tests')
->desc('Create SMTP test')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1756,7 +1745,7 @@ Http::post('/v1/projects/:projectId/smtp/tests')
->param('port', 587, new Integer(), 'SMTP server port', true)
->param('username', '', new Text(0, 0), 'SMTP server username', true)
->param('password', '', new Text(0, 0), 'SMTP server password', true)
->param('secure', '', new WhiteList(['tls'], true), 'Does SMTP server use secure connection', true)
->param('secure', '', new WhiteList(['tls', 'ssl'], true), 'Does SMTP server use secure connection', true)
->inject('response')
->inject('dbForConsole')
->inject('queueForMails')
@@ -1797,7 +1786,7 @@ Http::post('/v1/projects/:projectId/smtp/tests')
return $response->noContent();
});
Http::get('/v1/projects/:projectId/templates/sms/:type/:locale')
App::get('/v1/projects/:projectId/templates/sms/:type/:locale')
->desc('Get custom SMS template')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1813,6 +1802,7 @@ Http::get('/v1/projects/:projectId/templates/sms/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, Response $response, Database $dbForConsole) {
throw new Exception(Exception::GENERAL_NOT_IMPLEMENTED);
$project = $dbForConsole->getDocument('projects', $projectId);
@@ -1822,7 +1812,7 @@ Http::get('/v1/projects/:projectId/templates/sms/:type/:locale')
}
$templates = $project->getAttribute('templates', []);
$template = $templates['sms.' . $type . '-' . $locale] ?? null;
$template = $templates['sms.' . $type . '-' . $locale] ?? null;
if (is_null($template)) {
$template = [
@@ -1837,7 +1827,7 @@ Http::get('/v1/projects/:projectId/templates/sms/:type/:locale')
});
Http::get('/v1/projects/:projectId/templates/email/:type/:locale')
App::get('/v1/projects/:projectId/templates/email/:type/:locale')
->desc('Get custom email template')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1853,6 +1843,7 @@ Http::get('/v1/projects/:projectId/templates/email/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1860,7 +1851,7 @@ Http::get('/v1/projects/:projectId/templates/email/:type/:locale')
}
$templates = $project->getAttribute('templates', []);
$template = $templates['email.' . $type . '-' . $locale] ?? null;
$template = $templates['email.' . $type . '-' . $locale] ?? null;
$localeObj = new Locale($locale);
if (is_null($template)) {
@@ -1868,7 +1859,7 @@ Http::get('/v1/projects/:projectId/templates/email/:type/:locale')
$message
->setParam('{{hello}}', $localeObj->getText("emails.{$type}.hello"))
->setParam('{{footer}}', $localeObj->getText("emails.{$type}.footer"))
->setParam('{{body}}', $localeObj->getText('emails.' . $type . '.body'), escape: false)
->setParam('{{body}}', $localeObj->getText('emails.' . $type . '.body'), escapeHtml: false)
->setParam('{{thanks}}', $localeObj->getText("emails.{$type}.thanks"))
->setParam('{{signature}}', $localeObj->getText("emails.{$type}.signature"))
->setParam('{{direction}}', $localeObj->getText('settings.direction'));
@@ -1888,7 +1879,7 @@ Http::get('/v1/projects/:projectId/templates/email/:type/:locale')
$response->dynamic(new Document($template), Response::MODEL_EMAIL_TEMPLATE);
});
Http::patch('/v1/projects/:projectId/templates/sms/:type/:locale')
App::patch('/v1/projects/:projectId/templates/sms/:type/:locale')
->desc('Update custom SMS template')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1905,6 +1896,7 @@ Http::patch('/v1/projects/:projectId/templates/sms/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, string $message, Response $response, Database $dbForConsole) {
throw new Exception(Exception::GENERAL_NOT_IMPLEMENTED);
$project = $dbForConsole->getDocument('projects', $projectId);
@@ -1927,7 +1919,7 @@ Http::patch('/v1/projects/:projectId/templates/sms/:type/:locale')
]), Response::MODEL_SMS_TEMPLATE);
});
Http::patch('/v1/projects/:projectId/templates/email/:type/:locale')
App::patch('/v1/projects/:projectId/templates/email/:type/:locale')
->desc('Update custom email templates')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1948,6 +1940,7 @@ Http::patch('/v1/projects/:projectId/templates/email/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, string $subject, string $message, string $senderName, string $senderEmail, string $replyTo, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -1976,7 +1969,7 @@ Http::patch('/v1/projects/:projectId/templates/email/:type/:locale')
]), Response::MODEL_EMAIL_TEMPLATE);
});
Http::delete('/v1/projects/:projectId/templates/sms/:type/:locale')
App::delete('/v1/projects/:projectId/templates/sms/:type/:locale')
->desc('Reset custom SMS template')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -1992,6 +1985,7 @@ Http::delete('/v1/projects/:projectId/templates/sms/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, Response $response, Database $dbForConsole) {
throw new Exception(Exception::GENERAL_NOT_IMPLEMENTED);
$project = $dbForConsole->getDocument('projects', $projectId);
@@ -2001,7 +1995,7 @@ Http::delete('/v1/projects/:projectId/templates/sms/:type/:locale')
}
$templates = $project->getAttribute('templates', []);
$template = $templates['sms.' . $type . '-' . $locale] ?? null;
$template = $templates['sms.' . $type . '-' . $locale] ?? null;
if (is_null($template)) {
throw new Exception(Exception::PROJECT_TEMPLATE_DEFAULT_DELETION);
@@ -2018,7 +2012,7 @@ Http::delete('/v1/projects/:projectId/templates/sms/:type/:locale')
]), Response::MODEL_SMS_TEMPLATE);
});
Http::delete('/v1/projects/:projectId/templates/email/:type/:locale')
App::delete('/v1/projects/:projectId/templates/email/:type/:locale')
->desc('Reset custom email template')
->groups(['api', 'projects'])
->label('scope', 'projects.write')
@@ -2034,6 +2028,7 @@ Http::delete('/v1/projects/:projectId/templates/email/:type/:locale')
->inject('response')
->inject('dbForConsole')
->action(function (string $projectId, string $type, string $locale, Response $response, Database $dbForConsole) {
$project = $dbForConsole->getDocument('projects', $projectId);
if ($project->isEmpty()) {
@@ -2041,7 +2036,7 @@ Http::delete('/v1/projects/:projectId/templates/email/:type/:locale')
}
$templates = $project->getAttribute('templates', []);
$template = $templates['email.' . $type . '-' . $locale] ?? null;
$template = $templates['email.' . $type . '-' . $locale] ?? null;
if (is_null($template)) {
throw new Exception(Exception::PROJECT_TEMPLATE_DEFAULT_DELETION);
app/controllers/api/proxy.php
+14 -14
View File
@@ -7,6 +7,7 @@ use Appwrite\Extend\Exception;
use Appwrite\Network\Validator\CNAME;
use Appwrite\Utopia\Database\Validator\Queries\Rules;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Exception\Query as QueryException;
@@ -14,16 +15,15 @@ use Utopia\Database\Helpers\ID;
use Utopia\Database\Query;
use Utopia\Database\Validator\UID;
use Utopia\Domains\Domain;
use Utopia\Http\Http;
use Utopia\Http\Validator\Domain as ValidatorDomain;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Logger\Log;
use Utopia\System\System;
use Utopia\Validator\Domain as ValidatorDomain;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
Http::post('/v1/proxy/rules')
App::post('/v1/proxy/rules')
->groups(['api', 'proxy'])
->desc('Create Rule')
->desc('Create rule')
->label('scope', 'rules.write')
->label('event', 'rules.[ruleId].create')
->label('audits.event', 'rule.create')
@@ -147,9 +147,9 @@ Http::post('/v1/proxy/rules')
->dynamic($rule, Response::MODEL_PROXY_RULE);
});
Http::get('/v1/proxy/rules')
App::get('/v1/proxy/rules')
->groups(['api', 'proxy'])
->desc('List Rules')
->desc('List rules')
->label('scope', 'rules.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'proxy')
@@ -210,9 +210,9 @@ Http::get('/v1/proxy/rules')
]), Response::MODEL_PROXY_RULE_LIST);
});
Http::get('/v1/proxy/rules/:ruleId')
App::get('/v1/proxy/rules/:ruleId')
->groups(['api', 'proxy'])
->desc('Get Rule')
->desc('Get rule')
->label('scope', 'rules.read')
->label('sdk.auth', [APP_AUTH_TYPE_ADMIN])
->label('sdk.namespace', 'proxy')
@@ -239,9 +239,9 @@ Http::get('/v1/proxy/rules/:ruleId')
$response->dynamic($rule, Response::MODEL_PROXY_RULE);
});
Http::delete('/v1/proxy/rules/:ruleId')
App::delete('/v1/proxy/rules/:ruleId')
->groups(['api', 'proxy'])
->desc('Delete Rule')
->desc('Delete rule')
->label('scope', 'rules.write')
->label('event', 'rules.[ruleId].delete')
->label('audits.event', 'rules.delete')
@@ -276,8 +276,8 @@ Http::delete('/v1/proxy/rules/:ruleId')
$response->noContent();
});
Http::patch('/v1/proxy/rules/:ruleId/verification')
->desc('Update Rule Verification Status')
App::patch('/v1/proxy/rules/:ruleId/verification')
->desc('Update rule verification status')
->groups(['api', 'proxy'])
->label('scope', 'rules.write')
->label('event', 'rules.[ruleId].update')
app/controllers/api/storage.php
+105 -110
View File
@@ -11,8 +11,8 @@ use Appwrite\OpenSSL\OpenSSL;
use Appwrite\Utopia\Database\Validator\CustomId;
use Appwrite\Utopia\Database\Validator\Queries\Buckets;
use Appwrite\Utopia\Database\Validator\Queries\Files;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\Document;
@@ -23,16 +23,8 @@ use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Authorization\Input;
use Utopia\Database\Validator\Permissions;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\HexColor;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Image\Image;
use Utopia\Storage\Compression\Algorithms\GZIP;
use Utopia\Storage\Compression\Algorithms\Zstd;
@@ -43,9 +35,16 @@ use Utopia\Storage\Validator\File;
use Utopia\Storage\Validator\FileExt;
use Utopia\Storage\Validator\FileSize;
use Utopia\Storage\Validator\Upload;
use Utopia\Swoole\Request;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Boolean;
use Utopia\Validator\HexColor;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
Http::post('/v1/storage/buckets')
App::post('/v1/storage/buckets')
->desc('Create bucket')
->groups(['api', 'storage'])
->label('scope', 'buckets.write')
@@ -143,7 +142,7 @@ Http::post('/v1/storage/buckets')
->dynamic($bucket, Response::MODEL_BUCKET);
});
Http::get('/v1/storage/buckets')
App::get('/v1/storage/buckets')
->desc('List buckets')
->groups(['api', 'storage'])
->label('scope', 'buckets.read')
@@ -197,7 +196,7 @@ Http::get('/v1/storage/buckets')
]), Response::MODEL_BUCKET_LIST);
});
Http::get('/v1/storage/buckets/:bucketId')
App::get('/v1/storage/buckets/:bucketId')
->desc('Get bucket')
->groups(['api', 'storage'])
->label('scope', 'buckets.read')
@@ -222,7 +221,7 @@ Http::get('/v1/storage/buckets/:bucketId')
$response->dynamic($bucket, Response::MODEL_BUCKET);
});
Http::put('/v1/storage/buckets/:bucketId')
App::put('/v1/storage/buckets/:bucketId')
->desc('Update bucket')
->groups(['api', 'storage'])
->label('scope', 'buckets.write')
@@ -289,7 +288,7 @@ Http::put('/v1/storage/buckets/:bucketId')
$response->dynamic($bucket, Response::MODEL_BUCKET);
});
Http::delete('/v1/storage/buckets/:bucketId')
App::delete('/v1/storage/buckets/:bucketId')
->desc('Delete bucket')
->groups(['api', 'storage'])
->label('scope', 'buckets.write')
@@ -330,7 +329,7 @@ Http::delete('/v1/storage/buckets/:bucketId')
$response->noContent();
});
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->alias('/v1/storage/files', ['bucketId' => 'default'])
->desc('Create file')
->groups(['api', 'storage'])
@@ -362,19 +361,19 @@ Http::post('/v1/storage/buckets/:bucketId/files')
->inject('mode')
->inject('deviceForFiles')
->inject('deviceForLocal')
->inject('authorization')
->action(function (string $bucketId, string $fileId, mixed $file, ?array $permissions, Request $request, Response $response, Database $dbForProject, Document $user, Event $queueForEvents, string $mode, Device $deviceForFiles, Device $deviceForLocal, Authorization $authorization) {
->action(function (string $bucketId, string $fileId, mixed $file, ?array $permissions, Request $request, Response $response, Database $dbForProject, Document $user, Event $queueForEvents, string $mode, Device $deviceForFiles, Device $deviceForLocal) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
if (!$authorization->isValid(new Input(Database::PERMISSION_CREATE, $bucket->getCreate()))) {
$validator = new Authorization(Database::PERMISSION_CREATE);
if (!$validator->isValid($bucket->getCreate())) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -398,7 +397,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
}
// Users can only manage their own roles, API keys and Admin users can manage any
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
if (!Auth::isAppUser($roles) && !Auth::isPrivilegedUser($roles)) {
foreach (Database::PERMISSIONS as $type) {
foreach ($permissions as $permission) {
@@ -411,7 +410,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
$permission->getIdentifier(),
$permission->getDimension()
))->toString();
if (!$authorization->isRole($role)) {
if (!Authorization::isRole($role)) {
throw new Exception(Exception::USER_UNAUTHORIZED, 'Permissions must be one of: (' . \implode(', ', $roles) . ')');
}
}
@@ -631,10 +630,11 @@ Http::post('/v1/storage/buckets/:bucketId/files')
* However as with chunk upload even if we are updating, we are essentially creating a file
* adding it's new chunk so we validate create permission instead of update
*/
if (!$authorization->isValid(new Input(Database::PERMISSION_CREATE, $bucket->getCreate()))) {
$validator = new Authorization(Database::PERMISSION_CREATE);
if (!$validator->isValid($bucket->getCreate())) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
$file = $authorization->skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
$file = Authorization::skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
}
} else {
if ($file->isEmpty()) {
@@ -669,10 +669,11 @@ Http::post('/v1/storage/buckets/:bucketId/files')
* However as with chunk upload even if we are updating, we are essentially creating a file
* adding it's new chunk so we validate create permission instead of update
*/
if (!$authorization->isValid(new Input(Database::PERMISSION_CREATE, $bucket->getCreate()))) {
$validator = new Authorization(Database::PERMISSION_CREATE);
if (!$validator->isValid($bucket->getCreate())) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
$file = $authorization->skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
$file = Authorization::skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
}
}
@@ -689,7 +690,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
->dynamic($file, Response::MODEL_FILE);
});
Http::get('/v1/storage/buckets/:bucketId/files')
App::get('/v1/storage/buckets/:bucketId/files')
->alias('/v1/storage/files', ['bucketId' => 'default'])
->desc('List files')
->groups(['api', 'storage'])
@@ -707,19 +708,19 @@ Http::get('/v1/storage/buckets/:bucketId/files')
->inject('response')
->inject('dbForProject')
->inject('mode')
->inject('authorization')
->action(function (string $bucketId, array $queries, string $search, Response $response, Database $dbForProject, string $mode, Authorization $authorization) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
->action(function (string $bucketId, array $queries, string $search, Response $response, Database $dbForProject, string $mode) {
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -748,7 +749,7 @@ Http::get('/v1/storage/buckets/:bucketId/files')
if ($fileSecurity && !$valid) {
$cursorDocument = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$cursorDocument = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$cursorDocument = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($cursorDocument->isEmpty()) {
@@ -764,8 +765,8 @@ Http::get('/v1/storage/buckets/:bucketId/files')
$files = $dbForProject->find('bucket_' . $bucket->getInternalId(), $queries);
$total = $dbForProject->count('bucket_' . $bucket->getInternalId(), $filterQueries, APP_LIMIT_COUNT);
} else {
$files = $authorization->skip(fn () => $dbForProject->find('bucket_' . $bucket->getInternalId(), $queries));
$total = $authorization->skip(fn () => $dbForProject->count('bucket_' . $bucket->getInternalId(), $filterQueries, APP_LIMIT_COUNT));
$files = Authorization::skip(fn () => $dbForProject->find('bucket_' . $bucket->getInternalId(), $queries));
$total = Authorization::skip(fn () => $dbForProject->count('bucket_' . $bucket->getInternalId(), $filterQueries, APP_LIMIT_COUNT));
}
$response->dynamic(new Document([
@@ -774,7 +775,7 @@ Http::get('/v1/storage/buckets/:bucketId/files')
]), Response::MODEL_FILE_LIST);
});
Http::get('/v1/storage/buckets/:bucketId/files/:fileId')
App::get('/v1/storage/buckets/:bucketId/files/:fileId')
->alias('/v1/storage/files/:fileId', ['bucketId' => 'default'])
->desc('Get file')
->groups(['api', 'storage'])
@@ -791,19 +792,19 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId')
->inject('response')
->inject('dbForProject')
->inject('mode')
->inject('authorization')
->action(function (string $bucketId, string $fileId, Response $response, Database $dbForProject, string $mode, Authorization $authorization) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
->action(function (string $bucketId, string $fileId, Response $response, Database $dbForProject, string $mode) {
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -811,7 +812,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId')
if ($fileSecurity && !$valid) {
$file = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($file->isEmpty()) {
@@ -821,7 +822,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId')
$response->dynamic($file, Response::MODEL_FILE);
});
Http::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
App::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
->alias('/v1/storage/files/:fileId/preview', ['bucketId' => 'default'])
->desc('Get file preview')
->groups(['api', 'storage'])
@@ -856,24 +857,24 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
->inject('mode')
->inject('deviceForFiles')
->inject('deviceForLocal')
->inject('authorization')
->action(function (string $bucketId, string $fileId, int $width, int $height, string $gravity, int $quality, int $borderWidth, string $borderColor, int $borderRadius, float $opacity, int $rotation, string $background, string $output, Request $request, Response $response, Document $project, Database $dbForProject, string $mode, Device $deviceForFiles, Device $deviceForLocal, Authorization $authorization) {
->action(function (string $bucketId, string $fileId, int $width, int $height, string $gravity, int $quality, int $borderWidth, string $borderColor, int $borderRadius, float $opacity, int $rotation, string $background, string $output, Request $request, Response $response, Document $project, Database $dbForProject, string $mode, Device $deviceForFiles, Device $deviceForLocal) {
if (!\extension_loaded('imagick')) {
throw new Exception(Exception::GENERAL_SERVER_ERROR, 'Imagick extension is missing');
}
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -881,17 +882,13 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
if ($fileSecurity && !$valid) {
$file = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($file->isEmpty()) {
throw new Exception(Exception::STORAGE_FILE_NOT_FOUND);
}
if ((\strpos($request->getAccept(), 'image/webp') === false) && ('webp' === $output)) { // Fallback webp to jpeg when no browser support
$output = 'jpg';
}
$inputs = Config::getParam('storage-inputs');
$outputs = Config::getParam('storage-outputs');
$fileLogos = Config::getParam('storage-logos');
@@ -997,7 +994,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
unset($image);
});
Http::get('/v1/storage/buckets/:bucketId/files/:fileId/download')
App::get('/v1/storage/buckets/:bucketId/files/:fileId/download')
->alias('/v1/storage/files/:fileId/download', ['bucketId' => 'default'])
->desc('Get file for download')
->groups(['api', 'storage'])
@@ -1016,20 +1013,20 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/download')
->inject('dbForProject')
->inject('mode')
->inject('deviceForFiles')
->inject('authorization')
->action(function (string $bucketId, string $fileId, Request $request, Response $response, Database $dbForProject, string $mode, Device $deviceForFiles, Authorization $authorization) {
->action(function (string $bucketId, string $fileId, Request $request, Response $response, Database $dbForProject, string $mode, Device $deviceForFiles) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -1037,7 +1034,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/download')
if ($fileSecurity && !$valid) {
$file = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($file->isEmpty()) {
@@ -1137,7 +1134,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/download')
}
});
Http::get('/v1/storage/buckets/:bucketId/files/:fileId/view')
App::get('/v1/storage/buckets/:bucketId/files/:fileId/view')
->alias('/v1/storage/files/:fileId/view', ['bucketId' => 'default'])
->desc('Get file for view')
->groups(['api', 'storage'])
@@ -1156,19 +1153,19 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/view')
->inject('dbForProject')
->inject('mode')
->inject('deviceForFiles')
->inject('authorization')
->action(function (string $bucketId, string $fileId, Response $response, Request $request, Database $dbForProject, string $mode, Device $deviceForFiles, Authorization $authorization) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
->action(function (string $bucketId, string $fileId, Response $response, Request $request, Database $dbForProject, string $mode, Device $deviceForFiles) {
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -1176,7 +1173,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/view')
if ($fileSecurity && !$valid) {
$file = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($file->isEmpty()) {
@@ -1289,7 +1286,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/view')
}
});
Http::get('/v1/storage/buckets/:bucketId/files/:fileId/push')
App::get('/v1/storage/buckets/:bucketId/files/:fileId/push')
->desc('Get file for push notification')
->groups(['api', 'storage'])
->label('scope', 'public')
@@ -1305,9 +1302,8 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/push')
->inject('project')
->inject('mode')
->inject('deviceForFiles')
->inject('authorization')
->action(function (string $bucketId, string $fileId, string $jwt, Response $response, Request $request, Database $dbForProject, Document $project, string $mode, Device $deviceForFiles, Authorization $authorization) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
->action(function (string $bucketId, string $fileId, string $jwt, Response $response, Request $request, Database $dbForProject, Document $project, string $mode, Device $deviceForFiles) {
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$decoder = new JWT(System::getEnv('_APP_OPENSSL_KEY_V1'), 'HS256', 3600, 0);
@@ -1325,14 +1321,14 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/push')
throw new Exception(Exception::USER_UNAUTHORIZED);
}
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
if ($file->isEmpty()) {
throw new Exception(Exception::STORAGE_FILE_NOT_FOUND);
@@ -1443,7 +1439,7 @@ Http::get('/v1/storage/buckets/:bucketId/files/:fileId/push')
}
});
Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
App::put('/v1/storage/buckets/:bucketId/files/:fileId')
->alias('/v1/storage/files/:fileId', ['bucketId' => 'default'])
->desc('Update file')
->groups(['api', 'storage'])
@@ -1470,26 +1466,26 @@ Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
->inject('user')
->inject('mode')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $bucketId, string $fileId, ?string $name, ?array $permissions, Response $response, Database $dbForProject, Document $user, string $mode, Event $queueForEvents, Authorization $authorization) {
->action(function (string $bucketId, string $fileId, ?string $name, ?array $permissions, Response $response, Database $dbForProject, Document $user, string $mode, Event $queueForEvents) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_UPDATE, $bucket->getUpdate()));
$validator = new Authorization(Database::PERMISSION_UPDATE);
$valid = $validator->isValid($bucket->getUpdate());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
// Read permission should not be required for update
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
if ($file->isEmpty()) {
throw new Exception(Exception::STORAGE_FILE_NOT_FOUND);
@@ -1503,7 +1499,7 @@ Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
]);
// Users can only manage their own roles, API keys and Admin users can manage any
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
if (!Auth::isAppUser($roles) && !Auth::isPrivilegedUser($roles) && !\is_null($permissions)) {
foreach (Database::PERMISSIONS as $type) {
foreach ($permissions as $permission) {
@@ -1516,7 +1512,7 @@ Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
$permission->getIdentifier(),
$permission->getDimension()
))->toString();
if (!$authorization->isRole($role)) {
if (!Authorization::isRole($role)) {
throw new Exception(Exception::USER_UNAUTHORIZED, 'Permissions must be one of: (' . \implode(', ', $roles) . ')');
}
}
@@ -1536,7 +1532,7 @@ Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
if ($fileSecurity && !$valid) {
$file = $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file);
} else {
$file = $authorization->skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
$file = Authorization::skip(fn () => $dbForProject->updateDocument('bucket_' . $bucket->getInternalId(), $fileId, $file));
}
$queueForEvents
@@ -1548,8 +1544,8 @@ Http::put('/v1/storage/buckets/:bucketId/files/:fileId')
$response->dynamic($file, Response::MODEL_FILE);
});
Http::delete('/v1/storage/buckets/:bucketId/files/:fileId')
->desc('Delete File')
App::delete('/v1/storage/buckets/:bucketId/files/:fileId')
->desc('Delete file')
->groups(['api', 'storage'])
->label('scope', 'files.write')
->label('event', 'buckets.[bucketId].files.[fileId].delete')
@@ -1572,32 +1568,32 @@ Http::delete('/v1/storage/buckets/:bucketId/files/:fileId')
->inject('mode')
->inject('deviceForFiles')
->inject('queueForDeletes')
->inject('authorization')
->action(function (string $bucketId, string $fileId, Response $response, Database $dbForProject, Event $queueForEvents, string $mode, Device $deviceForFiles, Delete $queueForDeletes, Authorization $authorization) {
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
->action(function (string $bucketId, string $fileId, Response $response, Database $dbForProject, Event $queueForEvents, string $mode, Device $deviceForFiles, Delete $queueForDeletes) {
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_DELETE, $bucket->getDelete()));
$validator = new Authorization(Database::PERMISSION_DELETE);
$valid = $validator->isValid($bucket->getDelete());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
// Read permission should not be required for delete
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
if ($file->isEmpty()) {
throw new Exception(Exception::STORAGE_FILE_NOT_FOUND);
}
// Make sure we don't delete the file before the document permission check occurs
if ($fileSecurity && !$valid && !$authorization->isValid(new Input(Database::PERMISSION_DELETE, $file->getDelete()))) {
if ($fileSecurity && !$valid && !$validator->isValid($file->getDelete())) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -1621,7 +1617,7 @@ Http::delete('/v1/storage/buckets/:bucketId/files/:fileId')
if ($fileSecurity && !$valid) {
$deleted = $dbForProject->deleteDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$deleted = $authorization->skip(fn () => $dbForProject->deleteDocument('bucket_' . $bucket->getInternalId(), $fileId));
$deleted = Authorization::skip(fn () => $dbForProject->deleteDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if (!$deleted) {
@@ -1641,7 +1637,7 @@ Http::delete('/v1/storage/buckets/:bucketId/files/:fileId')
$response->noContent();
});
Http::get('/v1/storage/usage')
App::get('/v1/storage/usage')
->desc('Get storage usage stats')
->groups(['api', 'storage'])
->label('scope', 'files.read')
@@ -1654,8 +1650,7 @@ Http::get('/v1/storage/usage')
->param('range', '30d', new WhiteList(['24h', '30d', '90d'], true), 'Date range.', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $range, Response $response, Database $dbForProject, Authorization $authorization) {
->action(function (string $range, Response $response, Database $dbForProject) {
$periods = Config::getParam('usage', []);
$stats = $usage = [];
@@ -1667,7 +1662,7 @@ Http::get('/v1/storage/usage')
];
$total = [];
$authorization->skip(function () use ($dbForProject, $days, $metrics, &$stats, &$total) {
Authorization::skip(function () use ($dbForProject, $days, $metrics, &$stats, &$total) {
foreach ($metrics as $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
@@ -1721,7 +1716,7 @@ Http::get('/v1/storage/usage')
]), Response::MODEL_USAGE_STORAGE);
});
Http::get('/v1/storage/:bucketId/usage')
App::get('/v1/storage/:bucketId/usage')
->desc('Get bucket usage stats')
->groups(['api', 'storage'])
->label('scope', 'files.read')
@@ -1735,8 +1730,7 @@ Http::get('/v1/storage/:bucketId/usage')
->param('range', '30d', new WhiteList(['24h', '30d', '90d'], true), 'Date range.', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $bucketId, string $range, Response $response, Database $dbForProject, Authorization $authorization) {
->action(function (string $bucketId, string $range, Response $response, Database $dbForProject) {
$bucket = $dbForProject->getDocument('buckets', $bucketId);
@@ -1752,7 +1746,8 @@ Http::get('/v1/storage/:bucketId/usage')
str_replace('{bucketInternalId}', $bucket->getInternalId(), METRIC_BUCKET_ID_FILES_STORAGE),
];
$authorization->skip(function () use ($dbForProject, $days, $metrics, &$stats, &$total) {
Authorization::skip(function () use ($dbForProject, $days, $metrics, &$stats, &$total) {
foreach ($metrics as $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
app/controllers/api/teams.php
+72 -59
View File
@@ -1,7 +1,6 @@
<?php
use Appwrite\Auth\Auth;
use Appwrite\Auth\Authentication;
use Appwrite\Auth\MFA\Type\TOTP;
use Appwrite\Auth\Validator\Phone;
use Appwrite\Detector\Detector;
@@ -19,6 +18,7 @@ use Appwrite\Utopia\Database\Validator\Queries\Teams;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\Audit\Audit;
use Utopia\Config\Config;
use Utopia\Database\Database;
@@ -37,15 +37,15 @@ use Utopia\Database\Validator\Queries;
use Utopia\Database\Validator\Query\Limit;
use Utopia\Database\Validator\Query\Offset;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Assoc;
use Utopia\Http\Validator\Host;
use Utopia\Http\Validator\Text;
use Utopia\Locale\Locale;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Assoc;
use Utopia\Validator\Host;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
Http::post('/v1/teams')
App::post('/v1/teams')
->desc('Create team')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].create')
@@ -66,16 +66,15 @@ Http::post('/v1/teams')
->inject('user')
->inject('dbForProject')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $teamId, string $name, array $roles, Response $response, Document $user, Database $dbForProject, Event $queueForEvents, Authorization $authorization) {
->action(function (string $teamId, string $name, array $roles, Response $response, Document $user, Database $dbForProject, Event $queueForEvents) {
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAppUser = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$isAppUser = Auth::isAppUser(Authorization::getRoles());
$teamId = $teamId == 'unique()' ? ID::unique() : $teamId;
try {
$team = $authorization->skip(fn () => $dbForProject->createDocument('teams', new Document([
$team = Authorization::skip(fn () => $dbForProject->createDocument('teams', new Document([
'$id' => $teamId,
'$permissions' => [
Permission::read(Role::team($teamId)),
@@ -134,7 +133,7 @@ Http::post('/v1/teams')
->dynamic($team, Response::MODEL_TEAM);
});
Http::get('/v1/teams')
App::get('/v1/teams')
->desc('List teams')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -192,7 +191,7 @@ Http::get('/v1/teams')
]), Response::MODEL_TEAM_LIST);
});
Http::get('/v1/teams/:teamId')
App::get('/v1/teams/:teamId')
->desc('Get team')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -219,7 +218,7 @@ Http::get('/v1/teams/:teamId')
$response->dynamic($team, Response::MODEL_TEAM);
});
Http::get('/v1/teams/:teamId/prefs')
App::get('/v1/teams/:teamId/prefs')
->desc('Get team preferences')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -247,7 +246,7 @@ Http::get('/v1/teams/:teamId/prefs')
$response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES);
});
Http::put('/v1/teams/:teamId')
App::put('/v1/teams/:teamId')
->desc('Update name')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].update')
@@ -290,7 +289,7 @@ Http::put('/v1/teams/:teamId')
$response->dynamic($team, Response::MODEL_TEAM);
});
Http::put('/v1/teams/:teamId/prefs')
App::put('/v1/teams/:teamId/prefs')
->desc('Update preferences')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].update.prefs')
@@ -326,7 +325,7 @@ Http::put('/v1/teams/:teamId/prefs')
$response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES);
});
Http::delete('/v1/teams/:teamId')
App::delete('/v1/teams/:teamId')
->desc('Delete team')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].delete')
@@ -375,7 +374,7 @@ Http::delete('/v1/teams/:teamId')
$response->noContent();
});
Http::post('/v1/teams/:teamId/memberships')
App::post('/v1/teams/:teamId/memberships')
->desc('Create team membership')
->groups(['api', 'teams', 'auth'])
->label('event', 'teams.[teamId].memberships.[membershipId].create')
@@ -396,7 +395,17 @@ Http::post('/v1/teams/:teamId/memberships')
->param('email', '', new Email(), 'Email of the new team member.', true)
->param('userId', '', new UID(), 'ID of the user to be added to a team.', true)
->param('phone', '', new Phone(), 'Phone number. Format this number with a leading \'+\' and a country code, e.g., +16175551212.', true)
->param('roles', [], new ArrayList(new Key(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](https://appwrite.io/docs/permissions). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 32 characters long.')
->param('roles', [], function (Document $project) {
if ($project->getId() === 'console') {
;
$roles = array_keys(Config::getParam('roles', []));
array_filter($roles, function ($role) {
return !in_array($role, [Auth::USER_ROLE_APPS, Auth::USER_ROLE_GUESTS, Auth::USER_ROLE_USERS]);
});
return new ArrayList(new WhiteList($roles), APP_LIMIT_ARRAY_PARAMS_SIZE);
}
return new ArrayList(new Key(), APP_LIMIT_ARRAY_PARAMS_SIZE);
}, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](https://appwrite.io/docs/permissions). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 32 characters long.', false, ['project'])
->param('url', '', fn ($clients) => new Host($clients), 'URL to redirect the user back to your app from the invitation email. This parameter is not required when an API key is supplied. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients']) // TODO add our own built-in confirm page
->param('name', '', new Text(128), 'Name of the new team member. Max length: 128 chars.', true)
->inject('response')
@@ -407,10 +416,9 @@ Http::post('/v1/teams/:teamId/memberships')
->inject('queueForMails')
->inject('queueForMessaging')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $teamId, string $email, string $userId, string $phone, array $roles, string $url, string $name, Response $response, Document $project, Document $user, Database $dbForProject, Locale $locale, Mail $queueForMails, Messaging $queueForMessaging, Event $queueForEvents, Authorization $authorization) {
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
->action(function (string $teamId, string $email, string $userId, string $phone, array $roles, string $url, string $name, Response $response, Document $project, Document $user, Database $dbForProject, Locale $locale, Mail $queueForMails, Messaging $queueForMessaging, Event $queueForEvents) {
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$url = htmlentities($url);
if (empty($url)) {
@@ -422,8 +430,8 @@ Http::post('/v1/teams/:teamId/memberships')
if (empty($userId) && empty($email) && empty($phone)) {
throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, 'At least one of userId, email, or phone is required');
}
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAppUser = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$isAppUser = Auth::isAppUser(Authorization::getRoles());
if (!$isPrivilegedUser && !$isAppUser && empty(System::getEnv('_APP_SMTP_HOST'))) {
throw new Exception(Exception::GENERAL_SMTP_DISABLED);
@@ -483,7 +491,7 @@ Http::post('/v1/teams/:teamId/memberships')
try {
$userId = ID::unique();
$invitee = $authorization->skip(fn () => $dbForProject->createDocument('users', new Document([
$invitee = Authorization::skip(fn () => $dbForProject->createDocument('users', new Document([
'$id' => $userId,
'$permissions' => [
Permission::read(Role::any()),
@@ -519,7 +527,7 @@ Http::post('/v1/teams/:teamId/memberships')
}
}
$isOwner = $authorization->isRole('team:' . $team->getId() . '/owner');
$isOwner = Authorization::isRole('team:' . $team->getId() . '/owner');
if (!$isOwner && !$isPrivilegedUser && !$isAppUser) { // Not owner, not admin, not app (server)
throw new Exception(Exception::USER_UNAUTHORIZED, 'User is not allowed to send invitations for this team');
@@ -551,12 +559,12 @@ Http::post('/v1/teams/:teamId/memberships')
if ($isPrivilegedUser || $isAppUser) { // Allow admin to create membership
try {
$membership = $authorization->skip(fn () => $dbForProject->createDocument('memberships', $membership));
$membership = Authorization::skip(fn () => $dbForProject->createDocument('memberships', $membership));
} catch (Duplicate $th) {
throw new Exception(Exception::TEAM_INVITE_ALREADY_EXISTS);
}
$authorization->skip(fn () => $dbForProject->increaseDocumentAttribute('teams', $team->getId(), 'total', 1));
Authorization::skip(fn () => $dbForProject->increaseDocumentAttribute('teams', $team->getId(), 'total', 1));
$dbForProject->purgeCachedDocument('users', $invitee->getId());
} else {
@@ -578,7 +586,7 @@ Http::post('/v1/teams/:teamId/memberships')
$message = Template::fromFile(__DIR__ . '/../../config/locale/templates/email-inner-base.tpl');
$message
->setParam('{{body}}', $body, escape: false)
->setParam('{{body}}', $body, escapeHtml: false)
->setParam('{{hello}}', $locale->getText("emails.invitation.hello"))
->setParam('{{footer}}', $locale->getText("emails.invitation.footer"))
->setParam('{{thanks}}', $locale->getText("emails.invitation.thanks"))
@@ -696,7 +704,7 @@ Http::post('/v1/teams/:teamId/memberships')
);
});
Http::get('/v1/teams/:teamId/memberships')
App::get('/v1/teams/:teamId/memberships')
->desc('List team memberships')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -799,7 +807,7 @@ Http::get('/v1/teams/:teamId/memberships')
]), Response::MODEL_MEMBERSHIP_LIST);
});
Http::get('/v1/teams/:teamId/memberships/:membershipId')
App::get('/v1/teams/:teamId/memberships/:membershipId')
->desc('Get team membership')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -855,7 +863,7 @@ Http::get('/v1/teams/:teamId/memberships/:membershipId')
$response->dynamic($membership, Response::MODEL_MEMBERSHIP);
});
Http::patch('/v1/teams/:teamId/memberships/:membershipId')
App::patch('/v1/teams/:teamId/memberships/:membershipId')
->desc('Update membership')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].memberships.[membershipId].update')
@@ -871,14 +879,23 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId')
->label('sdk.response.model', Response::MODEL_MEMBERSHIP)
->param('teamId', '', new UID(), 'Team ID.')
->param('membershipId', '', new UID(), 'Membership ID.')
->param('roles', [], new ArrayList(new Key(), APP_LIMIT_ARRAY_PARAMS_SIZE), 'An array of strings. Use this param to set the user\'s roles in the team. A role can be any string. Learn more about [roles and permissions](https://appwrite.io/docs/permissions). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 32 characters long.')
->param('roles', [], function (Document $project) {
if ($project->getId() === 'console') {
;
$roles = array_keys(Config::getParam('roles', []));
array_filter($roles, function ($role) {
return !in_array($role, [Auth::USER_ROLE_APPS, Auth::USER_ROLE_GUESTS, Auth::USER_ROLE_USERS]);
});
return new ArrayList(new WhiteList($roles), APP_LIMIT_ARRAY_PARAMS_SIZE);
}
return new ArrayList(new Key(), APP_LIMIT_ARRAY_PARAMS_SIZE);
}, 'An array of strings. Use this param to set the user\'s roles in the team. A role can be any string. Learn more about [roles and permissions](https://appwrite.io/docs/permissions). Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' roles are allowed, each 32 characters long.', false, ['project'])
->inject('request')
->inject('response')
->inject('user')
->inject('dbForProject')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $teamId, string $membershipId, array $roles, Request $request, Response $response, Document $user, Database $dbForProject, Event $queueForEvents, Authorization $authorization) {
->action(function (string $teamId, string $membershipId, array $roles, Request $request, Response $response, Document $user, Database $dbForProject, Event $queueForEvents) {
$team = $dbForProject->getDocument('teams', $teamId);
if ($team->isEmpty()) {
@@ -895,9 +912,9 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId')
throw new Exception(Exception::USER_NOT_FOUND);
}
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAppUser = Auth::isAppUser($authorization->getRoles());
$isOwner = $authorization->isRole('team:' . $team->getId() . '/owner');
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$isAppUser = Auth::isAppUser(Authorization::getRoles());
$isOwner = Authorization::isRole('team:' . $team->getId() . '/owner');
if (!$isOwner && !$isPrivilegedUser && !$isAppUser) { // Not owner, not admin, not app (server)
throw new Exception(Exception::USER_UNAUTHORIZED, 'User is not allowed to modify roles');
@@ -928,7 +945,7 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId')
);
});
Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
App::patch('/v1/teams/:teamId/memberships/:membershipId/status')
->desc('Update team membership status')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].memberships.[membershipId].update.status')
@@ -954,9 +971,7 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
->inject('project')
->inject('geodb')
->inject('queueForEvents')
->inject('authorization')
->inject('authentication')
->action(function (string $teamId, string $membershipId, string $userId, string $secret, Request $request, Response $response, Document $user, Database $dbForProject, Document $project, Reader $geodb, Event $queueForEvents, Authorization $authorization, Authentication $authentication) {
->action(function (string $teamId, string $membershipId, string $userId, string $secret, Request $request, Response $response, Document $user, Database $dbForProject, Document $project, Reader $geodb, Event $queueForEvents) {
$protocol = $request->getProtocol();
$membership = $dbForProject->getDocument('memberships', $membershipId);
@@ -965,7 +980,7 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
throw new Exception(Exception::MEMBERSHIP_NOT_FOUND);
}
$team = $authorization->skip(fn () => $dbForProject->getDocument('teams', $teamId));
$team = Authorization::skip(fn () => $dbForProject->getDocument('teams', $teamId));
if ($team->isEmpty()) {
throw new Exception(Exception::TEAM_NOT_FOUND);
@@ -1000,11 +1015,11 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
->setAttribute('confirm', true)
;
$authorization->skip(fn () => $dbForProject->updateDocument('users', $user->getId(), $user->setAttribute('emailVerification', true)));
Authorization::skip(fn () => $dbForProject->updateDocument('users', $user->getId(), $user->setAttribute('emailVerification', true)));
// Log user in
$authorization->addRole(Role::user($user->getId())->toString());
Authorization::setRole(Role::user($user->getId())->toString());
$detector = new Detector($request->getUserAgent('UNKNOWN'));
$record = $geodb->get($request->getIP());
@@ -1034,13 +1049,13 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
$dbForProject->purgeCachedDocument('users', $user->getId());
$authorization->addRole(Role::user($userId)->toString());
Authorization::setRole(Role::user($userId)->toString());
$membership = $dbForProject->updateDocument('memberships', $membership->getId(), $membership);
$dbForProject->purgeCachedDocument('users', $user->getId());
$authorization->skip(fn () => $dbForProject->increaseDocumentAttribute('teams', $team->getId(), 'total', 1));
Authorization::skip(fn () => $dbForProject->increaseDocumentAttribute('teams', $team->getId(), 'total', 1));
$queueForEvents
->setParam('userId', $user->getId())
@@ -1050,13 +1065,13 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
if (!Config::getParam('domainVerification')) {
$response
->addHeader('X-Fallback-Cookies', \json_encode([$authentication->getCookieName() => Auth::encodeSession($user->getId(), $secret)]))
->addHeader('X-Fallback-Cookies', \json_encode([Auth::$cookieName => Auth::encodeSession($user->getId(), $secret)]))
;
}
$response
->addCookie($authentication->getCookieName() . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
->addCookie($authentication->getCookieName(), Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
;
$response->dynamic(
@@ -1068,7 +1083,7 @@ Http::patch('/v1/teams/:teamId/memberships/:membershipId/status')
);
});
Http::delete('/v1/teams/:teamId/memberships/:membershipId')
App::delete('/v1/teams/:teamId/memberships/:membershipId')
->desc('Delete team membership')
->groups(['api', 'teams'])
->label('event', 'teams.[teamId].memberships.[membershipId].delete')
@@ -1086,8 +1101,7 @@ Http::delete('/v1/teams/:teamId/memberships/:membershipId')
->inject('response')
->inject('dbForProject')
->inject('queueForEvents')
->inject('authorization')
->action(function (string $teamId, string $membershipId, Response $response, Database $dbForProject, Event $queueForEvents, Authorization $authorization) {
->action(function (string $teamId, string $membershipId, Response $response, Database $dbForProject, Event $queueForEvents) {
$membership = $dbForProject->getDocument('memberships', $membershipId);
@@ -1122,7 +1136,7 @@ Http::delete('/v1/teams/:teamId/memberships/:membershipId')
$dbForProject->purgeCachedDocument('users', $user->getId());
if ($membership->getAttribute('confirm')) { // Count only confirmed members
$authorization->skip(fn () => $dbForProject->decreaseDocumentAttribute('teams', $team->getId(), 'total', 1, 0));
Authorization::skip(fn () => $dbForProject->decreaseDocumentAttribute('teams', $team->getId(), 'total', 1, 0));
}
$queueForEvents
@@ -1135,7 +1149,7 @@ Http::delete('/v1/teams/:teamId/memberships/:membershipId')
$response->noContent();
});
Http::get('/v1/teams/:teamId/logs')
App::get('/v1/teams/:teamId/logs')
->desc('List team logs')
->groups(['api', 'teams'])
->label('scope', 'teams.read')
@@ -1152,8 +1166,7 @@ Http::get('/v1/teams/:teamId/logs')
->inject('dbForProject')
->inject('locale')
->inject('geodb')
->inject('authorization')
->action(function (string $teamId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb, Authorization $authorization) {
->action(function (string $teamId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb) {
$team = $dbForProject->getDocument('teams', $teamId);
app/controllers/api/users.php
+65 -66
View File
@@ -22,6 +22,7 @@ use Appwrite\Utopia\Database\Validator\Queries\Users;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\Audit\Audit;
use Utopia\Config\Config;
use Utopia\Database\Database;
@@ -38,16 +39,15 @@ use Utopia\Database\Validator\Queries;
use Utopia\Database\Validator\Query\Limit;
use Utopia\Database\Validator\Query\Offset;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Validator\ArrayList;
use Utopia\Http\Validator\Assoc;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Integer;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Locale\Locale;
use Utopia\System\System;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Assoc;
use Utopia\Validator\Boolean;
use Utopia\Validator\Integer;
use Utopia\Validator\Range;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
/** TODO: Remove function when we move to using utopia/platform */
function createUser(string $hash, mixed $hashOptions, string $userId, ?string $email, ?string $password, ?string $phone, string $name, Document $project, Database $dbForProject, Event $queueForEvents, Hooks $hooks): Document
@@ -180,7 +180,7 @@ function createUser(string $hash, mixed $hashOptions, string $userId, ?string $e
return $user;
}
Http::post('/v1/users')
App::post('/v1/users')
->desc('Create user')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -211,7 +211,7 @@ Http::post('/v1/users')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/bcrypt')
App::post('/v1/users/bcrypt')
->desc('Create user with bcrypt password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -242,7 +242,7 @@ Http::post('/v1/users/bcrypt')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/md5')
App::post('/v1/users/md5')
->desc('Create user with MD5 password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -273,7 +273,7 @@ Http::post('/v1/users/md5')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/argon2')
App::post('/v1/users/argon2')
->desc('Create user with Argon2 password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -304,7 +304,7 @@ Http::post('/v1/users/argon2')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/sha')
App::post('/v1/users/sha')
->desc('Create user with SHA password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -342,7 +342,7 @@ Http::post('/v1/users/sha')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/phpass')
App::post('/v1/users/phpass')
->desc('Create user with PHPass password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -373,7 +373,7 @@ Http::post('/v1/users/phpass')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/scrypt')
App::post('/v1/users/scrypt')
->desc('Create user with Scrypt password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -417,7 +417,7 @@ Http::post('/v1/users/scrypt')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/scrypt-modified')
App::post('/v1/users/scrypt-modified')
->desc('Create user with Scrypt modified password')
->groups(['api', 'users'])
->label('event', 'users.[userId].create')
@@ -451,8 +451,8 @@ Http::post('/v1/users/scrypt-modified')
->dynamic($user, Response::MODEL_USER);
});
Http::post('/v1/users/:userId/targets')
->desc('Create User Target')
App::post('/v1/users/:userId/targets')
->desc('Create user target')
->groups(['api', 'users'])
->label('audits.event', 'target.create')
->label('audits.resource', 'target/response.$id')
@@ -540,7 +540,7 @@ Http::post('/v1/users/:userId/targets')
->dynamic($target, Response::MODEL_TARGET);
});
Http::get('/v1/users')
App::get('/v1/users')
->desc('List users')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -594,7 +594,7 @@ Http::get('/v1/users')
]), Response::MODEL_USER_LIST);
});
Http::get('/v1/users/:userId')
App::get('/v1/users/:userId')
->desc('Get user')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -619,7 +619,7 @@ Http::get('/v1/users/:userId')
$response->dynamic($user, Response::MODEL_USER);
});
Http::get('/v1/users/:userId/prefs')
App::get('/v1/users/:userId/prefs')
->desc('Get user preferences')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -646,8 +646,8 @@ Http::get('/v1/users/:userId/prefs')
$response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES);
});
Http::get('/v1/users/:userId/targets/:targetId')
->desc('Get User Target')
App::get('/v1/users/:userId/targets/:targetId')
->desc('Get user target')
->groups(['api', 'users'])
->label('scope', 'targets.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_ADMIN])
@@ -678,7 +678,7 @@ Http::get('/v1/users/:userId/targets/:targetId')
$response->dynamic($target, Response::MODEL_TARGET);
});
Http::get('/v1/users/:userId/sessions')
App::get('/v1/users/:userId/sessions')
->desc('List user sessions')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -719,7 +719,7 @@ Http::get('/v1/users/:userId/sessions')
]), Response::MODEL_SESSION_LIST);
});
Http::get('/v1/users/:userId/memberships')
App::get('/v1/users/:userId/memberships')
->desc('List user memberships')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -758,7 +758,7 @@ Http::get('/v1/users/:userId/memberships')
]), Response::MODEL_MEMBERSHIP_LIST);
});
Http::get('/v1/users/:userId/logs')
App::get('/v1/users/:userId/logs')
->desc('List user logs')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -775,8 +775,7 @@ Http::get('/v1/users/:userId/logs')
->inject('dbForProject')
->inject('locale')
->inject('geodb')
->inject('authorization')
->action(function (string $userId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb, Authorization $authorization) {
->action(function (string $userId, array $queries, Response $response, Database $dbForProject, Locale $locale, Reader $geodb) {
$user = $dbForProject->getDocument('users', $userId);
@@ -848,8 +847,8 @@ Http::get('/v1/users/:userId/logs')
]), Response::MODEL_LOG_LIST);
});
Http::get('/v1/users/:userId/targets')
->desc('List User Targets')
App::get('/v1/users/:userId/targets')
->desc('List user targets')
->groups(['api', 'users'])
->label('scope', 'targets.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_ADMIN])
@@ -903,8 +902,8 @@ Http::get('/v1/users/:userId/targets')
]), Response::MODEL_TARGET_LIST);
});
Http::get('/v1/users/identities')
->desc('List Identities')
App::get('/v1/users/identities')
->desc('List identities')
->groups(['api', 'users'])
->label('scope', 'users.read')
->label('sdk.auth', [APP_AUTH_TYPE_KEY])
@@ -957,7 +956,7 @@ Http::get('/v1/users/identities')
]), Response::MODEL_IDENTITY_LIST);
});
Http::patch('/v1/users/:userId/status')
App::patch('/v1/users/:userId/status')
->desc('Update user status')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.status')
@@ -993,7 +992,7 @@ Http::patch('/v1/users/:userId/status')
$response->dynamic($user, Response::MODEL_USER);
});
Http::put('/v1/users/:userId/labels')
App::put('/v1/users/:userId/labels')
->desc('Update user labels')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.labels')
@@ -1030,7 +1029,7 @@ Http::put('/v1/users/:userId/labels')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/verification/phone')
App::patch('/v1/users/:userId/verification/phone')
->desc('Update phone verification')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.verification')
@@ -1065,7 +1064,7 @@ Http::patch('/v1/users/:userId/verification/phone')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/name')
App::patch('/v1/users/:userId/name')
->desc('Update name')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.name')
@@ -1102,7 +1101,7 @@ Http::patch('/v1/users/:userId/name')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/password')
App::patch('/v1/users/:userId/password')
->desc('Update password')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.password')
@@ -1179,7 +1178,7 @@ Http::patch('/v1/users/:userId/password')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/email')
App::patch('/v1/users/:userId/email')
->desc('Update email')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.email')
@@ -1274,7 +1273,7 @@ Http::patch('/v1/users/:userId/email')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/phone')
App::patch('/v1/users/:userId/phone')
->desc('Update phone')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.phone')
@@ -1357,7 +1356,7 @@ Http::patch('/v1/users/:userId/phone')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/verification')
App::patch('/v1/users/:userId/verification')
->desc('Update email verification')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.verification')
@@ -1392,7 +1391,7 @@ Http::patch('/v1/users/:userId/verification')
$response->dynamic($user, Response::MODEL_USER);
});
Http::patch('/v1/users/:userId/prefs')
App::patch('/v1/users/:userId/prefs')
->desc('Update user preferences')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.prefs')
@@ -1425,8 +1424,8 @@ Http::patch('/v1/users/:userId/prefs')
$response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES);
});
Http::patch('/v1/users/:userId/targets/:targetId')
->desc('Update User target')
App::patch('/v1/users/:userId/targets/:targetId')
->desc('Update user target')
->groups(['api', 'users'])
->label('audits.event', 'target.update')
->label('audits.resource', 'target/{response.$id}')
@@ -1519,7 +1518,7 @@ Http::patch('/v1/users/:userId/targets/:targetId')
->dynamic($target, Response::MODEL_TARGET);
});
Http::patch('/v1/users/:userId/mfa')
App::patch('/v1/users/:userId/mfa')
->desc('Update MFA')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.mfa')
@@ -1557,8 +1556,8 @@ Http::patch('/v1/users/:userId/mfa')
$response->dynamic($user, Response::MODEL_USER);
});
Http::get('/v1/users/:userId/mfa/factors')
->desc('List Factors')
App::get('/v1/users/:userId/mfa/factors')
->desc('List factors')
->groups(['api', 'users'])
->label('scope', 'users.read')
->label('usage.metric', 'users.{scope}.requests.read')
@@ -1590,8 +1589,8 @@ Http::get('/v1/users/:userId/mfa/factors')
$response->dynamic($factors, Response::MODEL_MFA_FACTORS);
});
Http::get('/v1/users/:userId/mfa/recovery-codes')
->desc('Get MFA Recovery Codes')
App::get('/v1/users/:userId/mfa/recovery-codes')
->desc('Get MFA recovery codes')
->groups(['api', 'users'])
->label('scope', 'users.read')
->label('usage.metric', 'users.{scope}.requests.read')
@@ -1625,8 +1624,8 @@ Http::get('/v1/users/:userId/mfa/recovery-codes')
$response->dynamic($document, Response::MODEL_MFA_RECOVERY_CODES);
});
Http::patch('/v1/users/:userId/mfa/recovery-codes')
->desc('Create MFA Recovery Codes')
App::patch('/v1/users/:userId/mfa/recovery-codes')
->desc('Create MFA recovery codes')
->groups(['api', 'users'])
->label('event', 'users.[userId].create.mfa.recovery-codes')
->label('scope', 'users.write')
@@ -1671,8 +1670,8 @@ Http::patch('/v1/users/:userId/mfa/recovery-codes')
$response->dynamic($document, Response::MODEL_MFA_RECOVERY_CODES);
});
Http::put('/v1/users/:userId/mfa/recovery-codes')
->desc('Regenerate MFA Recovery Codes')
App::put('/v1/users/:userId/mfa/recovery-codes')
->desc('Regenerate MFA recovery codes')
->groups(['api', 'users'])
->label('event', 'users.[userId].update.mfa.recovery-codes')
->label('scope', 'users.write')
@@ -1716,8 +1715,8 @@ Http::put('/v1/users/:userId/mfa/recovery-codes')
$response->dynamic($document, Response::MODEL_MFA_RECOVERY_CODES);
});
Http::delete('/v1/users/:userId/mfa/authenticators/:type')
->desc('Delete Authenticator')
App::delete('/v1/users/:userId/mfa/authenticators/:type')
->desc('Delete authenticator')
->groups(['api', 'users'])
->label('event', 'users.[userId].delete.mfa')
->label('scope', 'users.write')
@@ -1758,7 +1757,7 @@ Http::delete('/v1/users/:userId/mfa/authenticators/:type')
$response->noContent();
});
Http::post('/v1/users/:userId/sessions')
App::post('/v1/users/:userId/sessions')
->desc('Create session')
->groups(['api', 'users'])
->label('event', 'users.[userId].sessions.[sessionId].create')
@@ -1828,7 +1827,7 @@ Http::post('/v1/users/:userId/sessions')
->dynamic($session, Response::MODEL_SESSION);
});
Http::post('/v1/users/:userId/tokens')
App::post('/v1/users/:userId/tokens')
->desc('Create token')
->groups(['api', 'users'])
->label('event', 'users.[userId].tokens.[tokenId].create')
@@ -1885,7 +1884,7 @@ Http::post('/v1/users/:userId/tokens')
->dynamic($token, Response::MODEL_TOKEN);
});
Http::delete('/v1/users/:userId/sessions/:sessionId')
App::delete('/v1/users/:userId/sessions/:sessionId')
->desc('Delete user session')
->groups(['api', 'users'])
->label('event', 'users.[userId].sessions.[sessionId].delete')
@@ -1928,7 +1927,7 @@ Http::delete('/v1/users/:userId/sessions/:sessionId')
$response->noContent();
});
Http::delete('/v1/users/:userId/sessions')
App::delete('/v1/users/:userId/sessions')
->desc('Delete user sessions')
->groups(['api', 'users'])
->label('event', 'users.[userId].sessions.delete')
@@ -1970,7 +1969,7 @@ Http::delete('/v1/users/:userId/sessions')
$response->noContent();
});
Http::delete('/v1/users/:userId')
App::delete('/v1/users/:userId')
->desc('Delete user')
->groups(['api', 'users'])
->label('event', 'users.[userId].delete')
@@ -2012,7 +2011,7 @@ Http::delete('/v1/users/:userId')
$response->noContent();
});
Http::delete('/v1/users/:userId/targets/:targetId')
App::delete('/v1/users/:userId/targets/:targetId')
->desc('Delete user target')
->groups(['api', 'users'])
->label('audits.event', 'target.delete')
@@ -2063,7 +2062,7 @@ Http::delete('/v1/users/:userId/targets/:targetId')
$response->noContent();
});
Http::delete('/v1/users/identities/:identityId')
App::delete('/v1/users/identities/:identityId')
->desc('Delete identity')
->groups(['api', 'users'])
->label('event', 'users.[userId].identities.[identityId].delete')
@@ -2098,7 +2097,7 @@ Http::delete('/v1/users/identities/:identityId')
return $response->noContent();
});
Http::post('/v1/users/:userId/jwts')
App::post('/v1/users/:userId/jwts')
->desc('Create user JWT')
->groups(['api', 'users'])
->label('scope', 'users.write')
@@ -2148,7 +2147,7 @@ Http::post('/v1/users/:userId/jwts')
])]), Response::MODEL_JWT);
});
Http::get('/v1/users/usage')
App::get('/v1/users/usage')
->desc('Get users usage stats')
->groups(['api', 'users'])
->label('scope', 'users.read')
@@ -2161,8 +2160,8 @@ Http::get('/v1/users/usage')
->param('range', '30d', new WhiteList(['24h', '30d', '90d'], true), 'Date range.', true)
->inject('response')
->inject('dbForProject')
->inject('authorization')
->action(function (string $range, Response $response, Database $dbForProject, Authorization $authorization) {
->inject('register')
->action(function (string $range, Response $response, Database $dbForProject) {
$periods = Config::getParam('usage', []);
$stats = $usage = [];
@@ -2172,7 +2171,7 @@ Http::get('/v1/users/usage')
METRIC_SESSIONS,
];
$authorization->skip(function () use ($dbForProject, $days, $metrics, &$stats) {
Authorization::skip(function () use ($dbForProject, $days, $metrics, &$stats) {
foreach ($metrics as $count => $metric) {
$result = $dbForProject->findOne('stats', [
Query::equal('metric', [$metric]),
app/controllers/api/vcs.php
+44 -45
View File
@@ -8,6 +8,7 @@ use Appwrite\Utopia\Database\Validator\Queries\Installations;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Appwrite\Vcs\Comment;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
@@ -31,17 +32,17 @@ use Utopia\Detector\Adapter\Python;
use Utopia\Detector\Adapter\Ruby;
use Utopia\Detector\Adapter\Swift;
use Utopia\Detector\Detector;
use Utopia\Http\Http;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Host;
use Utopia\Http\Validator\Text;
use Utopia\System\System;
use Utopia\Validator\Boolean;
use Utopia\Validator\Host;
use Utopia\Validator\Text;
use Utopia\VCS\Adapter\Git\GitHub;
use Utopia\VCS\Exception\RepositoryNotFound;
use function Swoole\Coroutine\batch;
$createGitDeployments = function (GitHub $github, string $providerInstallationId, array $repositories, string $providerBranch, string $providerBranchUrl, string $providerRepositoryName, string $providerRepositoryUrl, string $providerRepositoryOwner, string $providerCommitHash, string $providerCommitAuthor, string $providerCommitAuthorUrl, string $providerCommitMessage, string $providerCommitUrl, string $providerPullRequestId, bool $external, Database $dbForConsole, Build $queueForBuilds, callable $getProjectDB, Request $request, Authorization $auth) {
$createGitDeployments = function (GitHub $github, string $providerInstallationId, array $repositories, string $providerBranch, string $providerBranchUrl, string $providerRepositoryName, string $providerRepositoryUrl, string $providerRepositoryOwner, string $providerCommitHash, string $providerCommitAuthor, string $providerCommitAuthorUrl, string $providerCommitMessage, string $providerCommitUrl, string $providerPullRequestId, bool $external, Database $dbForConsole, Build $queueForBuilds, callable $getProjectDB, Request $request) {
$errors = [];
foreach ($repositories as $resource) {
try {
$resourceType = $resource->getAttribute('resourceType');
@@ -51,11 +52,11 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
}
$projectId = $resource->getAttribute('projectId');
$project = $auth->skip(fn () => $dbForConsole->getDocument('projects', $projectId));
$project = Authorization::skip(fn () => $dbForConsole->getDocument('projects', $projectId));
$dbForProject = $getProjectDB($project);
$functionId = $resource->getAttribute('resourceId');
$function = $auth->skip(fn () => $dbForProject->getDocument('functions', $functionId));
$function = Authorization::skip(fn () => $dbForProject->getDocument('functions', $functionId));
$functionInternalId = $function->getInternalId();
$deploymentId = ID::unique();
@@ -101,8 +102,8 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
$latestCommentId = '';
if (!empty($providerPullRequestId) && $function->getAttribute('providerSilentMode', false)) {
$latestComment = $auth->skip(fn () => $dbForConsole->findOne('vcsComments', [
if (!empty($providerPullRequestId) && $function->getAttribute('providerSilentMode', false) === false) {
$latestComment = Authorization::skip(fn () => $dbForConsole->findOne('vcsComments', [
Query::equal('providerRepositoryId', [$providerRepositoryId]),
Query::equal('providerPullRequestId', [$providerPullRequestId]),
Query::orderDesc('$createdAt'),
@@ -123,7 +124,7 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
if (!empty($latestCommentId)) {
$teamId = $project->getAttribute('teamId', '');
$latestComment = $auth->skip(fn () => $dbForConsole->createDocument('vcsComments', new Document([
$latestComment = Authorization::skip(fn () => $dbForConsole->createDocument('vcsComments', new Document([
'$id' => ID::unique(),
'$permissions' => [
Permission::read(Role::team(ID::custom($teamId))),
@@ -144,7 +145,7 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
}
}
} elseif (!empty($providerBranch)) {
$latestComments = $auth->skip(fn () => $dbForConsole->find('vcsComments', [
$latestComments = Authorization::skip(fn () => $dbForConsole->find('vcsComments', [
Query::equal('providerRepositoryId', [$providerRepositoryId]),
Query::equal('providerBranch', [$providerBranch]),
Query::orderDesc('$createdAt'),
@@ -261,8 +262,8 @@ $createGitDeployments = function (GitHub $github, string $providerInstallationId
}
};
Http::get('/v1/vcs/github/authorize')
->desc('Install GitHub App')
App::get('/v1/vcs/github/authorize')
->desc('Install GitHub app')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
->label('sdk.namespace', 'vcs')
@@ -303,8 +304,8 @@ Http::get('/v1/vcs/github/authorize')
->redirect($url);
});
Http::get('/v1/vcs/github/callback')
->desc('Capture installation and authorization from GitHub App')
App::get('/v1/vcs/github/callback')
->desc('Capture installation and authorization from GitHub app')
->groups(['api', 'vcs'])
->label('scope', 'public')
->label('error', __DIR__ . '/../../views/general/error.phtml')
@@ -463,7 +464,7 @@ Http::get('/v1/vcs/github/callback')
->redirect($redirectSuccess);
});
Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/contents')
App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/contents')
->desc('Get files and directories of a VCS repository')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
@@ -524,7 +525,7 @@ Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:pr
]), Response::MODEL_VCS_CONTENT_LIST);
});
Http::post('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/detection')
App::post('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/detection')
->desc('Detect runtime settings from source code')
->groups(['api', 'vcs'])
->label('scope', 'vcs.write')
@@ -596,8 +597,8 @@ Http::post('/v1/vcs/github/installations/:installationId/providerRepositories/:p
$response->dynamic(new Document($detection), Response::MODEL_DETECTION);
});
Http::get('/v1/vcs/github/installations/:installationId/providerRepositories')
->desc('List Repositories')
App::get('/v1/vcs/github/installations/:installationId/providerRepositories')
->desc('List repositories')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
->label('sdk.namespace', 'vcs')
@@ -691,7 +692,7 @@ Http::get('/v1/vcs/github/installations/:installationId/providerRepositories')
]), Response::MODEL_PROVIDER_REPOSITORY_LIST);
});
Http::post('/v1/vcs/github/installations/:installationId/providerRepositories')
App::post('/v1/vcs/github/installations/:installationId/providerRepositories')
->desc('Create repository')
->groups(['api', 'vcs'])
->label('scope', 'vcs.write')
@@ -792,7 +793,7 @@ Http::post('/v1/vcs/github/installations/:installationId/providerRepositories')
$response->dynamic(new Document($repository), Response::MODEL_PROVIDER_REPOSITORY);
});
Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId')
App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId')
->desc('Get repository')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
@@ -841,8 +842,8 @@ Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:pr
$response->dynamic(new Document($repository), Response::MODEL_PROVIDER_REPOSITORY);
});
Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/branches')
->desc('List Repository Branches')
App::get('/v1/vcs/github/installations/:installationId/providerRepositories/:providerRepositoryId/branches')
->desc('List repository branches')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
->label('sdk.namespace', 'vcs')
@@ -890,8 +891,8 @@ Http::get('/v1/vcs/github/installations/:installationId/providerRepositories/:pr
]), Response::MODEL_BRANCH_LIST);
});
Http::post('/v1/vcs/github/events')
->desc('Create Event')
App::post('/v1/vcs/github/events')
->desc('Create event')
->groups(['api', 'vcs'])
->label('scope', 'public')
->inject('gitHub')
@@ -900,9 +901,8 @@ Http::post('/v1/vcs/github/events')
->inject('dbForConsole')
->inject('getProjectDB')
->inject('queueForBuilds')
->inject('auth')
->action(
function (GitHub $github, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Build $queueForBuilds, Authorization $auth) use ($createGitDeployments) {
function (GitHub $github, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Build $queueForBuilds) use ($createGitDeployments) {
$payload = $request->getRawPayload();
$signatureRemote = $request->getHeader('x-hub-signature-256', '');
$signatureLocal = System::getEnv('_APP_VCS_GITHUB_WEBHOOK_SECRET', '');
@@ -936,14 +936,14 @@ Http::post('/v1/vcs/github/events')
$github->initializeVariables($providerInstallationId, $privateKey, $githubAppId);
//find functionId from functions table
$repositories = $auth->skip(fn () => $dbForConsole->find('repositories', [
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
Query::equal('providerRepositoryId', [$providerRepositoryId]),
Query::limit(100),
]));
// create new deployment only on push and not when branch is created
if (!$providerBranchCreated) {
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, '', false, $dbForConsole, $queueForBuilds, $getProjectDB, $request, $auth);
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, '', false, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
}
} elseif ($event == $github::EVENT_INSTALLATION) {
if ($parsedPayload["action"] == "deleted") {
@@ -956,13 +956,13 @@ Http::post('/v1/vcs/github/events')
]);
foreach ($installations as $installation) {
$repositories = $auth->skip(fn () => $dbForConsole->find('repositories', [
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
Query::equal('installationInternalId', [$installation->getInternalId()]),
Query::limit(1000)
]));
foreach ($repositories as $repository) {
$auth->skip(fn () => $dbForConsole->deleteDocument('repositories', $repository->getId()));
Authorization::skip(fn () => $dbForConsole->deleteDocument('repositories', $repository->getId()));
}
$dbForConsole->deleteDocument('installations', $installation->getId());
@@ -994,12 +994,12 @@ Http::post('/v1/vcs/github/events')
$providerCommitAuthor = $commitDetails["commitAuthor"] ?? '';
$providerCommitMessage = $commitDetails["commitMessage"] ?? '';
$repositories = $auth->skip(fn () => $dbForConsole->find('repositories', [
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
Query::equal('providerRepositoryId', [$providerRepositoryId]),
Query::orderDesc('$createdAt')
]));
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, $providerPullRequestId, $external, $dbForConsole, $queueForBuilds, $getProjectDB, $request, $auth);
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, $providerPullRequestId, $external, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
} elseif ($parsedPayload["action"] == "closed") {
// Allowed external contributions cleanup
@@ -1008,7 +1008,7 @@ Http::post('/v1/vcs/github/events')
$external = $parsedPayload["external"] ?? true;
if ($external) {
$repositories = $auth->skip(fn () => $dbForConsole->find('repositories', [
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
Query::equal('providerRepositoryId', [$providerRepositoryId]),
Query::orderDesc('$createdAt')
]));
@@ -1019,7 +1019,7 @@ Http::post('/v1/vcs/github/events')
if (\in_array($providerPullRequestId, $providerPullRequestIds)) {
$providerPullRequestIds = \array_diff($providerPullRequestIds, [$providerPullRequestId]);
$repository = $repository->setAttribute('providerPullRequestIds', $providerPullRequestIds);
$repository = $auth->skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
$repository = Authorization::skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
}
}
}
@@ -1030,7 +1030,7 @@ Http::post('/v1/vcs/github/events')
}
);
Http::get('/v1/vcs/installations')
App::get('/v1/vcs/installations')
->desc('List installations')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
@@ -1090,7 +1090,7 @@ Http::get('/v1/vcs/installations')
]), Response::MODEL_INSTALLATION_LIST);
});
Http::get('/v1/vcs/installations/:installationId')
App::get('/v1/vcs/installations/:installationId')
->desc('Get installation')
->groups(['api', 'vcs'])
->label('scope', 'vcs.read')
@@ -1119,8 +1119,8 @@ Http::get('/v1/vcs/installations/:installationId')
$response->dynamic($installation, Response::MODEL_INSTALLATION);
});
Http::delete('/v1/vcs/installations/:installationId')
->desc('Delete Installation')
App::delete('/v1/vcs/installations/:installationId')
->desc('Delete installation')
->groups(['api', 'vcs'])
->label('scope', 'vcs.write')
->label('sdk.namespace', 'vcs')
@@ -1152,7 +1152,7 @@ Http::delete('/v1/vcs/installations/:installationId')
$response->noContent();
});
Http::patch('/v1/vcs/github/installations/:installationId/repositories/:repositoryId')
App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositoryId')
->desc('Authorize external deployment')
->groups(['api', 'vcs'])
->label('scope', 'vcs.write')
@@ -1172,15 +1172,14 @@ Http::patch('/v1/vcs/github/installations/:installationId/repositories/:reposito
->inject('dbForConsole')
->inject('getProjectDB')
->inject('queueForBuilds')
->inject('auth')
->action(function (string $installationId, string $repositoryId, string $providerPullRequestId, GitHub $github, Request $request, Response $response, Document $project, Database $dbForConsole, callable $getProjectDB, Build $queueForBuilds, Authorization $auth) use ($createGitDeployments) {
->action(function (string $installationId, string $repositoryId, string $providerPullRequestId, GitHub $github, Request $request, Response $response, Document $project, Database $dbForConsole, callable $getProjectDB, Build $queueForBuilds) use ($createGitDeployments) {
$installation = $dbForConsole->getDocument('installations', $installationId);
if ($installation->isEmpty()) {
throw new Exception(Exception::INSTALLATION_NOT_FOUND);
}
$repository = $auth->skip(fn () => $dbForConsole->getDocument('repositories', $repositoryId, [
$repository = Authorization::skip(fn () => $dbForConsole->getDocument('repositories', $repositoryId, [
Query::equal('projectInternalId', [$project->getInternalId()])
]));
@@ -1197,7 +1196,7 @@ Http::patch('/v1/vcs/github/installations/:installationId/repositories/:reposito
// TODO: Delete from array when PR is closed
$repository = $auth->skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
$repository = Authorization::skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
$privateKey = System::getEnv('_APP_VCS_GITHUB_PRIVATE_KEY');
$githubAppId = System::getEnv('_APP_VCS_GITHUB_APP_ID');
@@ -1221,7 +1220,7 @@ Http::patch('/v1/vcs/github/installations/:installationId/repositories/:reposito
$providerBranch = \explode(':', $pullRequestResponse['head']['label'])[1] ?? '';
$providerCommitHash = $pullRequestResponse['head']['sha'] ?? '';
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerCommitHash, $providerPullRequestId, true, $dbForConsole, $queueForBuilds, $getProjectDB, $request, $auth);
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerCommitHash, $providerPullRequestId, true, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
$response->noContent();
});
app/controllers/general.php
+119 -152
View File
@@ -1,5 +1,7 @@
<?php
require_once __DIR__ . '/../init.php';
use Ahc\Jwt\JWT;
use Appwrite\Auth\Auth;
use Appwrite\Event\Certificate;
@@ -7,7 +9,6 @@ use Appwrite\Event\Event;
use Appwrite\Event\Usage;
use Appwrite\Extend\Exception as AppwriteException;
use Appwrite\Network\Validator\Origin;
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Request\Filters\V16 as RequestV16;
use Appwrite\Utopia\Request\Filters\V17 as RequestV17;
@@ -19,6 +20,8 @@ use Appwrite\Utopia\Response\Filters\V18 as ResponseV18;
use Appwrite\Utopia\View;
use Executor\Executor;
use MaxMind\Db\Reader;
use Swoole\Http\Request as SwooleRequest;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
@@ -28,35 +31,33 @@ use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Domains\Domain;
use Utopia\DSN\DSN;
use Utopia\Http\Http;
use Utopia\Http\Route;
use Utopia\Http\Validator\Hostname;
use Utopia\Http\Validator\Text;
use Utopia\Locale\Locale;
use Utopia\Logger\Adapter\Sentry;
use Utopia\Logger\Log;
use Utopia\Logger\Log\User;
use Utopia\Logger\Logger;
use Utopia\System\System;
use Utopia\Validator\Hostname;
use Utopia\Validator\Text;
Config::setParam('domainVerification', false);
Config::setParam('cookieDomain', 'localhost');
Config::setParam('cookieSamesite', Response::COOKIE_SAMESITE_NONE);
function router(Database $dbForConsole, callable $getProjectDB, Request $request, Response $response, Route $route, Event $queueForEvents, Usage $queueForUsage, Reader $geodb, Authorization $auth)
function router(App $utopia, Database $dbForConsole, callable $getProjectDB, SwooleRequest $swooleRequest, Request $request, Response $response, Event $queueForEvents, Usage $queueForUsage, Reader $geodb)
{
$route?->label('error', __DIR__ . '/../views/general/error.phtml');
$utopia->getRoute()?->label('error', __DIR__ . '/../views/general/error.phtml');
$host = $request->getHostname() ?? '';
$rule = $auth->skip(
$route = Authorization::skip(
fn () => $dbForConsole->find('rules', [
Query::equal('domain', [$host]),
Query::limit(1)
])
)[0] ?? null;
if ($rule === null) {
if ($route === null) {
if ($host === System::getEnv('_APP_DOMAIN_FUNCTIONS', '')) {
throw new AppwriteException(AppwriteException::GENERAL_ACCESS_FORBIDDEN, 'This domain cannot be used for security reasons. Please use any subdomain instead.');
}
@@ -72,12 +73,12 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
}
// Act as API - no Proxy logic
$route?->label('error', '');
$utopia->getRoute()?->label('error', '');
return false;
}
$projectId = $rule->getAttribute('projectId');
$project = $auth->skip(
$projectId = $route->getAttribute('projectId');
$project = Authorization::skip(
fn () => $dbForConsole->getDocument('projects', $projectId)
);
if (array_key_exists('proxy', $project->getAttribute('services', []))) {
@@ -88,16 +89,16 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
}
// Skip Appwrite Router for ACME challenge. Nessessary for certificate generation
$path = ($request->getURI() ?? '/');
$path = ($swooleRequest->server['request_uri'] ?? '/');
if (\str_starts_with($path, '/.well-known/acme-challenge')) {
return false;
}
$type = $rule->getAttribute('resourceType');
$type = $route->getAttribute('resourceType');
if ($type === 'function') {
$route->label('sdk.namespace', 'functions');
$route->label('sdk.method', 'createExecution');
$utopia->getRoute()?->label('sdk.namespace', 'functions');
$utopia->getRoute()?->label('sdk.method', 'createExecution');
if (System::getEnv('_APP_OPTIONS_FUNCTIONS_FORCE_HTTPS', 'disabled') === 'enabled') { // Force HTTPS
if ($request->getProtocol() !== 'https') {
@@ -109,25 +110,26 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
}
}
$functionId = $rule->getAttribute('resourceId');
$projectId = $rule->getAttribute('projectId');
$functionId = $route->getAttribute('resourceId');
$projectId = $route->getAttribute('projectId');
$path = ($request->getURI() ?? '/');
$query = ($request->getQueryString() ?? '');
$path = ($swooleRequest->server['request_uri'] ?? '/');
$query = ($swooleRequest->server['query_string'] ?? '');
if (!empty($query)) {
$path .= '?' . $query;
}
$body = $request->getRawPayload() ?? '';
$method = $request->getMethod();
$body = $swooleRequest->getContent() ?? '';
$method = $swooleRequest->server['request_method'];
$requestHeaders = $request->getHeaders();
$project = $auth->skip(fn () => $dbForConsole->getDocument('projects', $projectId));
$project = Authorization::skip(fn () => $dbForConsole->getDocument('projects', $projectId));
$dbForProject = $getProjectDB($project);
$function = $auth->skip(fn () => $dbForProject->getDocument('functions', $functionId));
$function = Authorization::skip(fn () => $dbForProject->getDocument('functions', $functionId));
if ($function->isEmpty() || !$function->getAttribute('enabled')) {
throw new AppwriteException(AppwriteException::FUNCTION_NOT_FOUND);
@@ -143,7 +145,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
throw new AppwriteException(AppwriteException::FUNCTION_RUNTIME_UNSUPPORTED, 'Runtime "' . $function->getAttribute('runtime', '') . '" is not supported');
}
$deployment = $auth->skip(fn () => $dbForProject->getDocument('deployments', $function->getAttribute('deployment', '')));
$deployment = Authorization::skip(fn () => $dbForProject->getDocument('deployments', $function->getAttribute('deployment', '')));
if ($deployment->getAttribute('resourceId') !== $function->getId()) {
throw new AppwriteException(AppwriteException::DEPLOYMENT_NOT_FOUND, 'Deployment not found. Create a deployment before trying to execute a function');
@@ -154,7 +156,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
}
/** Check if build has completed */
$build = $auth->skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
$build = Authorization::skip(fn () => $dbForProject->getDocument('builds', $deployment->getAttribute('buildId', '')));
if ($build->isEmpty()) {
throw new AppwriteException(AppwriteException::BUILD_NOT_FOUND);
}
@@ -215,7 +217,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
'deploymentInternalId' => $deployment->getInternalId(),
'deploymentId' => $deployment->getId(),
'trigger' => 'http', // http / schedule / event
'status' => 'processing', // waiting / processing / completed / failed
'status' => 'processing', // waiting / processing / completed / failed
'responseStatusCode' => 0,
'responseHeaders' => [],
'requestPath' => $path,
@@ -311,6 +313,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
cpus: $spec['cpus'] ?? APP_FUNCTION_CPUS_DEFAULT,
memory: $spec['memory'] ?? APP_FUNCTION_MEMORY_DEFAULT,
logging: $function->getAttribute('logging', true),
requestTimeout: 30
);
$headersFiltered = [];
@@ -328,6 +331,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
$execution->setAttribute('logs', $executionResponse['logs']);
$execution->setAttribute('errors', $executionResponse['errors']);
$execution->setAttribute('duration', $executionResponse['duration']);
} catch (\Throwable $th) {
$durationEnd = \microtime(true);
@@ -362,8 +366,7 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
->trigger()
;
/** @var Document $execution */
$execution = $auth->skip(fn () => $dbForProject->createDocument('executions', $execution));
$execution = Authorization::skip(fn () => $dbForProject->createDocument('executions', $execution));
}
$execution->setAttribute('logs', '');
@@ -395,15 +398,18 @@ function router(Database $dbForConsole, callable $getProjectDB, Request $request
return true;
} elseif ($type === 'api') {
$route?->label('error', '');
$utopia->getRoute()?->label('error', '');
return false;
} else {
throw new AppwriteException(AppwriteException::GENERAL_SERVER_ERROR, 'Unknown resource type ' . $type);
}
$utopia->getRoute()?->label('error', '');
return false;
}
/*
Http::init()
App::init()
->groups(['api'])
->inject('project')
->inject('mode')
@@ -414,7 +420,7 @@ Http::init()
});
*/
Http::init()
App::init()
->groups(['database', 'functions', 'storage', 'messaging'])
->inject('project')
->inject('request')
@@ -427,11 +433,12 @@ Http::init()
}
});
Http::init()
App::init()
->groups(['api', 'web'])
->inject('utopia')
->inject('swooleRequest')
->inject('request')
->inject('response')
->inject('route')
->inject('console')
->inject('project')
->inject('dbForConsole')
@@ -443,27 +450,7 @@ Http::init()
->inject('queueForUsage')
->inject('queueForEvents')
->inject('queueForCertificates')
->inject('authorization')
->action(function (
Request $request,
Response $response,
Route $route,
Document $console,
Document $project,
Database $dbForConsole,
$getProjectDB,
Locale $locale,
array $localeCodes,
array $clients,
/**
* @disregard P1009 Undefined type
*/
Reader $geodb,
Usage $queueForUsage,
Event $queueForEvents,
Certificate $queueForCertificates,
Authorization $authorization
) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Document $console, Document $project, Database $dbForConsole, callable $getProjectDB, Locale $locale, array $localeCodes, array $clients, Reader $geodb, Usage $queueForUsage, Event $queueForEvents, Certificate $queueForCertificates) {
/*
* Appwrite Router
*/
@@ -471,7 +458,7 @@ Http::init()
$mainDomain = System::getEnv('_APP_DOMAIN', '');
// Only run Router when external domain
if ($host !== $mainDomain) {
if (router($dbForConsole, $getProjectDB, $request, $response, $route, $queueForEvents, $queueForUsage, $geodb, $authorization)) {
if (router($utopia, $dbForConsole, $getProjectDB, $swooleRequest, $request, $response, $queueForEvents, $queueForUsage, $geodb)) {
return;
}
}
@@ -479,8 +466,8 @@ Http::init()
/*
* Request format
*/
//$route = $utopia->getRoute();
//Request::setRoute($route);
$route = $utopia->getRoute();
Request::setRoute($route);
if ($route === null) {
return $response
@@ -512,7 +499,7 @@ Http::init()
} elseif (str_starts_with($request->getURI(), '/.well-known/acme-challenge')) {
Console::warning('Skipping SSL certificates generation on ACME challenge.');
} else {
$authorization->disable();
Authorization::disable();
$envDomain = System::getEnv('_APP_DOMAIN', '');
$mainDomain = null;
@@ -551,12 +538,12 @@ Http::init()
}
$domains[$domain->get()] = true;
$authorization->reset(); // ensure authorization is re-enabled
Authorization::reset(); // ensure authorization is re-enabled
}
Config::setParam('domains', $domains);
}
$localeParam = (string)$request->getParam('locale', $request->getHeader('x-appwrite-locale', ''));
$localeParam = (string) $request->getParam('locale', $request->getHeader('x-appwrite-locale', ''));
if (\in_array($localeParam, $localeCodes)) {
$locale->setDefault($localeParam);
}
@@ -584,7 +571,7 @@ Http::init()
Config::setParam(
'domainVerification',
($selfDomain->getRegisterable() === $endDomain->getRegisterable()) &&
$endDomain->getRegisterable() !== ''
$endDomain->getRegisterable() !== ''
);
$isLocalHost = $request->getHostname() === 'localhost' || $request->getHostname() === 'localhost:' . $request->getPort();
@@ -599,8 +586,8 @@ Http::init()
? null
: (
$isConsoleProject && $isConsoleRootSession
? '.' . $selfDomain->getRegisterable()
: '.' . $request->getHostname()
? '.' . $selfDomain->getRegisterable()
: '.' . $request->getHostname()
)
);
@@ -619,7 +606,7 @@ Http::init()
$response->addFilter(new ResponseV18());
}
if (version_compare($responseFormat, APP_VERSION_STABLE, '>')) {
$response->addHeader('X-Appwrite-Warning', "The current SDK is built for Appwrite " . $responseFormat . ". However, the current Appwrite server version is " . APP_VERSION_STABLE . ". Please downgrade your SDK to match the Appwrite version: https://appwrite.io/docs/sdks");
$response->addHeader('X-Appwrite-Warning', "The current SDK is built for Appwrite " . $responseFormat . ". However, the current Appwrite server version is ". APP_VERSION_STABLE . ". Please downgrade your SDK to match the Appwrite version: https://appwrite.io/docs/sdks");
}
}
@@ -630,9 +617,7 @@ Http::init()
* @see https://www.owasp.org/index.php/List_of_useful_HTTP_headers
*/
if (System::getEnv('_APP_OPTIONS_FORCE_HTTPS', 'disabled') === 'enabled') { // Force HTTPS
if ($request->getProtocol() !== 'https' // localhost allowed for proxy, APP_HOSTNAME_INTERNAL allowed for migrations
&& ($request->getHeader('host') ?? '') !== 'localhost'
&& ($request->getHeader('host') ?? '') !== APP_HOSTNAME_INTERNAL) {
if ($request->getProtocol() !== 'https' && ($swooleRequest->header['host'] ?? '') !== 'localhost' && ($swooleRequest->header['host'] ?? '') !== APP_HOSTNAME_INTERNAL) { // localhost allowed for proxy, APP_HOSTNAME_INTERNAL allowed for migrations
if ($request->getMethod() !== Request::METHOD_GET) {
throw new AppwriteException(AppwriteException::GENERAL_PROTOCOL_UNSUPPORTED, 'Method unsupported over HTTP. Please use HTTPS instead.');
}
@@ -672,8 +657,9 @@ Http::init()
}
});
Http::options()
->inject('route')
App::options()
->inject('utopia')
->inject('swooleRequest')
->inject('request')
->inject('response')
->inject('dbForConsole')
@@ -681,8 +667,7 @@ Http::options()
->inject('queueForEvents')
->inject('queueForUsage')
->inject('geodb')
->inject('authorization')
->action(function (Route $route, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb, Authorization $authorization) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb) {
/*
* Appwrite Router
*/
@@ -690,7 +675,7 @@ Http::options()
$mainDomain = System::getEnv('_APP_DOMAIN', '');
// Only run Router when external domain
if ($host !== $mainDomain) {
if (router($dbForConsole, $getProjectDB, $request, $response, $route, $queueForEvents, $queueForUsage, $geodb, $authorization)) {
if (router($utopia, $dbForConsole, $getProjectDB, $swooleRequest, $request, $response, $queueForEvents, $queueForUsage, $geodb)) {
return;
}
}
@@ -707,25 +692,18 @@ Http::options()
->noContent();
});
Http::error()
App::error()
->inject('error')
->inject('user')
->inject('route')
->inject('utopia')
->inject('request')
->inject('response')
->inject('project')
->inject('logger')
->inject('log')
->inject('authorization')
->inject('connections')
->inject('queueForUsage')
->action(function (Throwable $error, Document $user, ?Route $route, Request $request, Response $response, Document $project, ?Logger $logger, Log $log, Authorization $authorization, Connections $connections, Usage $queueForUsage) {
->action(function (Throwable $error, App $utopia, Request $request, Response $response, Document $project, ?Logger $logger, Log $log, Usage $queueForUsage) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
if (is_null($route)) {
$route = new Route($request->getMethod(), $request->getURI());
}
$route = $utopia->getRoute();
$class = \get_class($error);
$code = $error->getCode();
$message = $error->getMessage();
@@ -746,9 +724,9 @@ Http::error()
Console::error('[Error] File: ' . $file);
Console::error('[Error] Line: ' . $line);
}
switch ($class) {
case 'Utopia\Servers\Exception':
case 'Utopia\Http\Exception':
case 'Utopia\Exception':
$error = new AppwriteException(AppwriteException::GENERAL_UNKNOWN, $message, $code, $error);
switch ($code) {
case 400:
@@ -793,36 +771,35 @@ Http::error()
} else {
$publish = $error->getCode() === 0 || $error->getCode() >= 500;
}
if ($error->getCode() >= 400 && $error->getCode() < 500) {
// Register error logger
$providerName = System::getEnv('_APP_EXPERIMENT_LOGGING_PROVIDER', '');
$providerConfig = System::getEnv('_APP_EXPERIMENT_LOGGING_CONFIG', '');
if (!(empty($providerName) || empty($providerConfig))) {
try {
$loggingProvider = new DSN($providerConfig);
$providerName = $loggingProvider->getScheme();
try {
$loggingProvider = new DSN($providerConfig ?? '');
$providerName = $loggingProvider->getScheme();
if (!empty($providerName) && $providerName === 'sentry') {
$key = $loggingProvider->getPassword();
$projectId = $loggingProvider->getUser() ?? '';
$host = 'https://' . $loggingProvider->getHost();
if (!empty($providerName) && $providerName === 'sentry') {
$key = $loggingProvider->getPassword();
$projectId = $loggingProvider->getUser() ?? '';
$host = 'https://' . $loggingProvider->getHost();
$adapter = new Sentry($projectId, $key, $host);
$logger = new Logger($adapter);
$logger->setSample(0.04);
$publish = true;
} else {
throw new \Exception('Invalid experimental logging provider');
}
} catch (\Throwable $th) {
Console::warning('Failed to initialize logging provider: ' . $th->getMessage());
$adapter = new Sentry($projectId, $key, $host);
$logger = new Logger($adapter);
$logger->setSample(0.04);
$publish = true;
} else {
throw new \Exception('Invalid experimental logging provider');
}
} catch (\Throwable $th) {
Console::warning('Failed to initialize logging provider: ' . $th->getMessage());
}
}
if ($publish && $project->getId() !== 'console') {
if (!Auth::isPrivilegedUser($authorization->getRoles())) {
if (!Auth::isPrivilegedUser(Authorization::getRoles())) {
$fileSize = 0;
$file = $request->getFiles('file');
if (!empty($file)) {
@@ -841,7 +818,14 @@ Http::error()
}
if ($logger && ($publish || $error->getCode() === 0)) {
if ($logger && $publish) {
try {
/** @var Utopia\Database\Document $user */
$user = $utopia->getResource('user');
} catch (\Throwable) {
// All good, user is optional information for logger
}
if (isset($user) && !$user->isEmpty()) {
$log->setUser(new User($user->getId()));
}
@@ -871,7 +855,7 @@ Http::error()
$log->addExtra('file', $error->getFile());
$log->addExtra('line', $error->getLine());
$log->addExtra('trace', $error->getTraceAsString());
$log->addExtra('roles', $authorization->getRoles());
$log->addExtra('roles', Authorization::getRoles());
$action = $route->getLabel("sdk.namespace", "UNKNOWN_NAMESPACE") . '.' . $route->getLabel("sdk.method", "UNKNOWN_METHOD");
$log->setAction($action);
@@ -879,13 +863,17 @@ Http::error()
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
$responseCode = $logger->addLog($log);
Console::info('Log pushed with status code: ' . $responseCode);
try {
$responseCode = $logger->addLog($log);
Console::info('Error log pushed with status code: ' . $responseCode);
} catch (Throwable $th) {
Console::error('Error pushing log: ' . $th->getMessage());
}
}
/** Wrap all exceptions inside Appwrite\Extend\Exception */
if (!($error instanceof AppwriteException)) {
$error = new AppwriteException(AppwriteException::GENERAL_UNKNOWN, $message, (int)$code, $error);
$error = new AppwriteException(AppwriteException::GENERAL_UNKNOWN, $message, $code, $error);
}
switch ($code) { // Don't show 500 errors!
@@ -905,14 +893,14 @@ Http::error()
break;
default:
$code = 500; // All other errors get the generic 500 server error status code
$message = (Http::getMode() === Http::MODE_TYPE_DEVELOPMENT) ? $message : 'Server Error';
$message = 'Server Error';
}
//$_SERVER = []; // Reset before reporting to error log to avoid keys being compromised
$type = $error->getType();
$output = ((Http::isDevelopment())) ? [
$output = ((App::isDevelopment())) ? [
'message' => $message,
'code' => $code,
'file' => $file,
@@ -940,7 +928,7 @@ Http::error()
$layout
->setParam('title', $project->getAttribute('name') . ' - Error')
->setParam('development', Http::isDevelopment())
->setParam('development', App::isDevelopment())
->setParam('projectName', $project->getAttribute('name'))
->setParam('projectURL', $project->getAttribute('url'))
->setParam('message', $output['message'] ?? '')
@@ -951,18 +939,18 @@ Http::error()
$response->html($layout->render());
}
$connections->reclaim();
$response->dynamic(
new Document($output),
Http::isDevelopment() ? Response::MODEL_ERROR_DEV : Response::MODEL_ERROR
$utopia->isDevelopment() ? Response::MODEL_ERROR_DEV : Response::MODEL_ERROR
);
});
Http::get('/robots.txt')
App::get('/robots.txt')
->desc('Robots.txt File')
->label('scope', 'public')
->label('docs', false)
->inject('utopia')
->inject('swooleRequest')
->inject('request')
->inject('response')
->inject('dbForConsole')
@@ -970,9 +958,7 @@ Http::get('/robots.txt')
->inject('queueForEvents')
->inject('queueForUsage')
->inject('geodb')
->inject('route')
->inject('authorization')
->action(function (Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb, ?Route $route, Authorization $authorization) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb) {
$host = $request->getHostname() ?? '';
$mainDomain = System::getEnv('_APP_DOMAIN', '');
@@ -980,17 +966,16 @@ Http::get('/robots.txt')
$template = new View(__DIR__ . '/../views/general/robots.phtml');
$response->text($template->render(false));
} else {
if (is_null($route)) {
$route = new Route($request->getMethod(), $request->getURI());
}
router($dbForConsole, $getProjectDB, $request, $response, $route, $queueForEvents, $queueForUsage, $geodb, $authorization);
router($utopia, $dbForConsole, $getProjectDB, $swooleRequest, $request, $response, $queueForEvents, $queueForUsage, $geodb);
}
});
Http::get('/humans.txt')
App::get('/humans.txt')
->desc('Humans.txt File')
->label('scope', 'public')
->label('docs', false)
->inject('utopia')
->inject('swooleRequest')
->inject('request')
->inject('response')
->inject('dbForConsole')
@@ -998,9 +983,7 @@ Http::get('/humans.txt')
->inject('queueForEvents')
->inject('queueForUsage')
->inject('geodb')
->inject('route')
->inject('authorization')
->action(function (Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb, Route $route, Authorization $authorization) {
->action(function (App $utopia, SwooleRequest $swooleRequest, Request $request, Response $response, Database $dbForConsole, callable $getProjectDB, Event $queueForEvents, Usage $queueForUsage, Reader $geodb) {
$host = $request->getHostname() ?? '';
$mainDomain = System::getEnv('_APP_DOMAIN', '');
@@ -1008,11 +991,11 @@ Http::get('/humans.txt')
$template = new View(__DIR__ . '/../views/general/humans.phtml');
$response->text($template->render(false));
} else {
router($dbForConsole, $getProjectDB, $request, $response, $route, $queueForEvents, $queueForUsage, $geodb, $authorization);
router($utopia, $dbForConsole, $getProjectDB, $swooleRequest, $request, $response, $queueForEvents, $queueForUsage, $geodb);
}
});
Http::get('/.well-known/acme-challenge/*')
App::get('/.well-known/acme-challenge/*')
->desc('SSL Verification')
->label('scope', 'public')
->label('docs', false)
@@ -1062,32 +1045,16 @@ Http::get('/.well-known/acme-challenge/*')
$response->text($content);
});
Http::wildcard()
include_once __DIR__ . '/shared/api.php';
include_once __DIR__ . '/shared/api/auth.php';
App::wildcard()
->groups(['api'])
->label('scope', 'global')
->action(function () {
throw new AppwriteException(AppwriteException::GENERAL_ROUTE_NOT_FOUND);
});
include_once 'mock.php';
include_once 'shared/api.php';
include_once 'shared/api/auth.php';
include_once 'api/account.php';
include_once 'api/avatars.php';
include_once 'api/console.php';
include_once 'api/databases.php';
include_once 'api/functions.php';
include_once 'api/graphql.php';
include_once 'api/health.php';
include_once 'api/locale.php';
include_once 'api/messaging.php';
include_once 'api/migrations.php';
include_once 'api/project.php';
include_once 'api/projects.php';
include_once 'api/proxy.php';
include_once 'api/storage.php';
include_once 'api/teams.php';
include_once 'api/users.php';
include_once 'api/vcs.php';
include_once 'web/console.php';
include_once 'web/home.php';
foreach (Config::getParam('services', []) as $service) {
include_once $service['controller'];
}
app/controllers/mock.php
+19 -17
View File
@@ -3,7 +3,9 @@
global $utopia, $request, $response;
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\Document;
@@ -11,15 +13,13 @@ use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Validator\UID;
use Utopia\Http\Http;
use Utopia\Http\Route;
use Utopia\Http\Validator\Host;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\System\System;
use Utopia\Validator\Host;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
use Utopia\VCS\Adapter\Git\GitHub;
Http::get('/v1/mock/tests/general/oauth2')
App::get('/v1/mock/tests/general/oauth2')
->desc('OAuth Login')
->groups(['mock'])
->label('scope', 'public')
@@ -35,7 +35,7 @@ Http::get('/v1/mock/tests/general/oauth2')
$response->redirect($redirectURI . '?' . \http_build_query(['code' => 'abcdef', 'state' => $state]));
});
Http::get('/v1/mock/tests/general/oauth2/token')
App::get('/v1/mock/tests/general/oauth2/token')
->desc('OAuth2 Token')
->groups(['mock'])
->label('scope', 'public')
@@ -81,7 +81,7 @@ Http::get('/v1/mock/tests/general/oauth2/token')
}
});
Http::get('/v1/mock/tests/general/oauth2/user')
App::get('/v1/mock/tests/general/oauth2/user')
->desc('OAuth2 User')
->groups(['mock'])
->label('scope', 'public')
@@ -101,7 +101,7 @@ Http::get('/v1/mock/tests/general/oauth2/user')
]);
});
Http::get('/v1/mock/tests/general/oauth2/success')
App::get('/v1/mock/tests/general/oauth2/success')
->desc('OAuth2 Success')
->groups(['mock'])
->label('scope', 'public')
@@ -114,7 +114,7 @@ Http::get('/v1/mock/tests/general/oauth2/success')
]);
});
Http::get('/v1/mock/tests/general/oauth2/failure')
App::get('/v1/mock/tests/general/oauth2/failure')
->desc('OAuth2 Failure')
->groups(['mock'])
->label('scope', 'public')
@@ -129,7 +129,7 @@ Http::get('/v1/mock/tests/general/oauth2/failure')
]);
});
Http::patch('/v1/mock/functions-v2')
App::patch('/v1/mock/functions-v2')
->desc('Update Function Version to V2 (outdated code syntax)')
->groups(['mock', 'api', 'functions'])
->label('scope', 'functions.write')
@@ -155,10 +155,10 @@ Http::patch('/v1/mock/functions-v2')
$response->noContent();
});
Http::post('/v1/mock/api-key-unprefixed')
App::post('/v1/mock/api-key-unprefixed')
->desc('Create API Key (without standard prefix)')
->groups(['mock', 'api', 'projects'])
->label('scope', 'projects.write')
->label('scope', 'public')
->label('docs', false)
->param('projectId', '', new UID(), 'Project ID.')
->inject('response')
@@ -204,7 +204,7 @@ Http::post('/v1/mock/api-key-unprefixed')
->dynamic($key, Response::MODEL_KEY);
});
Http::get('/v1/mock/github/callback')
App::get('/v1/mock/github/callback')
->desc('Create installation document using GitHub installation id')
->groups(['mock', 'api', 'vcs'])
->label('scope', 'public')
@@ -264,13 +264,15 @@ Http::get('/v1/mock/github/callback')
]);
});
Http::shutdown()
App::shutdown()
->groups(['mock'])
->inject('route')
->inject('utopia')
->inject('response')
->action(function (Route $route, Response $response) {
->inject('request')
->action(function (App $utopia, Response $response, Request $request) {
$result = [];
$route = $utopia->getRoute();
$path = APP_STORAGE_CACHE . '/tests.json';
$tests = (\file_exists($path)) ? \json_decode(\file_get_contents($path), true) : [];
app/controllers/shared/api.php
+88 -104
View File
@@ -15,11 +15,11 @@ use Appwrite\Event\Usage;
use Appwrite\Extend\Exception;
use Appwrite\Extend\Exception as AppwriteException;
use Appwrite\Messaging\Adapter\Realtime;
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\Database\TimeLimit;
use Utopia\App;
use Utopia\Cache\Adapter\Filesystem;
use Utopia\Cache\Cache;
use Utopia\Config\Config;
@@ -28,11 +28,8 @@ use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\Authorization\Input;
use Utopia\Http\Http;
use Utopia\Http\Route;
use Utopia\Http\Validator\WhiteList;
use Utopia\System\System;
use Utopia\Validator\WhiteList;
$parseLabel = function (string $label, array $responsePayload, array $requestParams, Document $user) {
preg_match_all('/{(.*?)}/', $label, $matches);
@@ -98,7 +95,7 @@ $databaseListener = function (string $event, Document $document, Document $proje
$databaseInternalId = $parts[1] ?? 0;
$queueForUsage
->addMetric(METRIC_COLLECTIONS, $value) // per project
->addMetric(str_replace('{databaseInternalId}', $databaseInternalId, METRIC_DATABASE_ID_COLLECTIONS), $value) // per database
->addMetric(str_replace('{databaseInternalId}', $databaseInternalId, METRIC_DATABASE_ID_COLLECTIONS), $value)
;
if ($event === Database::EVENT_DOCUMENT_DELETE) {
@@ -153,9 +150,9 @@ $databaseListener = function (string $event, Document $document, Document $proje
}
};
Http::init()
App::init()
->groups(['api'])
->inject('route')
->inject('utopia')
->inject('request')
->inject('dbForConsole')
->inject('project')
@@ -163,41 +160,22 @@ Http::init()
->inject('session')
->inject('servers')
->inject('mode')
->inject('authorization')
->action(function (Route $route, Request $request, Database $dbForConsole, Document $project, Document $user, ?Document $session, array $servers, string $mode, Authorization $authorization) {
->inject('team')
->action(function (App $utopia, Request $request, Database $dbForConsole, Document $project, Document $user, ?Document $session, array $servers, string $mode, Document $team) {
$route = $utopia->getRoute();
if ($project->isEmpty()) {
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
/**
* ACL Check
*/
/** Default role */
$roles = Config::getParam('roles', []);
$role = ($user->isEmpty())
? Role::guests()->toString()
: Role::users()->toString();
// Add user roles
$memberships = $user->find('teamId', $project->getAttribute('teamId'), 'memberships');
if ($memberships) {
foreach ($memberships->getAttribute('roles', []) as $memberRole) {
switch ($memberRole) {
case 'owner':
$role = Auth::USER_ROLE_OWNER;
break;
case 'admin':
$role = Auth::USER_ROLE_ADMIN;
break;
case 'developer':
$role = Auth::USER_ROLE_DEVELOPER;
break;
}
}
}
$roles = Config::getParam('roles', []);
$scope = $route->getLabel('scope', 'none'); // Allowed scope for chosen route
$scopes = $roles[$role]['scopes']; // Allowed scopes for user role
/** Allowed Scopes for the role */
$scopes = $roles[$role]['scopes'];
$apiKey = $request->getHeader('x-appwrite-key', '');
@@ -243,8 +221,8 @@ Http::init()
$role = Auth::USER_ROLE_APPS;
$scopes = \array_merge($roles[$role]['scopes'], $tokenScopes);
$authorization->addRole(Auth::USER_ROLE_APPS);
$authorization->setDefaultStatus(false); // Cancel security segmentation for API keys.
Authorization::setRole(Auth::USER_ROLE_APPS);
Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys.
}
} elseif ($keyType === API_KEY_STANDARD) {
// No underline means no prefix. Backwards compatibility.
@@ -269,8 +247,8 @@ Http::init()
throw new Exception(Exception::PROJECT_KEY_EXPIRED);
}
$authorization->addRole(Auth::USER_ROLE_APPS);
$authorization->setDefaultStatus(false); // Cancel security segmentation for API keys.
Authorization::setRole(Auth::USER_ROLE_APPS);
Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys.
$accessedAt = $key->getAttribute('accessedAt', '');
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_KEY_ACCESS)) > $accessedAt) {
@@ -296,31 +274,56 @@ Http::init()
}
}
}
// Admin User Authentication
elseif (($project->getId() === 'console' && !$team->isEmpty() && !$user->isEmpty()) || ($project->getId() !== 'console' && !$user->isEmpty() && $mode === APP_MODE_ADMIN)) {
$teamId = $team->getId();
$adminRoles = [];
$memberships = $user->getAttribute('memberships', []);
foreach ($memberships as $membership) {
if ($membership->getAttribute('confirm', false) === true && $membership->getAttribute('teamId') === $teamId) {
$adminRoles = $membership->getAttribute('roles', []);
break;
}
}
$authorization->addRole($role);
if (empty($adminRoles)) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
foreach (Auth::getRoles($user, $authorization) as $authRole) {
$authorization->addRole($authRole);
$scopes = []; // reset scope if admin
foreach ($adminRoles as $role) {
$scopes = \array_merge($scopes, $roles[$role]['scopes']);
}
Authorization::setDefaultStatus(false); // Cancel security segmentation for admin users.
}
$scopes = \array_unique($scopes);
Authorization::setRole($role);
foreach (Auth::getRoles($user) as $authRole) {
Authorization::setRole($authRole);
}
/** Do not allow access to disabled services */
$service = $route->getLabel('sdk.namespace', '');
if (!empty($service)) {
if (
array_key_exists($service, $project->getAttribute('services', []))
&& !$project->getAttribute('services', [])[$service]
&& !(Auth::isPrivilegedUser($authorization->getRoles()) || Auth::isAppUser($authorization->getRoles()))
&& !(Auth::isPrivilegedUser(Authorization::getRoles()) || Auth::isAppUser(Authorization::getRoles()))
) {
throw new Exception(Exception::GENERAL_SERVICE_DISABLED);
}
}
if (!\in_array($scope, $scopes)) {
if ($project->isEmpty()) { // Check if permission is denied because project is missing
throw new Exception(Exception::PROJECT_NOT_FOUND);
}
/** Do now allow access if scope is not allowed */
$scope = $route->getLabel('scope', 'none');
if (!\in_array($scope, $scopes)) {
throw new Exception(Exception::GENERAL_UNAUTHORIZED_SCOPE, $user->getAttribute('email', 'User') . ' (role: ' . \strtolower($roles[$role]['label']) . ') missing scope (' . $scope . ')');
}
/** Do not allow access to blocked accounts */
if (false === $user->getAttribute('status')) { // Account is blocked
throw new Exception(Exception::USER_BLOCKED);
}
@@ -343,9 +346,9 @@ Http::init()
}
});
Http::init()
App::init()
->groups(['api'])
->inject('route')
->inject('utopia')
->inject('request')
->inject('response')
->inject('project')
@@ -359,12 +362,14 @@ Http::init()
->inject('queueForUsage')
->inject('dbForProject')
->inject('mode')
->inject('authorization')
->action(function (Route $route, Request $request, Response $response, Document $project, Document $user, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Usage $queueForUsage, Database $dbForProject, string $mode, Authorization $authorization) use ($databaseListener) {
->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Usage $queueForUsage, Database $dbForProject, string $mode) use ($databaseListener) {
$route = $utopia->getRoute();
if (
array_key_exists('rest', $project->getAttribute('apis', []))
&& !$project->getAttribute('apis', [])['rest']
&& !(Auth::isPrivilegedUser($authorization->getRoles()) || Auth::isAppUser($authorization->getRoles()))
&& !(Auth::isPrivilegedUser(Authorization::getRoles()) || Auth::isAppUser(Authorization::getRoles()))
) {
throw new AppwriteException(AppwriteException::GENERAL_API_DISABLED);
}
@@ -394,7 +399,7 @@ Http::init()
$closestLimit = null;
$roles = $authorization->getRoles();
$roles = Authorization::getRoles();
$isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles);
@@ -458,7 +463,7 @@ Http::init()
$useCache = $route->getLabel('cache', false);
if ($useCache) {
$key = md5($request->getURI() . '*' . implode('*', $request->getParams()) . '*' . APP_CACHE_BUSTER);
$cacheLog = $authorization->skip(fn () => $dbForProject->getDocument('cache', $key));
$cacheLog = Authorization::skip(fn () => $dbForProject->getDocument('cache', $key));
$cache = new Cache(
new Filesystem(APP_STORAGE_CACHE . DIRECTORY_SEPARATOR . 'app-' . $project->getId())
);
@@ -471,18 +476,19 @@ Http::init()
if ($type === 'bucket') {
$bucketId = $parts[1] ?? null;
$bucket = Authorization::skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$bucket = $authorization->skip(fn () => $dbForProject->getDocument('buckets', $bucketId));
$isAPIKey = Auth::isAppUser($authorization->getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAPIKey = Auth::isAppUser(Authorization::getRoles());
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
if ($bucket->isEmpty() || (!$bucket->getAttribute('enabled') && !$isAPIKey && !$isPrivilegedUser)) {
throw new Exception(Exception::STORAGE_BUCKET_NOT_FOUND);
}
$fileSecurity = $bucket->getAttribute('fileSecurity', false);
$valid = $authorization->isValid(new Input(Database::PERMISSION_READ, $bucket->getRead()));
$validator = new Authorization(Database::PERMISSION_READ);
$valid = $validator->isValid($bucket->getRead());
if (!$fileSecurity && !$valid) {
throw new Exception(Exception::USER_UNAUTHORIZED);
}
@@ -493,7 +499,7 @@ Http::init()
if ($fileSecurity && !$valid) {
$file = $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId);
} else {
$file = $authorization->skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
$file = Authorization::skip(fn () => $dbForProject->getDocument('bucket_' . $bucket->getInternalId(), $fileId));
}
if ($file->isEmpty()) {
@@ -517,7 +523,7 @@ Http::init()
}
});
Http::init()
App::init()
->groups(['session'])
->inject('user')
->inject('request')
@@ -537,12 +543,14 @@ Http::init()
* Delete older sessions if the number of sessions have crossed
* the session limit set for the project
*/
Http::shutdown()
App::shutdown()
->groups(['session'])
->inject('utopia')
->inject('request')
->inject('response')
->inject('project')
->inject('dbForProject')
->action(function (Response $response, Document $project, Database $dbForProject) {
->action(function (App $utopia, Request $request, Response $response, Document $project, Database $dbForProject) {
$sessionLimit = $project->getAttribute('auths', [])['maxSessions'] ?? APP_LIMIT_USER_SESSIONS_DEFAULT;
$session = $response->getPayload();
$userId = $session['userId'] ?? '';
@@ -569,9 +577,9 @@ Http::shutdown()
$dbForProject->purgeCachedDocument('users', $userId);
});
Http::shutdown()
App::shutdown()
->groups(['api'])
->inject('route')
->inject('utopia')
->inject('request')
->inject('response')
->inject('project')
@@ -587,29 +595,7 @@ Http::shutdown()
->inject('queueForFunctions')
->inject('mode')
->inject('dbForConsole')
->inject('authorization')
->action(function (
Route $route,
Request $request,
Response $response,
Document $project,
Document $user,
Event $queueForEvents,
Audit $queueForAudits,
Usage $queueForUsage,
Delete $queueForDeletes,
EventDatabase $queueForDatabase,
Build $queueForBuilds,
Messaging $queueForMessaging,
Database $dbForProject,
Func $queueForFunctions,
string $mode,
Database $dbForConsole,
Authorization $authorization,
) use ($parseLabel) {
if (!empty($user) && !$user->isEmpty() && empty($user->getInternalId())) {
$user = $authorization->skip(fn () => $dbForProject->getDocument('users', $user->getId()));
}
->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Event $queueForEvents, Audit $queueForAudits, Usage $queueForUsage, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Messaging $queueForMessaging, Database $dbForProject, Func $queueForFunctions, string $mode, Database $dbForConsole) use ($parseLabel) {
$responsePayload = $response->getPayload();
@@ -621,10 +607,11 @@ Http::shutdown()
/**
* Trigger functions.
*/
$queueForFunctions
->from($queueForEvents)
->trigger();
if (!$queueForEvents->isPaused()) {
$queueForFunctions
->from($queueForEvents)
->trigger();
}
/**
* Trigger webhooks.
*/
@@ -668,6 +655,7 @@ Http::shutdown()
}
}
$route = $utopia->getRoute();
$requestParams = $route->getParamsValues();
/**
@@ -737,11 +725,11 @@ Http::shutdown()
$key = md5($request->getURI() . '*' . implode('*', $request->getParams()) . '*' . APP_CACHE_BUSTER);
$signature = md5($data['payload']);
$cacheLog = $authorization->skip(fn () => $dbForProject->getDocument('cache', $key));
$cacheLog = Authorization::skip(fn () => $dbForProject->getDocument('cache', $key));
$accessedAt = $cacheLog->getAttribute('accessedAt', '');
$now = DateTime::now();
if ($cacheLog->isEmpty()) {
$authorization->skip(fn () => $dbForProject->createDocument('cache', new Document([
Authorization::skip(fn () => $dbForProject->createDocument('cache', new Document([
'$id' => $key,
'resource' => $resource,
'resourceType' => $resourceType,
@@ -751,7 +739,7 @@ Http::shutdown()
])));
} elseif (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_CACHE_UPDATE)) > $accessedAt) {
$cacheLog->setAttribute('accessedAt', $now);
$authorization->skip(fn () => $dbForProject->updateDocument('cache', $cacheLog->getId(), $cacheLog));
Authorization::skip(fn () => $dbForProject->updateDocument('cache', $cacheLog->getId(), $cacheLog));
}
if ($signature !== $cacheLog->getAttribute('signature')) {
@@ -763,8 +751,10 @@ Http::shutdown()
}
}
if ($project->getId() !== 'console') {
if (!Auth::isPrivilegedUser($authorization->getRoles())) {
if (!Auth::isPrivilegedUser(Authorization::getRoles())) {
$fileSize = 0;
$file = $request->getFiles('file');
if (!empty($file)) {
@@ -789,7 +779,7 @@ Http::shutdown()
$accessedAt = $project->getAttribute('accessedAt', '');
if (DateTime::formatTz(DateTime::addSeconds(new \DateTime(), -APP_PROJECT_ACCESS)) > $accessedAt) {
$project->setAttribute('accessedAt', DateTime::now());
$authorization->skip(fn () => $dbForConsole->updateDocument('projects', $project->getId(), $project));
Authorization::skip(fn () => $dbForConsole->updateDocument('projects', $project->getId(), $project));
}
}
@@ -810,16 +800,10 @@ Http::shutdown()
}
});
Http::init()
App::init()
->groups(['usage'])
->action(function () {
if (System::getEnv('_APP_USAGE_STATS', 'enabled') !== 'enabled') {
throw new Exception(Exception::GENERAL_USAGE_DISABLED);
}
});
Http::shutdown()
->inject('connections')
->action(function (Connections $connections) {
$connections->reclaim();
});
app/controllers/shared/api/auth.php
+9 -13
View File
@@ -4,14 +4,13 @@ use Appwrite\Auth\Auth;
use Appwrite\Extend\Exception;
use Appwrite\Utopia\Request;
use MaxMind\Db\Reader;
use Utopia\App;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\Validator\Authorization;
use Utopia\Http\Http;
use Utopia\Http\Route;
use Utopia\System\System;
Http::init()
App::init()
->groups(['mfaProtected'])
->inject('session')
->action(function (Document $session) {
@@ -30,14 +29,13 @@ Http::init()
}
});
Http::init()
App::init()
->groups(['auth'])
->inject('route')
->inject('utopia')
->inject('request')
->inject('project')
->inject('geodb')
->inject('authorization')
->action(function (Route $route, Request $request, Document $project, Reader $geodb, Authorization $authorization) {
->action(function (App $utopia, Request $request, Document $project, Reader $geodb) {
$denylist = System::getEnv('_APP_CONSOLE_COUNTRIES_DENYLIST', '');
if (!empty($denylist && $project->getId() === 'console')) {
$countries = explode(',', $denylist);
@@ -48,17 +46,15 @@ Http::init()
}
}
$isPrivilegedUser = Auth::isPrivilegedUser($authorization->getRoles());
$isAppUser = Auth::isAppUser($authorization->getRoles());
$route = $utopia->match($request);
$isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles());
$isAppUser = Auth::isAppUser(Authorization::getRoles());
if ($isAppUser || $isPrivilegedUser) { // Skip limits for app and console devs
return;
}
if ($route->getLabel('sdk.namespace', '') === 'graphql') { // Skip for graphQL recursive call
return;
}
$auths = $project->getAttribute('auths', []);
switch ($route->getLabel('auth.type', '')) {
case 'emailPassword':
app/controllers/web/console.php
+3 -3
View File
@@ -2,9 +2,9 @@
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\Http\Http;
use Utopia\App;
Http::init()
App::init()
->groups(['web'])
->inject('request')
->inject('response')
@@ -16,7 +16,7 @@ Http::init()
;
});
Http::get('/')
App::get('/')
->alias('auth/*')
->alias('/invite')
->alias('/login')
app/controllers/web/home.php
+2 -2
View File
@@ -1,10 +1,10 @@
<?php
use Appwrite\Utopia\Response;
use Utopia\App;
use Utopia\Config\Config;
use Utopia\Http\Http;
Http::get('/versions')
App::get('/versions')
->desc('Get Version')
->groups(['home', 'web'])
->label('scope', 'public')
app/http.php
+297 -204
View File
@@ -1,242 +1,335 @@
<?php
require_once __DIR__ . '/init.php';
require_once __DIR__ . '/controllers/general.php';
require_once __DIR__ . '/../vendor/autoload.php';
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Swoole\Constant;
use Swoole\Http\Request as SwooleRequest;
use Swoole\Http\Response as SwooleResponse;
use Swoole\Http\Server;
use Swoole\Process;
use Utopia\Abuse\Adapters\Database\TimeLimit;
use Utopia\App;
use Utopia\Audit\Audit;
use Utopia\Cache\Cache;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Adapter\MariaDB;
use Utopia\Database\Adapter\MySQL;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Permission;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Validator\Authorization;
use Utopia\Http\Adapter\Swoole\Server;
use Utopia\Http\Http;
use Utopia\Logger\Log;
use Utopia\Logger\Log\User;
use Utopia\Pools\Group;
use Utopia\Swoole\Files;
use Utopia\System\System;
global $registry, $container;
$http = new Server(
host: "0.0.0.0",
port: System::getEnv('PORT', 80),
mode: SWOOLE_PROCESS,
);
$payloadSize = 12 * (1024 * 1024); // 12MB - adding slight buffer for headers and other data that might be sent with the payload - update later with valid testing
$workerNumber = swoole_cpu_num() * intval(System::getEnv('_APP_WORKER_PER_CORE', 6));
$server = new Server('0.0.0.0', '80', [
'open_http2_protocol' => true,
'http_compression' => true,
'http_compression_level' => 6,
'package_max_length' => $payloadSize,
'buffer_output_size' => $payloadSize,
// Server
// 'log_level' => 0,
'dispatch_mode' => 2,
'worker_num' => $workerNumber,
'reactor_num' => swoole_cpu_num() * 2,
'open_cpu_affinity' => true,
// Coroutine
'enable_coroutine' => true,
'send_yield' => true,
'tcp_fastopen' => true,
]);
$http
->set([
'worker_num' => $workerNumber,
'open_http2_protocol' => true,
'http_compression' => true,
'http_compression_level' => 6,
'package_max_length' => $payloadSize,
'buffer_output_size' => $payloadSize,
]);
$http = new Http($server, $container, 'UTC');
$http->setRequestClass(Request::class);
$http->setResponseClass(Response::class);
$http->on(Constant::EVENT_WORKER_START, function ($server, $workerId) {
Console::success('Worker ' . ++$workerId . ' started successfully');
});
Http::onStart()
->inject('authorization')
->inject('cache')
->inject('pools')
->inject('connections')
->action(function (Authorization $authorization, Cache $cache, array $pools, Connections $connections) {
try {
// wait for database to be ready
$attempts = 0;
$max = 15;
$sleep = 2;
$http->on(Constant::EVENT_BEFORE_RELOAD, function ($server, $workerId) {
Console::success('Starting reload...');
});
do {
try {
$attempts++;
$pool = $pools['pools-console-console']['pool'];
$dsn = $pools['pools-console-console']['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$http->on(Constant::EVENT_AFTER_RELOAD, function ($server, $workerId) {
Console::success('Reload completed...');
});
$adapter = match ($dsn->getScheme()) {
'mariadb' => new MariaDB($connection),
'mysql' => new MySQL($connection),
default => null
};
include __DIR__ . '/controllers/general.php';
$adapter->setDatabase($dsn->getPath());
$http->on(Constant::EVENT_START, function (Server $http) use ($payloadSize, $register) {
$app = new App('UTC');
$dbForConsole = new Database($adapter, $cache);
$dbForConsole->setAuthorization($authorization);
go(function () use ($register, $app) {
$pools = $register->get('pools');
/** @var Group $pools */
App::setResource('pools', fn () => $pools);
$dbForConsole
->setNamespace('_console')
->setMetadata('host', \gethostname())
->setMetadata('project', 'console')
->setTimeout(APP_DATABASE_TIMEOUT_MILLISECONDS);
// wait for database to be ready
$attempts = 0;
$max = 10;
$sleep = 1;
$dbForConsole->ping();
break; // leave the do-while if successful
} catch (\Throwable $e) {
Console::warning("Database not ready. Retrying connection ({$attempts})...");
if ($attempts >= $max) {
throw new \Exception('Failed to connect to database: ' . $e->getMessage());
}
sleep($sleep);
do {
try {
$attempts++;
$dbForConsole = $app->getResource('dbForConsole');
/** @var Utopia\Database\Database $dbForConsole */
break; // leave the do-while if successful
} catch (\Throwable $e) {
Console::warning("Database not ready. Retrying connection ({$attempts})...");
if ($attempts >= $max) {
throw new \Exception('Failed to connect to database: ' . $e->getMessage());
}
} while ($attempts < $max);
sleep($sleep);
}
} while ($attempts < $max);
Console::success('[Setup] - Server database init started...');
Console::success('[Setup] - Server database init started...');
try {
Console::success('[Setup] - Creating database: appwrite...');
$dbForConsole->create();
} catch (\Throwable $e) {
Console::success('[Setup] - Skip: metadata table already exists');
}
if ($dbForConsole->getCollection(Audit::COLLECTION)->isEmpty()) {
$audit = new Audit($dbForConsole);
$audit->setup();
}
if ($dbForConsole->getCollection(TimeLimit::COLLECTION)->isEmpty()) {
$adapter = new TimeLimit("", 0, 1, $dbForConsole);
$adapter->setup();
}
/** @var array $collections */
$collections = Config::getParam('collections', []);
$consoleCollections = $collections['console'];
foreach ($consoleCollections as $key => $collection) {
if (($collection['$collection'] ?? '') !== Database::METADATA) {
continue;
}
if (!$dbForConsole->getCollection($key)->isEmpty()) {
continue;
}
Console::success('[Setup] - Creating collection: ' . $collection['$id'] . '...');
$attributes = [];
$indexes = [];
foreach ($collection['attributes'] as $attribute) {
$attributes[] = new Document([
'$id' => ID::custom($attribute['$id']),
'type' => $attribute['type'],
'size' => $attribute['size'],
'required' => $attribute['required'],
'signed' => $attribute['signed'],
'array' => $attribute['array'],
'filters' => $attribute['filters'],
'default' => $attribute['default'] ?? null,
'format' => $attribute['format'] ?? ''
]);
}
foreach ($collection['indexes'] as $index) {
$indexes[] = new Document([
'$id' => ID::custom($index['$id']),
'type' => $index['type'],
'attributes' => $index['attributes'],
'lengths' => $index['lengths'],
'orders' => $index['orders'],
]);
}
$dbForConsole->createCollection($key, $attributes, $indexes);
}
if ($dbForConsole->getDocument('buckets', 'default')->isEmpty() && !$dbForConsole->exists($dbForConsole->getDatabase(), 'bucket_1')) {
Console::success('[Setup] - Creating default bucket...');
$dbForConsole->createDocument('buckets', new Document([
'$id' => ID::custom('default'),
'$collection' => ID::custom('buckets'),
'name' => 'Default',
'maximumFileSize' => (int) System::getEnv('_APP_STORAGE_LIMIT', 0), // 10MB
'allowedFileExtensions' => [],
'enabled' => true,
'compression' => 'gzip',
'encryption' => true,
'antivirus' => true,
'fileSecurity' => true,
'$permissions' => [
Permission::create(Role::any()),
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'search' => 'buckets Default',
]));
$bucket = $dbForConsole->getDocument('buckets', 'default');
Console::success('[Setup] - Creating files collection for default bucket...');
$files = $collections['buckets']['files'] ?? [];
if (empty($files)) {
throw new Exception('Files collection is not configured.');
}
$attributes = [];
$indexes = [];
foreach ($files['attributes'] as $attribute) {
$attributes[] = new Document([
'$id' => ID::custom($attribute['$id']),
'type' => $attribute['type'],
'size' => $attribute['size'],
'required' => $attribute['required'],
'signed' => $attribute['signed'],
'array' => $attribute['array'],
'filters' => $attribute['filters'],
'default' => $attribute['default'] ?? null,
'format' => $attribute['format'] ?? ''
]);
}
foreach ($files['indexes'] as $index) {
$indexes[] = new Document([
'$id' => ID::custom($index['$id']),
'type' => $index['type'],
'attributes' => $index['attributes'],
'lengths' => $index['lengths'],
'orders' => $index['orders'],
]);
}
$dbForConsole->createCollection('bucket_' . $bucket->getInternalId(), $attributes, $indexes);
}
$pools->reclaim();
Console::success('[Setup] - Server database init completed...');
});
Console::success('Server started successfully (max payload is ' . number_format($payloadSize) . ' bytes)');
Console::info("Master pid {$http->master_pid}, manager pid {$http->manager_pid}");
// listen ctrl + c
Process::signal(2, function () use ($http) {
Console::log('Stop by Ctrl+C');
$http->shutdown();
});
});
$http->on('request', function (SwooleRequest $swooleRequest, SwooleResponse $swooleResponse) use ($register) {
App::setResource('swooleRequest', fn () => $swooleRequest);
App::setResource('swooleResponse', fn () => $swooleResponse);
$request = new Request($swooleRequest);
$response = new Response($swooleResponse);
if (Files::isFileLoaded($request->getURI())) {
$time = (60 * 60 * 24 * 365 * 2); // 45 days cache
$response
->setContentType(Files::getFileMimeType($request->getURI()))
->addHeader('Cache-Control', 'public, max-age=' . $time)
->addHeader('Expires', \date('D, d M Y H:i:s', \time() + $time) . ' GMT') // 45 days cache
->send(Files::getFileContents($request->getURI()));
return;
}
$app = new App('UTC');
$pools = $register->get('pools');
App::setResource('pools', fn () => $pools);
try {
Authorization::cleanRoles();
Authorization::setRole(Role::any()->toString());
$app->run($request, $response);
} catch (\Throwable $th) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
$logger = $app->getResource("logger");
if ($logger) {
try {
/** @var Utopia\Database\Document $user */
$user = $app->getResource('user');
} catch (\Throwable $_th) {
// All good, user is optional information for logger
}
$route = $app->getRoute();
$log = $app->getResource("log");
if (isset($user) && !$user->isEmpty()) {
$log->setUser(new User($user->getId()));
}
$log->setNamespace("http");
$log->setServer(\gethostname());
$log->setVersion($version);
$log->setType(Log::TYPE_ERROR);
$log->setMessage($th->getMessage());
$log->addTag('method', $route->getMethod());
$log->addTag('url', $route->getPath());
$log->addTag('verboseType', get_class($th));
$log->addTag('code', $th->getCode());
// $log->addTag('projectId', $project->getId()); // TODO: Figure out how to get ProjectID, if it becomes relevant
$log->addTag('hostname', $request->getHostname());
$log->addTag('locale', (string)$request->getParam('locale', $request->getHeader('x-appwrite-locale', '')));
$log->addExtra('file', $th->getFile());
$log->addExtra('line', $th->getLine());
$log->addExtra('trace', $th->getTraceAsString());
$log->addExtra('roles', Authorization::getRoles());
$action = $route->getLabel("sdk.namespace", "UNKNOWN_NAMESPACE") . '.' . $route->getLabel("sdk.method", "UNKNOWN_METHOD");
$log->setAction($action);
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
try {
Console::success('[Setup] - Creating database: appwrite...');
$dbForConsole->create();
} catch (\Throwable $e) {
Console::success('[Setup] - Skip: metadata table already exists');
return true;
$responseCode = $logger->addLog($log);
Console::info('Error log pushed with status code: ' . $responseCode);
} catch (Throwable $th) {
Console::error('Error pushing log: ' . $th->getMessage());
}
if ($dbForConsole->getCollection(Audit::COLLECTION)->isEmpty()) {
$audit = new Audit($dbForConsole);
$audit->setup();
}
if ($dbForConsole->getCollection(TimeLimit::COLLECTION)->isEmpty()) {
$abuse = new TimeLimit("", 0, 1, $dbForConsole);
$abuse->setup();
}
/** @var array $collections */
$collections = Config::getParam('collections', []);
$consoleCollections = $collections['console'];
foreach ($consoleCollections as $key => $collection) {
if (($collection['$collection'] ?? '') !== Database::METADATA) {
continue;
}
if (!$dbForConsole->getCollection($key)->isEmpty()) {
continue;
}
Console::success('[Setup] - Creating collection: ' . $collection['$id'] . '...');
$attributes = [];
$indexes = [];
foreach ($collection['attributes'] as $attribute) {
$attributes[] = new Document([
'$id' => ID::custom($attribute['$id']),
'type' => $attribute['type'],
'size' => $attribute['size'],
'required' => $attribute['required'],
'signed' => $attribute['signed'],
'array' => $attribute['array'],
'filters' => $attribute['filters'],
'default' => $attribute['default'] ?? null,
'format' => $attribute['format'] ?? ''
]);
}
foreach ($collection['indexes'] as $index) {
$indexes[] = new Document([
'$id' => ID::custom($index['$id']),
'type' => $index['type'],
'attributes' => $index['attributes'],
'lengths' => $index['lengths'],
'orders' => $index['orders'],
]);
}
$dbForConsole->createCollection($key, $attributes, $indexes);
}
if ($dbForConsole->getDocument('buckets', 'default')->isEmpty() && !$dbForConsole->exists($dbForConsole->getDatabase(), 'bucket_1')) {
Console::success('[Setup] - Creating default bucket...');
$dbForConsole->createDocument('buckets', new Document([
'$id' => ID::custom('default'),
'$collection' => ID::custom('buckets'),
'name' => 'Default',
'maximumFileSize' => (int) System::getEnv('_APP_STORAGE_LIMIT', 0), // 10MB
'allowedFileExtensions' => [],
'enabled' => true,
'compression' => 'gzip',
'encryption' => true,
'antivirus' => true,
'fileSecurity' => true,
'$permissions' => [
Permission::create(Role::any()),
Permission::read(Role::any()),
Permission::update(Role::any()),
Permission::delete(Role::any()),
],
'search' => 'buckets Default',
]));
$bucket = $dbForConsole->getDocument('buckets', 'default');
Console::success('[Setup] - Creating files collection for default bucket...');
$files = $collections['buckets']['files'] ?? [];
if (empty($files)) {
throw new Exception('Files collection is not configured.');
}
$attributes = [];
$indexes = [];
foreach ($files['attributes'] as $attribute) {
$attributes[] = new Document([
'$id' => ID::custom($attribute['$id']),
'type' => $attribute['type'],
'size' => $attribute['size'],
'required' => $attribute['required'],
'signed' => $attribute['signed'],
'array' => $attribute['array'],
'filters' => $attribute['filters'],
'default' => $attribute['default'] ?? null,
'format' => $attribute['format'] ?? ''
]);
}
foreach ($files['indexes'] as $index) {
$indexes[] = new Document([
'$id' => ID::custom($index['$id']),
'type' => $index['type'],
'attributes' => $index['attributes'],
'lengths' => $index['lengths'],
'orders' => $index['orders'],
]);
}
$dbForConsole->createCollection('bucket_' . $bucket->getInternalId(), $attributes, $indexes);
}
$connections->reclaim();
Console::success('[Setup] - Server database init completed...');
Console::success('Server started successfully');
} catch (\Throwable $e) {
Console::warning('Database not ready: ' . $e->getMessage());
exit(1);
}
});
Http::init()
->inject('authorization')
->action(function (Authorization $authorization) {
$authorization->cleanRoles();
$authorization->addRole(Role::any()->toString());
});
Console::error('[Error] Type: ' . get_class($th));
Console::error('[Error] Message: ' . $th->getMessage());
Console::error('[Error] File: ' . $th->getFile());
Console::error('[Error] Line: ' . $th->getLine());
$swooleResponse->setStatusCode(500);
$output = ((App::isDevelopment())) ? [
'message' => 'Error: ' . $th->getMessage(),
'code' => 500,
'file' => $th->getFile(),
'line' => $th->getLine(),
'trace' => $th->getTrace(),
'version' => $version,
] : [
'message' => 'Error: Server Error',
'code' => 500,
'version' => $version,
];
$swooleResponse->end(\json_encode($output));
} finally {
$pools->reclaim();
}
});
$http->start();
app/init.php
+1566 -1156
View File
File diff suppressed because it is too large Load Diff
app/init/config.php
-37
View File
@@ -1,37 +0,0 @@
<?php
use Utopia\Config\Config;
Config::load('events', __DIR__ . '/../config/events.php');
Config::load('auth', __DIR__ . '/../config/auth.php');
Config::load('apis', __DIR__ . '/../config/apis.php');
Config::load('errors', __DIR__ . '/../config/errors.php');
Config::load('oAuthProviders', __DIR__ . '/../config/oAuthProviders.php');
Config::load('platforms', __DIR__ . '/../config/platforms.php');
Config::load('collections', __DIR__ . '/../config/collections.php');
Config::load('runtimes', __DIR__ . '/../config/runtimes.php');
Config::load('runtimes-v2', __DIR__ . '/../config/runtimes-v2.php');
Config::load('usage', __DIR__ . '/../config/usage.php');
Config::load('roles', __DIR__ . '/../config/roles.php'); // User roles and scopes
Config::load('scopes', __DIR__ . '/../config/scopes.php'); // User roles and scopes
Config::load('services', __DIR__ . '/../config/services.php'); // List of services
Config::load('variables', __DIR__ . '/../config/variables.php'); // List of env variables
Config::load('regions', __DIR__ . '/../config/regions.php'); // List of available regions
Config::load('avatar-browsers', __DIR__ . '/../config/avatars/browsers.php');
Config::load('avatar-credit-cards', __DIR__ . '/../config/avatars/credit-cards.php');
Config::load('avatar-flags', __DIR__ . '/../config/avatars/flags.php');
Config::load('locale-codes', __DIR__ . '/../config/locale/codes.php');
Config::load('locale-currencies', __DIR__ . '/../config/locale/currencies.php');
Config::load('locale-eu', __DIR__ . '/../config/locale/eu.php');
Config::load('locale-languages', __DIR__ . '/../config/locale/languages.php');
Config::load('locale-phones', __DIR__ . '/../config/locale/phones.php');
Config::load('locale-countries', __DIR__ . '/../config/locale/countries.php');
Config::load('locale-continents', __DIR__ . '/../config/locale/continents.php');
Config::load('locale-templates', __DIR__ . '/../config/locale/templates.php');
Config::load('storage-logos', __DIR__ . '/../config/storage/logos.php');
Config::load('storage-mimes', __DIR__ . '/../config/storage/mimes.php');
Config::load('storage-inputs', __DIR__ . '/../config/storage/inputs.php');
Config::load('storage-outputs', __DIR__ . '/../config/storage/outputs.php');
Config::load('runtime-specifications', __DIR__ . '/../config/runtimes/specifications.php');
Config::load('function-templates', __DIR__ . '/../config/function-templates.php');
app/init/constants.php
-185
View File
@@ -1,185 +0,0 @@
<?php
use Appwrite\Functions\Specification;
const APP_NAME = 'Appwrite';
const APP_DOMAIN = 'appwrite.io';
const APP_EMAIL_TEAM = 'team@localhost.test'; // Default email address
const APP_EMAIL_SECURITY = ''; // Default security email address
const APP_USERAGENT = APP_NAME . '-Server v%s. Please report abuse at %s';
const APP_MODE_DEFAULT = 'default';
const APP_MODE_ADMIN = 'admin';
const APP_PAGING_LIMIT = 12;
const APP_LIMIT_COUNT = 5000;
const APP_LIMIT_USERS = 10_000;
const APP_LIMIT_USER_PASSWORD_HISTORY = 20;
const APP_LIMIT_USER_SESSIONS_MAX = 100;
const APP_LIMIT_USER_SESSIONS_DEFAULT = 10;
const APP_LIMIT_ANTIVIRUS = 20_000_000; //20MB
const APP_LIMIT_ENCRYPTION = 20_000_000; //20MB
const APP_LIMIT_COMPRESSION = 20_000_000; //20MB
const APP_LIMIT_ARRAY_PARAMS_SIZE = 100; // Default maximum of how many elements can there be in API parameter that expects array value
const APP_LIMIT_ARRAY_LABELS_SIZE = 1000; // Default maximum of how many labels elements can there be in API parameter that expects array value
const APP_LIMIT_ARRAY_ELEMENT_SIZE = 4096; // Default maximum length of element in array parameter represented by maximum URL length.
const APP_LIMIT_SUBQUERY = 1000;
const APP_LIMIT_SUBSCRIBERS_SUBQUERY = 1_000_000;
const APP_LIMIT_WRITE_RATE_DEFAULT = 60; // Default maximum write rate per rate period
const APP_LIMIT_WRITE_RATE_PERIOD_DEFAULT = 60; // Default maximum write rate period in seconds
const APP_LIMIT_LIST_DEFAULT = 25; // Default maximum number of items to return in list API calls
const APP_KEY_ACCESS = 24 * 60 * 60; // 24 hours
const APP_USER_ACCESS = 24 * 60 * 60; // 24 hours
const APP_PROJECT_ACCESS = 24 * 60 * 60; // 24 hours
const APP_CACHE_UPDATE = 24 * 60 * 60; // 24 hours
const APP_CACHE_BUSTER = 4318;
const APP_VERSION_STABLE = '1.6.0';
const APP_DATABASE_ATTRIBUTE_EMAIL = 'email';
const APP_DATABASE_ATTRIBUTE_ENUM = 'enum';
const APP_DATABASE_ATTRIBUTE_IP = 'ip';
const APP_DATABASE_ATTRIBUTE_DATETIME = 'datetime';
const APP_DATABASE_ATTRIBUTE_URL = 'url';
const APP_DATABASE_ATTRIBUTE_INT_RANGE = 'intRange';
const APP_DATABASE_ATTRIBUTE_FLOAT_RANGE = 'floatRange';
const APP_DATABASE_ATTRIBUTE_STRING_MAX_LENGTH = 1_073_741_824; // 2^32 bits / 4 bits per char
const APP_DATABASE_TIMEOUT_MILLISECONDS = 15_000;
const APP_STORAGE_UPLOADS = '/storage/uploads';
const APP_STORAGE_FUNCTIONS = '/storage/functions';
const APP_STORAGE_BUILDS = '/storage/builds';
const APP_STORAGE_CACHE = '/storage/cache';
const APP_STORAGE_CERTIFICATES = '/storage/certificates';
const APP_STORAGE_CONFIG = '/storage/config';
const APP_STORAGE_READ_BUFFER = 20 * (1000 * 1000); //20MB other names `APP_STORAGE_MEMORY_LIMIT`, `APP_STORAGE_MEMORY_BUFFER`, `APP_STORAGE_READ_LIMIT`, `APP_STORAGE_BUFFER_LIMIT`
const APP_SOCIAL_TWITTER = 'https://twitter.com/appwrite';
const APP_SOCIAL_TWITTER_HANDLE = 'appwrite';
const APP_SOCIAL_FACEBOOK = 'https://www.facebook.com/appwrite.io';
const APP_SOCIAL_LINKEDIN = 'https://www.linkedin.com/company/appwrite';
const APP_SOCIAL_INSTAGRAM = 'https://www.instagram.com/appwrite.io';
const APP_SOCIAL_GITHUB = 'https://github.com/appwrite';
const APP_SOCIAL_DISCORD = 'https://appwrite.io/discord';
const APP_SOCIAL_DISCORD_CHANNEL = '564160730845151244';
const APP_SOCIAL_DEV = 'https://dev.to/appwrite';
const APP_SOCIAL_STACKSHARE = 'https://stackshare.io/appwrite';
const APP_SOCIAL_YOUTUBE = 'https://www.youtube.com/c/appwrite?sub_confirmation=1';
const APP_HOSTNAME_INTERNAL = 'appwrite';
const APP_FUNCTION_SPECIFICATION_DEFAULT = Specification::S_05VCPU_512MB;
const APP_FUNCTION_CPUS_DEFAULT = 0.5;
const APP_FUNCTION_MEMORY_DEFAULT = 512;
const DATABASE_SHARED_TABLES = 'database_db_fra1_self_hosted_16_0';
// Database Reconnect
const DATABASE_RECONNECT_SLEEP = 2;
const DATABASE_RECONNECT_MAX_ATTEMPTS = 10;
// Database Worker Types
const DATABASE_TYPE_CREATE_ATTRIBUTE = 'createAttribute';
const DATABASE_TYPE_CREATE_INDEX = 'createIndex';
const DATABASE_TYPE_DELETE_ATTRIBUTE = 'deleteAttribute';
const DATABASE_TYPE_DELETE_INDEX = 'deleteIndex';
const DATABASE_TYPE_DELETE_COLLECTION = 'deleteCollection';
const DATABASE_TYPE_DELETE_DATABASE = 'deleteDatabase';
// Build Worker Types
const BUILD_TYPE_DEPLOYMENT = 'deployment';
const BUILD_TYPE_RETRY = 'retry';
// Deletion Types
const DELETE_TYPE_DATABASES = 'databases';
const DELETE_TYPE_DOCUMENT = 'document';
const DELETE_TYPE_COLLECTIONS = 'collections';
const DELETE_TYPE_PROJECTS = 'projects';
const DELETE_TYPE_FUNCTIONS = 'functions';
const DELETE_TYPE_DEPLOYMENTS = 'deployments';
const DELETE_TYPE_USERS = 'users';
const DELETE_TYPE_TEAM_PROJECTS = 'teams_projects';
const DELETE_TYPE_EXECUTIONS = 'executions';
const DELETE_TYPE_AUDIT = 'audit';
const DELETE_TYPE_ABUSE = 'abuse';
const DELETE_TYPE_USAGE = 'usage';
const DELETE_TYPE_REALTIME = 'realtime';
const DELETE_TYPE_BUCKETS = 'buckets';
const DELETE_TYPE_INSTALLATIONS = 'installations';
const DELETE_TYPE_RULES = 'rules';
const DELETE_TYPE_SESSIONS = 'sessions';
const DELETE_TYPE_CACHE_BY_TIMESTAMP = 'cacheByTimeStamp';
const DELETE_TYPE_CACHE_BY_RESOURCE = 'cacheByResource';
const DELETE_TYPE_SCHEDULES = 'schedules';
const DELETE_TYPE_TOPIC = 'topic';
const DELETE_TYPE_TARGET = 'target';
const DELETE_TYPE_EXPIRED_TARGETS = 'invalid_targets';
const DELETE_TYPE_SESSION_TARGETS = 'session_targets';
// Message types
const MESSAGE_SEND_TYPE_INTERNAL = 'internal';
const MESSAGE_SEND_TYPE_EXTERNAL = 'external';
// Mail Types
const MAIL_TYPE_VERIFICATION = 'verification';
const MAIL_TYPE_MAGIC_SESSION = 'magicSession';
const MAIL_TYPE_RECOVERY = 'recovery';
const MAIL_TYPE_INVITATION = 'invitation';
const MAIL_TYPE_CERTIFICATE = 'certificate';
// Auth Types
const APP_AUTH_TYPE_SESSION = 'Session';
const APP_AUTH_TYPE_JWT = 'JWT';
const APP_AUTH_TYPE_KEY = 'Key';
const APP_AUTH_TYPE_ADMIN = 'Admin';
// Response related
const MAX_OUTPUT_CHUNK_SIZE = 2 * 1024 * 1024; // 2MB
// Function headers
const FUNCTION_ALLOWLIST_HEADERS_REQUEST = ['content-type', 'agent', 'content-length', 'host'];
const FUNCTION_ALLOWLIST_HEADERS_RESPONSE = ['content-type', 'content-length'];
// Message types
const MESSAGE_TYPE_EMAIL = 'email';
const MESSAGE_TYPE_SMS = 'sms';
const MESSAGE_TYPE_PUSH = 'push';
// API key types
const API_KEY_STANDARD = 'standard';
const API_KEY_DYNAMIC = 'dynamic';
// Usage metrics
const METRIC_TEAMS = 'teams';
const METRIC_USERS = 'users';
const METRIC_AUTH_METHOD_PHONE = 'auth.method.phone';
const METRIC_AUTH_METHOD_PHONE_COUNTRY_CODE = METRIC_AUTH_METHOD_PHONE . '.{countryCode}';
const METRIC_SESSIONS = 'sessions';
const METRIC_DATABASES = 'databases';
const METRIC_COLLECTIONS = 'collections';
const METRIC_DATABASE_ID_COLLECTIONS = '{databaseInternalId}.collections';
const METRIC_DOCUMENTS = 'documents';
const METRIC_DATABASE_ID_DOCUMENTS = '{databaseInternalId}.documents';
const METRIC_DATABASE_ID_COLLECTION_ID_DOCUMENTS = '{databaseInternalId}.{collectionInternalId}.documents';
const METRIC_BUCKETS = 'buckets';
const METRIC_FILES = 'files';
const METRIC_FILES_STORAGE = 'files.storage';
const METRIC_BUCKET_ID_FILES = '{bucketInternalId}.files';
const METRIC_BUCKET_ID_FILES_STORAGE = '{bucketInternalId}.files.storage';
const METRIC_FUNCTIONS = 'functions';
const METRIC_DEPLOYMENTS = 'deployments';
const METRIC_DEPLOYMENTS_STORAGE = 'deployments.storage';
const METRIC_BUILDS = 'builds';
const METRIC_BUILDS_SUCCESS = 'builds.success';
const METRIC_BUILDS_FAILED = 'builds.failed';
const METRIC_BUILDS_STORAGE = 'builds.storage';
const METRIC_BUILDS_COMPUTE = 'builds.compute';
const METRIC_BUILDS_COMPUTE_SUCCESS = 'builds.compute.success';
const METRIC_BUILDS_COMPUTE_FAILED = 'builds.compute.failed';
const METRIC_BUILDS_MB_SECONDS = 'builds.mbSeconds';
const METRIC_FUNCTION_ID_BUILDS_COMPUTE_SUCCESS = '{functionInternalId}.builds.compute.success';
const METRIC_FUNCTION_ID_BUILDS_COMPUTE_FAILED = '{functionInternalId}.builds.compute.failed';
const METRIC_FUNCTION_ID_BUILDS = '{functionInternalId}.builds';
const METRIC_FUNCTION_ID_BUILDS_SUCCESS = '{functionInternalId}.builds.success';
const METRIC_FUNCTION_ID_BUILDS_FAILED = '{functionInternalId}.builds.failed';
const METRIC_FUNCTION_ID_BUILDS_STORAGE = '{functionInternalId}.builds.storage';
const METRIC_FUNCTION_ID_BUILDS_COMPUTE = '{functionInternalId}.builds.compute';
const METRIC_FUNCTION_ID_DEPLOYMENTS = '{resourceType}.{resourceInternalId}.deployments';
const METRIC_FUNCTION_ID_DEPLOYMENTS_STORAGE = '{resourceType}.{resourceInternalId}.deployments.storage';
const METRIC_FUNCTION_ID_BUILDS_MB_SECONDS = '{functionInternalId}.builds.mbSeconds';
const METRIC_EXECUTIONS = 'executions';
const METRIC_EXECUTIONS_COMPUTE = 'executions.compute';
const METRIC_EXECUTIONS_MB_SECONDS = 'executions.mbSeconds';
const METRIC_FUNCTION_ID_EXECUTIONS = '{functionInternalId}.executions';
const METRIC_FUNCTION_ID_EXECUTIONS_COMPUTE = '{functionInternalId}.executions.compute';
const METRIC_FUNCTION_ID_EXECUTIONS_MB_SECONDS = '{functionInternalId}.executions.mbSeconds';
const METRIC_NETWORK_REQUESTS = 'network.requests';
const METRIC_NETWORK_INBOUND = 'network.inbound';
const METRIC_NETWORK_OUTBOUND = 'network.outbound';
app/init/database/filters.php
-397
View File
@@ -1,397 +0,0 @@
<?php
use Appwrite\OpenSSL\OpenSSL;
use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Query;
use Utopia\System\System;
Database::addFilter(
'casting',
function (mixed $value) {
return json_encode(['value' => $value], JSON_PRESERVE_ZERO_FRACTION);
},
function (mixed $value) {
if (is_null($value)) {
return;
}
return json_decode($value, true)['value'];
}
);
Database::addFilter(
'enum',
function (mixed $value, Document $attribute) {
if ($attribute->isSet('elements')) {
$attribute->removeAttribute('elements');
}
return $value;
},
function (mixed $value, Document $attribute) {
$formatOptions = \json_decode($attribute->getAttribute('formatOptions', '[]'), true);
if (isset($formatOptions['elements'])) {
$attribute->setAttribute('elements', $formatOptions['elements']);
}
return $value;
}
);
Database::addFilter(
'range',
function (mixed $value, Document $attribute) {
if ($attribute->isSet('min')) {
$attribute->removeAttribute('min');
}
if ($attribute->isSet('max')) {
$attribute->removeAttribute('max');
}
return $value;
},
function (mixed $value, Document $attribute) {
$formatOptions = json_decode($attribute->getAttribute('formatOptions', '[]'), true);
if (isset($formatOptions['min']) || isset($formatOptions['max'])) {
$attribute
->setAttribute('min', $formatOptions['min'])
->setAttribute('max', $formatOptions['max'])
;
}
return $value;
}
);
Database::addFilter(
'subQueryAttributes',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
$attributes = $database->find('attributes', [
Query::equal('collectionInternalId', [$document->getInternalId()]),
Query::equal('databaseInternalId', [$document->getAttribute('databaseInternalId')]),
Query::limit($database->getLimitForAttributes()),
]);
foreach ($attributes as $attribute) {
if ($attribute->getAttribute('type') === Database::VAR_RELATIONSHIP) {
$options = $attribute->getAttribute('options');
foreach ($options as $key => $value) {
$attribute->setAttribute($key, $value);
}
$attribute->removeAttribute('options');
}
}
return $attributes;
}
);
Database::addFilter(
'subQueryIndexes',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('indexes', [
Query::equal('collectionInternalId', [$document->getInternalId()]),
Query::equal('databaseInternalId', [$document->getAttribute('databaseInternalId')]),
Query::limit($database->getLimitForIndexes()),
]);
}
);
Database::addFilter(
'subQueryPlatforms',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('platforms', [
Query::equal('projectInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]);
}
);
Database::addFilter(
'subQueryKeys',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('keys', [
Query::equal('projectInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]);
}
);
Database::addFilter(
'subQueryWebhooks',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('webhooks', [
Query::equal('projectInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]);
}
);
Database::addFilter(
'subQuerySessions',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database->find('sessions', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]));
}
);
Database::addFilter(
'subQueryTokens',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database
->find('tokens', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]));
}
);
Database::addFilter(
'subQueryChallenges',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database
->find('challenges', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]));
}
);
Database::addFilter(
'subQueryAuthenticators',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database
->find('authenticators', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]));
}
);
Database::addFilter(
'subQueryMemberships',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database
->find('memberships', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY),
]));
}
);
Database::addFilter(
'subQueryVariables',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('variables', [
Query::equal('resourceInternalId', [$document->getInternalId()]),
Query::equal('resourceType', ['function']),
Query::limit(APP_LIMIT_SUBQUERY),
]);
}
);
Database::addFilter(
'encrypt',
function (mixed $value) {
$key = System::getEnv('_APP_OPENSSL_KEY_V1');
$iv = OpenSSL::randomPseudoBytes(OpenSSL::cipherIVLength(OpenSSL::CIPHER_AES_128_GCM));
$tag = null;
return json_encode([
'data' => OpenSSL::encrypt($value, OpenSSL::CIPHER_AES_128_GCM, $key, 0, $iv, $tag),
'method' => OpenSSL::CIPHER_AES_128_GCM,
'iv' => \bin2hex($iv),
'tag' => \bin2hex($tag ?? ''),
'version' => '1',
]);
},
function (mixed $value) {
if (is_null($value)) {
return;
}
$value = json_decode($value, true);
$key = System::getEnv('_APP_OPENSSL_KEY_V' . $value['version']);
return OpenSSL::decrypt($value['data'], $value['method'], $key, 0, hex2bin($value['iv']), hex2bin($value['tag']));
}
);
Database::addFilter(
'subQueryProjectVariables',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database
->find('variables', [
Query::equal('resourceType', ['project']),
Query::limit(APP_LIMIT_SUBQUERY)
]);
}
);
Database::addFilter(
'userSearch',
function (mixed $value, Document $user) {
$searchValues = [
$user->getId(),
$user->getAttribute('email', ''),
$user->getAttribute('name', ''),
$user->getAttribute('phone', '')
];
foreach ($user->getAttribute('labels', []) as $label) {
$searchValues[] = 'label:' . $label;
}
$search = implode(' ', \array_filter($searchValues));
return $search;
},
function (mixed $value) {
return $value;
}
);
Database::addFilter(
'subQueryTargets',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
return $database->getAuthorization()->skip(fn () => $database
->find('targets', [
Query::equal('userInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBQUERY)
]));
}
);
Database::addFilter(
'subQueryTopicTargets',
function (mixed $value) {
return;
},
function (mixed $value, Document $document, Database $database) {
$targetIds = $database->getAuthorization()->skip(fn () => \array_map(
fn ($document) => $document->getAttribute('targetInternalId'),
$database->find('subscribers', [
Query::equal('topicInternalId', [$document->getInternalId()]),
Query::limit(APP_LIMIT_SUBSCRIBERS_SUBQUERY)
])
));
if (\count($targetIds) > 0) {
return $database->find('targets', [
Query::equal('$internalId', $targetIds)
]);
}
return [];
}
);
Database::addFilter(
'providerSearch',
function (mixed $value, Document $provider) {
$searchValues = [
$provider->getId(),
$provider->getAttribute('name', ''),
$provider->getAttribute('provider', ''),
$provider->getAttribute('type', '')
];
$search = \implode(' ', \array_filter($searchValues));
return $search;
},
function (mixed $value) {
return $value;
}
);
Database::addFilter(
'topicSearch',
function (mixed $value, Document $topic) {
$searchValues = [
$topic->getId(),
$topic->getAttribute('name', ''),
$topic->getAttribute('description', ''),
];
$search = \implode(' ', \array_filter($searchValues));
return $search;
},
function (mixed $value) {
return $value;
}
);
Database::addFilter(
'messageSearch',
function (mixed $value, Document $message) {
$searchValues = [
$message->getId(),
$message->getAttribute('description', ''),
$message->getAttribute('status', ''),
];
$data = \json_decode($message->getAttribute('data', []), true);
$providerType = $message->getAttribute('providerType', '');
if ($providerType === MESSAGE_TYPE_EMAIL) {
$searchValues = \array_merge($searchValues, [$data['subject'], MESSAGE_TYPE_EMAIL]);
} elseif ($providerType === MESSAGE_TYPE_SMS) {
$searchValues = \array_merge($searchValues, [$data['content'], MESSAGE_TYPE_SMS]);
} else {
$searchValues = \array_merge($searchValues, [$data['title'], MESSAGE_TYPE_PUSH]);
}
$search = \implode(' ', \array_filter($searchValues));
return $search;
},
function (mixed $value) {
return $value;
}
);
app/init/database/formats.php
-43
View File
@@ -1,43 +0,0 @@
<?php
use Appwrite\Network\Validator\Email;
use Utopia\Database\Database;
use Utopia\Database\Validator\Datetime as DatetimeValidator;
use Utopia\Database\Validator\Structure;
use Utopia\Http\Validator\IP;
use Utopia\Http\Validator\Range;
use Utopia\Http\Validator\URL;
use Utopia\Http\Validator\WhiteList;
Structure::addFormat(APP_DATABASE_ATTRIBUTE_EMAIL, function () {
return new Email();
}, Database::VAR_STRING);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_DATETIME, function () {
return new DatetimeValidator();
}, Database::VAR_DATETIME);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_ENUM, function ($attribute) {
$elements = $attribute['formatOptions']['elements'];
return new WhiteList($elements, true);
}, Database::VAR_STRING);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_IP, function () {
return new IP();
}, Database::VAR_STRING);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_URL, function () {
return new URL();
}, Database::VAR_STRING);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_INT_RANGE, function ($attribute) {
$min = $attribute['formatOptions']['min'] ?? -INF;
$max = $attribute['formatOptions']['max'] ?? INF;
return new Range($min, $max, Range::TYPE_INTEGER);
}, Database::VAR_INTEGER);
Structure::addFormat(APP_DATABASE_ATTRIBUTE_FLOAT_RANGE, function ($attribute) {
$min = $attribute['formatOptions']['min'] ?? -INF;
$max = $attribute['formatOptions']['max'] ?? INF;
return new Range($min, $max, Range::TYPE_FLOAT);
}, Database::VAR_FLOAT);
app/init/locale.php
-23
View File
@@ -1,23 +0,0 @@
<?php
use Utopia\Config\Config;
use Utopia\Locale\Locale;
Locale::$exceptions = false;
$locales = Config::getParam('locale-codes', []);
foreach ($locales as $locale) {
$code = $locale['code'];
$path = __DIR__ . '/../config/locale/translations/' . $code . '.json';
if (!\file_exists($path)) {
$path = __DIR__ . '/../config/locale/translations/' . \substr($code, 0, 2) . '.json'; // if `ar-ae` doesn't exist, look for `ar`
if (!\file_exists($path)) {
$path = __DIR__ . '/../config/locale/translations/en.json'; // if none translation exists, use default from `en.json`
}
}
Locale::setLanguageFromJSON($code, $path);
}
app/realtime.php
+177 -115
View File
@@ -5,48 +5,144 @@ use Appwrite\Extend\Exception;
use Appwrite\Extend\Exception as AppwriteException;
use Appwrite\Messaging\Adapter\Realtime;
use Appwrite\Network\Validator\Origin;
use Appwrite\Utopia\Queue\Connections;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Swoole\Http\Request as SwooleRequest;
use Swoole\Http\Response as SwooleHttpResponse;
use Swoole\Http\Response as SwooleResponse;
use Swoole\Runtime;
use Swoole\Table;
use Swoole\Timer;
use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\Database\TimeLimit;
use Utopia\App;
use Utopia\Cache\Adapter\Sharding;
use Utopia\Cache\Cache;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\Helpers\ID;
use Utopia\Database\Helpers\Role;
use Utopia\Database\Query;
use Utopia\DI\Container;
use Utopia\DI\Dependency;
use Utopia\Http\Adapter\Swoole\Request as UtopiaRequest;
use Utopia\Http\Adapter\Swoole\Response as HttpResponse;
use Utopia\Http\Adapter\Swoole\Response as UtopiaResponse;
use Utopia\Http\Http;
use Utopia\Database\Validator\Authorization;
use Utopia\DSN\DSN;
use Utopia\Logger\Log;
use Utopia\Pools\Connection;
use Utopia\Registry\Registry;
use Utopia\System\System;
use Utopia\WebSocket\Adapter;
use Utopia\WebSocket\Server;
/**
* @var Registry $registry
* @var Container $container
* @var \Utopia\Registry\Registry $register
*/
global $registry, $container;
require_once __DIR__ . '/init.php';
Runtime::enableCoroutine(SWOOLE_HOOK_ALL);
$realtime = new Realtime();
// Allows overriding
if (!function_exists('getConsoleDB')) {
function getConsoleDB(): Database
{
global $register;
/** @var \Utopia\Pools\Group $pools */
$pools = $register->get('pools');
$dbAdapter = $pools
->get('console')
->pop()
->getResource()
;
$database = new Database($dbAdapter, getCache());
$database
->setNamespace('_console')
->setMetadata('host', \gethostname())
->setMetadata('project', '_console');
return $database;
}
}
// Allows overriding
if (!function_exists('getProjectDB')) {
function getProjectDB(Document $project): Database
{
global $register;
/** @var \Utopia\Pools\Group $pools */
$pools = $register->get('pools');
if ($project->isEmpty() || $project->getId() === 'console') {
return getConsoleDB();
}
try {
$dsn = new DSN($project->getAttribute('database'));
} catch (\InvalidArgumentException) {
// TODO: Temporary until all projects are using shared tables
$dsn = new DSN('mysql://' . $project->getAttribute('database'));
}
$adapter = $pools
->get($dsn->getHost())
->pop()
->getResource();
$database = new Database($adapter, getCache());
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
$database
->setMetadata('host', \gethostname())
->setMetadata('project', $project->getId());
return $database;
}
}
// Allows overriding
if (!function_exists('getCache')) {
function getCache(): Cache
{
global $register;
$pools = $register->get('pools'); /** @var \Utopia\Pools\Group $pools */
$list = Config::getParam('pools-cache', []);
$adapters = [];
foreach ($list as $value) {
$adapters[] = $pools
->get($value)
->pop()
->getResource()
;
}
return new Cache(new Sharding($adapters));
}
}
if (!function_exists('getRealtime')) {
function getRealtime(): Realtime
{
return new Realtime();
}
}
$realtime = getRealtime();
/**
* Table for statistics across all workers.
@@ -70,8 +166,8 @@ $adapter
$server = new Server($adapter);
$logError = function (Throwable $error, string $action) use ($registry) {
$logger = $registry->get('logger');
$logError = function (Throwable $error, string $action) use ($register) {
$logger = $register->get('logger');
if ($logger && !$error instanceof Exception) {
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
@@ -95,8 +191,12 @@ $logError = function (Throwable $error, string $action) use ($registry) {
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
$responseCode = $logger->addLog($log);
Console::info('Realtime log pushed with status code: ' . $responseCode);
try {
$responseCode = $logger->addLog($log);
Console::info('Error log pushed with status code: ' . $responseCode);
} catch (Throwable $th) {
Console::error('Error pushing log: ' . $th->getMessage());
}
}
Console::error('[Error] Type: ' . get_class($error));
@@ -107,16 +207,16 @@ $logError = function (Throwable $error, string $action) use ($registry) {
$server->error($logError);
$server->onStart(function () use ($stats, $container, $containerId, &$statsDocument, $logError) {
$server->onStart(function () use ($stats, $register, $containerId, &$statsDocument, $logError) {
sleep(5); // wait for the initial database schema to be ready
Console::success('Server started successfully');
$authorization = $container->get('authorization');
/**
* Create document for this worker to share stats across Containers.
*/
go(function () use ($container, $containerId, &$statsDocument) {
go(function () use ($register, $containerId, &$statsDocument) {
$attempts = 0;
$database = $container->get('dbForConsole');
$database = getConsoleDB();
do {
try {
@@ -130,15 +230,14 @@ $server->onStart(function () use ($stats, $container, $containerId, &$statsDocum
'value' => '{}'
]);
$authorization = $container->get('authorization');
$statsDocument = $authorization->skip(fn () => $database->createDocument('realtime', $document));
$statsDocument = Authorization::skip(fn () => $database->createDocument('realtime', $document));
break;
} catch (Throwable) {
Console::warning("Collection not ready. Retrying connection ({$attempts})...");
sleep(DATABASE_RECONNECT_SLEEP);
}
} while (true);
($container->get('connections'))->reclaim();
$register->get('pools')->reclaim();
});
/**
@@ -146,7 +245,7 @@ $server->onStart(function () use ($stats, $container, $containerId, &$statsDocum
*/
// TODO: Remove this if check once it doesn't cause issues for cloud
if (System::getEnv('_APP_EDITION', 'self-hosted') === 'self-hosted') {
Timer::tick(5000, function () use ($container, $stats, &$statsDocument, $logError, $authorization) {
Timer::tick(5000, function () use ($register, $stats, &$statsDocument, $logError) {
$payload = [];
foreach ($stats as $projectId => $value) {
$payload[$projectId] = $stats->get($projectId, 'connectionsTotal');
@@ -156,43 +255,40 @@ $server->onStart(function () use ($stats, $container, $containerId, &$statsDocum
}
try {
$database = $container->get('dbForConsole');
$database = getConsoleDB();
$statsDocument
->setAttribute('timestamp', DateTime::now())
->setAttribute('value', json_encode($payload));
$authorization->skip(fn () => $database->updateDocument('realtime', $statsDocument->getId(), $statsDocument));
Authorization::skip(fn () => $database->updateDocument('realtime', $statsDocument->getId(), $statsDocument));
} catch (Throwable $th) {
call_user_func($logError, $th, "updateWorkerDocument");
} finally {
($container->get('connections'))->reclaim();
$container->refresh('dbForConsole');
$register->get('pools')->reclaim();
}
});
}
});
$server->onWorkerStart(function (int $workerId) use ($server, $container, $stats, $realtime, $logError) {
$server->onWorkerStart(function (int $workerId) use ($server, $register, $stats, $realtime, $logError) {
Console::success('Worker ' . $workerId . ' started successfully');
$attempts = 0;
$start = time();
$authorization = $container->get('authorization');
Timer::tick(5000, function () use ($server, $container, $realtime, $stats, $logError, $authorization) {
Timer::tick(5000, function () use ($server, $register, $realtime, $stats, $logError) {
/**
* Sending current connections to project channels on the console project every 5 seconds.
*/
// TODO: Remove this if check once it doesn't cause issues for cloud
if (System::getEnv('_APP_EDITION', 'self-hosted') === 'self-hosted') {
if ($realtime->hasSubscriber('console', Role::users()->toString(), 'project')) {
$database = $container->get('dbForConsole');
$database = getConsoleDB();
$payload = [];
$list = $authorization->skip(fn () => $database->find('realtime', [
$list = Authorization::skip(fn () => $database->find('realtime', [
Query::greaterThan('timestamp', DateTime::addSeconds(new \DateTime(), -15)),
]));
@@ -232,8 +328,8 @@ $server->onWorkerStart(function (int $workerId) use ($server, $container, $stats
'data' => $event['data']
]));
}
($container->get('connections'))->reclaim();
$container->refresh('dbForConsole');
$register->get('pools')->reclaim();
}
}
/**
@@ -263,26 +359,13 @@ $server->onWorkerStart(function (int $workerId) use ($server, $container, $stats
while ($attempts < 300) {
try {
if ($attempts > 0) {
Console::error(
'Pub/sub connection lost (lasted ' . (time() - $start) . ' seconds, worker: ' . $workerId . ').
Attempting restart in 5 seconds (attempt #' . $attempts . ')'
);
Console::error('Pub/sub connection lost (lasted ' . (time() - $start) . ' seconds, worker: ' . $workerId . ').
Attempting restart in 5 seconds (attempt #' . $attempts . ')');
sleep(5); // 5 sec delay between connection attempts
}
$start = time();
$pools = $container->get('pools');
/** @var Connections $connections */
$connections = $container->get('connections');
$pool = $pools['pools-pubsub-pubsub']['pool'];
$connection = $pool->get();
$connections->add($connection, $pool);
$redis = $connection;
/** @var Redis $redis */
$redis = $register->get('pools')->get('pubsub')->pop()->getResource(); /** @var Redis $redis */
$redis->setOption(Redis::OPT_READ_TIMEOUT, -1);
if ($redis->ping(true)) {
@@ -292,7 +375,7 @@ $server->onWorkerStart(function (int $workerId) use ($server, $container, $stats
Console::error('Pub/sub failed (worker: ' . $workerId . ')');
}
$redis->subscribe(['realtime'], function (Redis $redis, string $channel, string $payload) use ($server, $workerId, $stats, $realtime, $authorization, $container) {
$redis->subscribe(['realtime'], function (Redis $redis, string $channel, string $payload) use ($server, $workerId, $stats, $register, $realtime) {
$event = json_decode($payload, true);
if ($event['permissionsChanged'] && isset($event['userId'])) {
@@ -301,24 +384,25 @@ $server->onWorkerStart(function (int $workerId) use ($server, $container, $stats
if ($realtime->hasSubscriber($projectId, 'user:' . $userId)) {
$connection = array_key_first(reset($realtime->subscriptions[$projectId]['user:' . $userId]));
$consoleDatabase = $container->get('dbForConsole');
$project = $authorization->skip(fn () => $consoleDatabase->getDocument('projects', $projectId));
$database = $container->get('getProjectDB')($project);
$consoleDatabase = getConsoleDB();
$project = Authorization::skip(fn () => $consoleDatabase->getDocument('projects', $projectId));
$database = getProjectDB($project);
$user = $database->getDocument('users', $userId);
$roles = Auth::getRoles($user, $authorization);
$roles = Auth::getRoles($user);
$channels = $realtime->connections[$connection]['channels'];
$realtime->unsubscribe($connection);
$realtime->subscribe($projectId, $connection, $roles, $channels);
$register->get('pools')->reclaim();
}
}
$receivers = $realtime->getSubscribers($event);
if (Http::isDevelopment() && !empty($receivers)) {
if (App::isDevelopment() && !empty($receivers)) {
Console::log("[Debug][Worker {$workerId}] Receivers: " . count($receivers));
Console::log("[Debug][Worker {$workerId}] Receivers Connection IDs: " . json_encode($receivers));
Console::log("[Debug][Worker {$workerId}] Event: " . $payload);
@@ -344,40 +428,30 @@ $server->onWorkerStart(function (int $workerId) use ($server, $container, $stats
sleep(DATABASE_RECONNECT_SLEEP);
continue;
} finally {
($container->get('connections'))->reclaim();
$container->refresh('dbForConsole');
$register->get('pools')->reclaim();
}
}
Console::error('Failed to restart pub/sub...');
});
$server->onOpen(function (int $connection, SwooleRequest $request) use ($server, $container, $stats, &$realtime, $logError) {
$authorization = $container->get('authorization');
$request = new Request(new UtopiaRequest($request));
$response = new Response(new UtopiaResponse(new SwooleResponse()));
$requestInjection = new Dependency();
$responseInjection = new Dependency();
$requestInjection->setName('request')->setCallback(fn () => $request);
$responseInjection->setName('response')->setCallback(fn () => $response);
$container->set($requestInjection);
$container->set($responseInjection);
$server->onOpen(function (int $connection, SwooleRequest $request) use ($server, $register, $stats, &$realtime, $logError) {
$app = new App('UTC');
$request = new Request($request);
$response = new Response(new SwooleResponse());
Console::info("Connection open (user: {$connection})");
App::setResource('pools', fn () => $register->get('pools'));
App::setResource('request', fn () => $request);
App::setResource('response', fn () => $response);
try {
/** @var Document $project */
$project = $container->refresh('project')->get('project');
$container->refresh('dbForProject');
$project = $app->getResource('project');
/*
* Project Check
* Project Check
*/
if (empty($project->getId())) {
throw new Exception(Exception::REALTIME_POLICY_VIOLATION, 'Missing or unknown project ID');
@@ -386,16 +460,15 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server,
if (
array_key_exists('realtime', $project->getAttribute('apis', []))
&& !$project->getAttribute('apis', [])['realtime']
&& !(Auth::isPrivilegedUser($authorization->getRoles()) || Auth::isAppUser($authorization->getRoles()))
&& !(Auth::isPrivilegedUser(Authorization::getRoles()) || Auth::isAppUser(Authorization::getRoles()))
) {
throw new AppwriteException(AppwriteException::GENERAL_API_DISABLED);
}
$dbForProject = $container->get('getProjectDB')($project);
/** @var Document $console */
$console = $container->get('console');
/** @var Document $user */
$user = $container->refresh('user')->get('user');
$dbForProject = getProjectDB($project);
$console = $app->getResource('console'); /** @var Document $console */
$user = $app->getResource('user'); /** @var Document $user */
/*
* Abuse Check
*
@@ -424,8 +497,7 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server,
throw new Exception(Exception::REALTIME_POLICY_VIOLATION, $originValidator->getDescription());
}
$authorization = $container->get('authorization');
$roles = Auth::getRoles($user, $authorization);
$roles = Auth::getRoles($user);
$channels = Realtime::convertChannels($request->getQuery('channels', []), $user->getId());
@@ -474,33 +546,25 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server,
$server->send([$connection], json_encode($response));
$server->close($connection, $code);
if (Http::isDevelopment()) {
if (App::isDevelopment()) {
Console::error('[Error] Connection Error');
Console::error('[Error] Code: ' . $response['data']['code']);
Console::error('[Error] Message: ' . $response['data']['message']);
}
} finally {
$connections = $container->get('connections');
$connections->reclaim();
$register->get('pools')->reclaim();
}
});
$server->onWorkerStop(function (int $workerId) use ($container) {
$connections = $container->get('connections');
$connections->reclaim();
});
$server->onMessage(function (int $connection, string $message) use ($server, $container, $realtime, $containerId) {
$server->onMessage(function (int $connection, string $message) use ($server, $register, $realtime, $containerId) {
try {
$response = new Response(new HttpResponse(new SwooleHttpResponse()));
$response = new Response(new SwooleResponse());
$projectId = $realtime->connections[$connection]['projectId'];
$database = $container->get('dbForConsole');
$authorization = $container->get('authorization');
$authentication = $container->get('authentication');
$database = getConsoleDB();
if ($projectId !== 'console') {
$project = $authorization->skip(fn () => $database->getDocument('projects', $projectId));
$database = $container->get('getProjectDB')($project);
$project = Authorization::skip(fn () => $database->getDocument('projects', $projectId));
$database = getProjectDB($project);
} else {
$project = null;
}
@@ -538,21 +602,20 @@ $server->onMessage(function (int $connection, string $message) use ($server, $co
}
$session = Auth::decodeSession($message['data']['session']);
Auth::$unique = $session['id'] ?? '';
Auth::$secret = $session['secret'] ?? '';
$authentication->setUnique($session['id'] ?? '');
$authentication->setSecret($session['secret'] ?? '');
$user = $database->getDocument('users', $authentication->getUnique());
$user = $database->getDocument('users', Auth::$unique);
if (
empty($user->getId()) // Check a document has been found in the DB
|| !Auth::sessionVerify($user->getAttribute('sessions', []), $authentication->getSecret()) // Validate user has valid login token
|| !Auth::sessionVerify($user->getAttribute('sessions', []), Auth::$secret) // Validate user has valid login token
) {
// cookie not valid
throw new Exception(Exception::REALTIME_MESSAGE_FORMAT_INVALID, 'Session is not valid.');
}
$roles = Auth::getRoles($user, $authorization);
$roles = Auth::getRoles($user);
$channels = Realtime::convertChannels(array_flip($realtime->connections[$connection]['channels']), $user->getId());
$realtime->subscribe($realtime->connections[$connection]['projectId'], $connection, $roles, $channels);
@@ -586,8 +649,7 @@ $server->onMessage(function (int $connection, string $message) use ($server, $co
$server->close($connection, $th->getCode());
}
} finally {
($container->get('connections'))->reclaim();
$container->refresh('dbForConsole');
$register->get('pools')->reclaim();
}
});
app/views/install/compose.phtml
+10 -5
View File
@@ -11,8 +11,7 @@ $httpsPort = $this->getParam('httpsPort', '');
$version = $this->getParam('version', '');
$organization = $this->getParam('organization', '');
$image = $this->getParam('image', '');
?>
services:
?>services:
traefik:
image: traefik:2.11
container_name: appwrite-traefik
@@ -167,7 +166,7 @@ services:
appwrite-console:
<<: *x-logging
container_name: appwrite-console
image: <?php echo $organization; ?>/console:5.0.11
image: <?php echo $organization; ?>/console:5.0.12
restart: unless-stopped
networks:
- appwrite
@@ -337,6 +336,9 @@ services:
- _APP_LOGGING_CONFIG
- _APP_EXECUTOR_SECRET
- _APP_EXECUTOR_HOST
- _APP_MAINTENANCE_RETENTION_ABUSE
- _APP_MAINTENANCE_RETENTION_AUDIT
- _APP_MAINTENANCE_RETENTION_EXECUTION
appwrite-worker-databases:
image: <?php echo $organization; ?>/<?php echo $image; ?>:<?php echo $version."\n"; ?>
@@ -529,6 +531,8 @@ services:
- _APP_SMTP_USERNAME
- _APP_SMTP_PASSWORD
- _APP_LOGGING_CONFIG
- _APP_DOMAIN
- _APP_OPTIONS_FORCE_HTTPS
appwrite-worker-messaging:
image: <?php echo $organization; ?>/<?php echo $image; ?>:<?php echo $version."\n"; ?>
@@ -677,6 +681,7 @@ services:
entrypoint: worker-usage-dump
<<: *x-logging
container_name: appwrite-worker-usage-dump
restart: unless-stopped
networks:
- appwrite
depends_on:
@@ -790,7 +795,7 @@ services:
<<: *x-logging
restart: unless-stopped
stop_signal: SIGINT
image: openruntimes/executor:0.6.7
image: openruntimes/executor:0.6.11
networks:
- appwrite
- runtimes
@@ -848,7 +853,7 @@ services:
- MYSQL_USER=${_APP_DB_USER}
- MYSQL_PASSWORD=${_APP_DB_PASS}
- MARIADB_AUTO_UPGRADE=1
command: 'mysqld --innodb-flush-method=fsync --max_connections=5000'
command: 'mysqld --innodb-flush-method=fsync'
redis:
image: redis:7.2.4-alpine
app/worker.php
+269 -102
View File
@@ -2,107 +2,278 @@
require_once __DIR__ . '/init.php';
use Appwrite\Event\Audit;
use Appwrite\Event\Build;
use Appwrite\Event\Certificate;
use Appwrite\Event\Database as EventDatabase;
use Appwrite\Event\Delete;
use Appwrite\Event\Event;
use Appwrite\Event\Func;
use Appwrite\Event\Mail;
use Appwrite\Event\Messaging;
use Appwrite\Event\Migration;
use Appwrite\Event\Usage;
use Appwrite\Event\UsageDump;
use Appwrite\Platform\Appwrite;
use Appwrite\Utopia\Queue\Connections;
use Swoole\Runtime;
use Utopia\App;
use Utopia\Cache\Adapter\Sharding;
use Utopia\Cache\Cache;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\Validator\Authorization;
use Utopia\DI\Dependency;
use Utopia\DSN\DSN;
use Utopia\Logger\Log;
use Utopia\Logger\Logger;
use Utopia\Platform\Service;
use Utopia\Pools\Group;
use Utopia\Queue\Connection;
use Utopia\Queue\Message;
use Utopia\Queue\Worker;
use Utopia\Storage\Device\Local;
use Utopia\Queue\Server;
use Utopia\Registry\Registry;
use Utopia\System\System;
global $registry, $container;
Authorization::disable();
Runtime::enableCoroutine(SWOOLE_HOOK_ALL);
$project = new Dependency();
$register = new Dependency();
$dbForProject = new Dependency();
$abuseRetention = new Dependency();
$deviceForCache = new Dependency();
$auditRetention = new Dependency();
$queueForUsageDump = new Dependency();
$executionRetention = new Dependency();
$deviceForLocalFiles = new Dependency();
Server::setResource('register', fn () => $register);
$register
->setName('register')
->setCallback(fn () => $registry);
Server::setResource('dbForConsole', function (Cache $cache, Registry $register) {
$pools = $register->get('pools');
$database = $pools
->get('console')
->pop()
->getResource();
$project
->setName('project')
->inject('message')
->inject('dbForConsole')
->setCallback(function (Message $message, Database $dbForConsole) {
$payload = $message->getPayload() ?? [];
$project = new Document($payload['project'] ?? []);
$adapter = new Database($database, $cache);
$adapter->setNamespace('_console');
if ($project->getId() === 'console') {
return $project;
return $adapter;
}, ['cache', 'register']);
Server::setResource('project', function (Message $message, Database $dbForConsole) {
$payload = $message->getPayload() ?? [];
$project = new Document($payload['project'] ?? []);
if ($project->getId() === 'console' || $project->isEmpty() || ! empty($project->getInternalId())) {
return $project;
}
return $dbForConsole->getDocument('projects', $project->getId());
}, ['message', 'dbForConsole']);
Server::setResource('dbForProject', function (Cache $cache, Registry $register, Message $message, Document $project, Database $dbForConsole) {
if ($project->isEmpty() || $project->getId() === 'console') {
return $dbForConsole;
}
$pools = $register->get('pools');
try {
$dsn = new DSN($project->getAttribute('database'));
} catch (\InvalidArgumentException) {
// TODO: Temporary until all projects are using shared tables
$dsn = new DSN('mysql://' . $project->getAttribute('database'));
}
$adapter = $pools
->get($dsn->getHost())
->pop()
->getResource();
$database = new Database($adapter, $cache);
try {
$dsn = new DSN($project->getAttribute('database'));
} catch (\InvalidArgumentException) {
// TODO: Temporary until all projects are using shared tables
$dsn = new DSN('mysql://' . $project->getAttribute('database'));
}
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
return $database;
}, ['cache', 'register', 'message', 'project', 'dbForConsole']);
Server::setResource('getProjectDB', function (Group $pools, Database $dbForConsole, $cache) {
$databases = []; // TODO: @Meldiron This should probably be responsibility of utopia-php/pools
return function (Document $project) use ($pools, $dbForConsole, $cache, &$databases): Database {
if ($project->isEmpty() || $project->getId() === 'console') {
return $dbForConsole;
}
return $dbForConsole->getDocument('projects', $project->getId());
});
try {
$dsn = new DSN($project->getAttribute('database'));
} catch (\InvalidArgumentException) {
// TODO: Temporary until all projects are using shared tables
$dsn = new DSN('mysql://' . $project->getAttribute('database'));
}
$abuseRetention
->setName('abuseRetention')
->setCallback(function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_ABUSE', 86400));
});
if (isset($databases[$dsn->getHost()])) {
$database = $databases[$dsn->getHost()];
$auditRetention
->setName('auditRetention')
->setCallback(function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_AUDIT', 1209600));
});
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
$executionRetention
->setName('executionRetention')
->setCallback(function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_EXECUTION', 1209600));
});
return $database;
}
$queueForUsageDump
->setName('queueForUsageDump')
->inject('queue')
->setCallback(function (Connection $queue) {
return new UsageDump($queue);
});
$dbAdapter = $pools
->get($dsn->getHost())
->pop()
->getResource();
$deviceForCache
->setName('deviceForCache')
->inject('project')
->setCallback(function (Document $project) {
return getDevice(APP_STORAGE_CACHE . '/app-' . $project->getId());
});
$database = new Database($dbAdapter, $cache);
$deviceForLocalFiles
->setName('deviceForLocalFiles')
->inject('project')
->setCallback(function (Document $project) {
return new Local(APP_STORAGE_UPLOADS . '/app-' . $project->getId());
});
$databases[$dsn->getHost()] = $database;
$container->set($project);
$container->set($register);
$container->set($dbForProject);
$container->set($abuseRetention);
$container->set($auditRetention);
$container->set($deviceForCache);
$container->set($queueForUsageDump);
$container->set($executionRetention);
$container->set($deviceForLocalFiles);
if ($dsn->getHost() === System::getEnv('_APP_DATABASE_SHARED_TABLES', '')) {
$database
->setSharedTables(true)
->setTenant($project->getInternalId())
->setNamespace($dsn->getParam('namespace'));
} else {
$database
->setSharedTables(false)
->setTenant(null)
->setNamespace('_' . $project->getInternalId());
}
return $database;
};
}, ['pools', 'dbForConsole', 'cache']);
Server::setResource('abuseRetention', function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_ABUSE', 86400));
});
Server::setResource('auditRetention', function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_AUDIT', 1209600));
});
Server::setResource('executionRetention', function () {
return DateTime::addSeconds(new \DateTime(), -1 * System::getEnv('_APP_MAINTENANCE_RETENTION_EXECUTION', 1209600));
});
Server::setResource('cache', function (Registry $register) {
$pools = $register->get('pools');
$list = Config::getParam('pools-cache', []);
$adapters = [];
foreach ($list as $value) {
$adapters[] = $pools
->get($value)
->pop()
->getResource()
;
}
return new Cache(new Sharding($adapters));
}, ['register']);
Server::setResource('log', fn () => new Log());
Server::setResource('queueForUsage', function (Connection $queue) {
return new Usage($queue);
}, ['queue']);
Server::setResource('queueForUsageDump', function (Connection $queue) {
return new UsageDump($queue);
}, ['queue']);
Server::setResource('queue', function (Group $pools) {
return $pools->get('queue')->pop()->getResource();
}, ['pools']);
Server::setResource('queueForDatabase', function (Connection $queue) {
return new EventDatabase($queue);
}, ['queue']);
Server::setResource('queueForMessaging', function (Connection $queue) {
return new Messaging($queue);
}, ['queue']);
Server::setResource('queueForMails', function (Connection $queue) {
return new Mail($queue);
}, ['queue']);
Server::setResource('queueForBuilds', function (Connection $queue) {
return new Build($queue);
}, ['queue']);
Server::setResource('queueForDeletes', function (Connection $queue) {
return new Delete($queue);
}, ['queue']);
Server::setResource('queueForEvents', function (Connection $queue) {
return new Event($queue);
}, ['queue']);
Server::setResource('queueForAudits', function (Connection $queue) {
return new Audit($queue);
}, ['queue']);
Server::setResource('queueForFunctions', function (Connection $queue) {
return new Func($queue);
}, ['queue']);
Server::setResource('queueForCertificates', function (Connection $queue) {
return new Certificate($queue);
}, ['queue']);
Server::setResource('queueForMigrations', function (Connection $queue) {
return new Migration($queue);
}, ['queue']);
Server::setResource('logger', function (Registry $register) {
return $register->get('logger');
}, ['register']);
Server::setResource('pools', function (Registry $register) {
return $register->get('pools');
}, ['register']);
Server::setResource('deviceForFunctions', function (Document $project) {
return getDevice(APP_STORAGE_FUNCTIONS . '/app-' . $project->getId());
}, ['project']);
Server::setResource('deviceForFiles', function (Document $project) {
return getDevice(APP_STORAGE_UPLOADS . '/app-' . $project->getId());
}, ['project']);
Server::setResource('deviceForBuilds', function (Document $project) {
return getDevice(APP_STORAGE_BUILDS . '/app-' . $project->getId());
}, ['project']);
Server::setResource('deviceForCache', function (Document $project) {
return getDevice(APP_STORAGE_CACHE . '/app-' . $project->getId());
}, ['project']);
$pools = $register->get('pools');
$platform = new Appwrite();
$args = $platform->getEnv('argv');
@@ -121,13 +292,6 @@ if (\str_starts_with($workerName, 'databases')) {
}
try {
$connection = new Connection\Redis(
System::getEnv('_APP_REDIS_HOST', 'redis'),
System::getEnv('_APP_REDIS_PORT', '6379'),
System::getEnv('_APP_REDIS_USER', ''),
System::getEnv('_APP_REDIS_PASS', '')
);
/**
* Any worker can be configured with the following env vars:
* - _APP_WORKERS_NUM The total number of worker processes
@@ -136,35 +300,32 @@ try {
*/
$platform->init(Service::TYPE_WORKER, [
'workersNum' => System::getEnv('_APP_WORKERS_NUM', 1),
'connection' => $connection,
'connection' => $pools->get('queue')->pop()->getResource(),
'workerName' => strtolower($workerName) ?? null,
'queueName' => $queueName
]);
} catch (\Throwable $e) {
Console::error($e->getMessage() . ', File: ' . $e->getFile() . ', Line: ' . $e->getLine());
Console::error($e->getMessage() . ', File: ' . $e->getFile() . ', Line: ' . $e->getLine());
}
Worker::init()
->inject('authorization')
->action(function (Authorization $authorization) {
$authorization->disable();
$worker = $platform->getWorker();
$worker
->shutdown()
->inject('pools')
->action(function (Group $pools) {
$pools->reclaim();
});
Worker::shutdown()
->inject('connections')
->action(function (Connections $connections) {
$connections->reclaim();
});
Worker::error()
$worker
->error()
->inject('error')
->inject('logger')
->inject('log')
->inject('connections')
->inject('pools')
->inject('project')
->inject('authorization')
->action(function (Throwable $error, ?Logger $logger, Log $log, Connections $connections, Document $project, Authorization $authorization) use ($queueName) {
$connections->reclaim();
->action(function (Throwable $error, ?Logger $logger, Log $log, Group $pools, Document $project) use ($queueName) {
$pools->reclaim();
$version = System::getEnv('_APP_VERSION', 'UNKNOWN');
if ($logger) {
@@ -180,13 +341,17 @@ Worker::error()
$log->addExtra('file', $error->getFile());
$log->addExtra('line', $error->getLine());
$log->addExtra('trace', $error->getTraceAsString());
$log->addExtra('roles', $authorization->getRoles());
$log->addExtra('roles', Authorization::getRoles());
$isProduction = System::getEnv('_APP_ENV', 'development') === 'production';
$log->setEnvironment($isProduction ? Log::ENVIRONMENT_PRODUCTION : Log::ENVIRONMENT_STAGING);
$responseCode = $logger->addLog($log);
Console::info('Usage stats log pushed with status code: ' . $responseCode);
try {
$responseCode = $logger->addLog($log);
Console::info('Error log pushed with status code: ' . $responseCode);
} catch (Throwable $th) {
Console::error('Error pushing log: ' . $th->getMessage());
}
}
Console::error('[Error] Type: ' . get_class($error));
@@ -195,7 +360,9 @@ Worker::error()
Console::error('[Error] Line: ' . $error->getLine());
});
$platform
->getWorker()
->setContainer($container)
->start();
$worker->workerStart()
->action(function () use ($workerName) {
Console::info("Worker $workerName started");
});
$worker->start();
composer.json
+19 -22
View File
@@ -4,7 +4,6 @@
"description": "End to end backend server for frontend and mobile apps.",
"type": "project",
"license": "BSD-3-Clause",
"minimum-stability": "stable",
"authors": [
{
"name": "Eldad Fux",
@@ -15,8 +14,7 @@
"test": "vendor/bin/phpunit",
"lint": "vendor/bin/pint --test",
"format": "vendor/bin/pint",
"bench": "vendor/bin/phpbench run --report=benchmark",
"check": "./vendor/bin/phpstan analyse -c phpstan.neon --memory-limit 1G app src tests"
"bench": "vendor/bin/phpbench run --report=benchmark"
},
"autoload": {
"psr-4": {
@@ -47,33 +45,33 @@
"ext-sockets": "*",
"appwrite/php-runtimes": "0.15.*",
"appwrite/php-clamav": "2.0.*",
"utopia-php/abuse": "0.45.*",
"utopia-php/analytics": "0.13.*",
"utopia-php/audit": "0.45.*",
"utopia-php/abuse": "0.43.0",
"utopia-php/analytics": "0.10.*",
"utopia-php/audit": "0.43.0",
"utopia-php/cache": "0.10.*",
"utopia-php/cli": "0.19.*",
"utopia-php/cli": "0.15.*",
"utopia-php/config": "0.2.*",
"utopia-php/database": "0.55.*",
"utopia-php/domains": "0.6.*",
"utopia-php/dsn": "0.2.*",
"utopia-php/framework": "1.0.*",
"utopia-php/database": "0.53.5",
"utopia-php/domains": "0.5.*",
"utopia-php/dsn": "0.2.1",
"utopia-php/framework": "0.33.*",
"utopia-php/fetch": "0.2.*",
"utopia-php/image": "0.6.*",
"utopia-php/image": "0.7.*",
"utopia-php/locale": "0.4.*",
"utopia-php/logger": "0.6.*",
"utopia-php/messaging": "0.12.*",
"utopia-php/migration": "0.4.*",
"utopia-php/orchestration": "0.15.*",
"utopia-php/platform": "0.8.*",
"utopia-php/view": "0.2.*",
"utopia-php/migration": "0.6.*",
"utopia-php/orchestration": "0.9.*",
"utopia-php/platform": "0.7.*",
"utopia-php/pools": "0.5.*",
"utopia-php/preloader": "0.2.*",
"utopia-php/queue": "0.8.*",
"utopia-php/queue": "0.7.*",
"utopia-php/registry": "0.5.*",
"utopia-php/storage": "0.19.*",
"utopia-php/storage": "0.18.*",
"utopia-php/swoole": "0.8.*",
"utopia-php/system": "0.8.*",
"utopia-php/vcs": "0.9.*",
"utopia-php/websocket": "0.2.*",
"utopia-php/vcs": "0.8.*",
"utopia-php/websocket": "0.1.*",
"matomo/device-detector": "6.1.*",
"dragonmantank/cron-expression": "3.3.2",
"phpmailer/phpmailer": "6.9.1",
@@ -90,8 +88,7 @@
"swoole/ide-helper": "5.1.2",
"textalk/websocket": "1.5.7",
"laravel/pint": "^1.14",
"phpbench/phpbench": "^1.2",
"phpstan/phpstan": "1.8.*"
"phpbench/phpbench": "^1.2"
},
"provide": {
"ext-phpiredis": "*"
composer.lock
Generated
+213 -359
View File
File diff suppressed because it is too large Load Diff
docker-compose.yml
+3 -7
View File
@@ -196,7 +196,7 @@ services:
appwrite-console:
<<: *x-logging
container_name: appwrite-console
image: appwrite/console:5.0.11
image: appwrite/console:5.0.12
restart: unless-stopped
networks:
- appwrite
@@ -682,7 +682,6 @@ services:
entrypoint: maintenance
<<: *x-logging
container_name: appwrite-task-maintenance
restart: unless-stopped
image: appwrite-dev
networks:
- appwrite
@@ -783,7 +782,6 @@ services:
entrypoint: schedule-functions
<<: *x-logging
container_name: appwrite-task-scheduler-functions
restart: unless-stopped
image: appwrite-dev
networks:
- appwrite
@@ -812,7 +810,6 @@ services:
entrypoint: schedule-executions
<<: *x-logging
container_name: appwrite-task-scheduler-executions
restart: unless-stopped
image: appwrite-dev
networks:
- appwrite
@@ -840,7 +837,6 @@ services:
entrypoint: schedule-messages
<<: *x-logging
container_name: appwrite-task-scheduler-messages
restart: unless-stopped
image: appwrite-dev
networks:
- appwrite
@@ -878,7 +874,7 @@ services:
hostname: exc1
<<: *x-logging
stop_signal: SIGINT
image: openruntimes/executor:0.6.7
image: openruntimes/executor:0.6.11
restart: unless-stopped
networks:
- appwrite
@@ -960,7 +956,7 @@ services:
- MYSQL_USER=${_APP_DB_USER}
- MYSQL_PASSWORD=${_APP_DB_PASS}
- MARIADB_AUTO_UPGRADE=1
command: 'mysqld --innodb-flush-method=fsync --max_connections=5000'
command: "mysqld --innodb-flush-method=fsync"
redis:
image: redis:7.2.4-alpine
docs/tutorials/add-route.md
+15 -15
View File
@@ -8,7 +8,7 @@ Setting an alias allows the route to be also accessible from the alias URL.
The first parameter specifies the alias URL, the second parameter specifies default values for route parameters.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->alias('/v1/storage/files', ['bucketId' => 'default'])
```
@@ -17,7 +17,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
Used as an abstract description of the route.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->desc('Create File')
```
@@ -26,14 +26,14 @@ Http::post('/v1/storage/buckets/:bucketId/files')
Groups array is used to group one or more routes with one or more hooks functionality.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->groups(['api'])
```
In the above example groups() is used to define the current route as part of the routes that shares a common init middleware hook.
```php
Http::init()
App::init()
->groups(['api'])
->action(
some code.....
@@ -52,7 +52,7 @@ Appwrite uses different labels to achieve different things, for example:
- scope - Defines the route permissions scope.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->label('scope', 'files.write')
```
@@ -66,7 +66,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
- audits.resource - Signals the extraction part of the resource.
```php
Http::post('/v1/account/create')
App::post('/v1/account/create')
->label('audits.event', 'account.create')
->label('audits.resource', 'user/{response.$id}')
->label('audits.userId', '{response.$id}')
@@ -84,7 +84,7 @@ Http::post('/v1/account/create')
* sdk.offline.response.key - JSON property name that has the ID. Defaults to $id
```php
Http::post('/v1/account/jwt')
App::post('/v1/account/jwt')
->label('sdk.auth', [APP_AUTH_TYPE_SESSION])
->label('sdk.namespace', 'account')
->label('sdk.method', 'createJWT')
@@ -100,7 +100,7 @@ Http::post('/v1/account/jwt')
- cache.resource - Identifies the cached resource.
```php
Http::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
App::get('/v1/storage/buckets/:bucketId/files/:fileId/preview')
->label('cache', true)
->label('cache.resource', 'file/{request.fileId}')
```
@@ -115,7 +115,7 @@ When using the example below, we configure the abuse mechanism to allow this key
constructed from the combination of the ip, http method, url, userId to hit the route maximum 60 times in 1 hour (60 seconds \* 60 minutes).
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->label('abuse-key', 'ip:{ip},method:{method},url:{url},userId:{userId}')
->label('abuse-limit', 60)
->label('abuse-time', 3600)
@@ -127,7 +127,7 @@ Http::post('/v1/storage/buckets/:bucketId/files')
Placeholders marked as `[]` are parsed and replaced with their real values.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->label('event', 'buckets.[bucketId].files.[fileId].create')
```
@@ -145,7 +145,7 @@ As the name implies, `param()` is used to define a request parameter.
- An array of injections
```php
Http::get('/v1/account/logs')
App::get('/v1/account/logs')
->param('queries', [], new Queries([new Limit(), new Offset()]), 'Array of query strings generated using the Query class provided by the SDK. [Learn more about queries](https://appwrite.io/docs/queries). Only supported methods are limit and offset', true)
```
@@ -154,14 +154,14 @@ Http::get('/v1/account/logs')
inject is used to inject dependencies pre-bounded to the app.
```php
Http::post('/v1/storage/buckets/:bucketId/files')
App::post('/v1/storage/buckets/:bucketId/files')
->inject('user')
```
In the example above, the user object is injected into the route pre-bounded using `Http::setResource()`.
In the example above, the user object is injected into the route pre-bounded using `App::setResource()`.
```php
Http::setResource('user', function() {
App::setResource('user', function() {
some code...
});
```
@@ -170,7 +170,7 @@ some code...
Action populates the actual route code and has to be very clear and understandable. A good route stays simple and doesn't contain complex logic. An action is where we describe our business needs in code, and combine different libraries to work together and tell our story.
```php
Http::post('/v1/account/sessions/anonymous')
App::post('/v1/account/sessions/anonymous')
->action(function (Request $request) {
some code...
});
phpstan.neon
-11
View File
@@ -1,11 +0,0 @@
parameters:
level: 0
scanDirectories:
- vendor/swoole/ide-helper
excludePaths:
- tests/resources
ignoreErrors:
- '#Parameter \$geodb of anonymous function has invalid type MaxMind\\Db\\Reader\.#'
- '#Parameter \$geodb of function router\(\) has invalid type MaxMind\\Db\\Reader\.#'
- '#Instantiated class MaxMind\\Db\\Reader not found.#'
- '#Function scrypt not found\.#'
public/images/integrations/aws-logo.svg
+38
View File
@@ -0,0 +1,38 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 19.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="0 0 304 182" style="enable-background:new 0 0 304 182;" xml:space="preserve">
<style type="text/css">
.st0{fill:#252F3E;}
.st1{fill-rule:evenodd;clip-rule:evenodd;fill:#FF9900;}
</style>
<g>
<path class="st0" d="M86.4,66.4c0,3.7,0.4,6.7,1.1,8.9c0.8,2.2,1.8,4.6,3.2,7.2c0.5,0.8,0.7,1.6,0.7,2.3c0,1-0.6,2-1.9,3l-6.3,4.2
c-0.9,0.6-1.8,0.9-2.6,0.9c-1,0-2-0.5-3-1.4C76.2,90,75,88.4,74,86.8c-1-1.7-2-3.6-3.1-5.9c-7.8,9.2-17.6,13.8-29.4,13.8
c-8.4,0-15.1-2.4-20-7.2c-4.9-4.8-7.4-11.2-7.4-19.2c0-8.5,3-15.4,9.1-20.6c6.1-5.2,14.2-7.8,24.5-7.8c3.4,0,6.9,0.3,10.6,0.8
c3.7,0.5,7.5,1.3,11.5,2.2v-7.3c0-7.6-1.6-12.9-4.7-16c-3.2-3.1-8.6-4.6-16.3-4.6c-3.5,0-7.1,0.4-10.8,1.3c-3.7,0.9-7.3,2-10.8,3.4
c-1.6,0.7-2.8,1.1-3.5,1.3c-0.7,0.2-1.2,0.3-1.6,0.3c-1.4,0-2.1-1-2.1-3.1v-4.9c0-1.6,0.2-2.8,0.7-3.5c0.5-0.7,1.4-1.4,2.8-2.1
c3.5-1.8,7.7-3.3,12.6-4.5c4.9-1.3,10.1-1.9,15.6-1.9c11.9,0,20.6,2.7,26.2,8.1c5.5,5.4,8.3,13.6,8.3,24.6V66.4z M45.8,81.6
c3.3,0,6.7-0.6,10.3-1.8c3.6-1.2,6.8-3.4,9.5-6.4c1.6-1.9,2.8-4,3.4-6.4c0.6-2.4,1-5.3,1-8.7v-4.2c-2.9-0.7-6-1.3-9.2-1.7
c-3.2-0.4-6.3-0.6-9.4-0.6c-6.7,0-11.6,1.3-14.9,4c-3.3,2.7-4.9,6.5-4.9,11.5c0,4.7,1.2,8.2,3.7,10.6
C37.7,80.4,41.2,81.6,45.8,81.6z M126.1,92.4c-1.8,0-3-0.3-3.8-1c-0.8-0.6-1.5-2-2.1-3.9L96.7,10.2c-0.6-2-0.9-3.3-0.9-4
c0-1.6,0.8-2.5,2.4-2.5h9.8c1.9,0,3.2,0.3,3.9,1c0.8,0.6,1.4,2,2,3.9l16.8,66.2l15.6-66.2c0.5-2,1.1-3.3,1.9-3.9c0.8-0.6,2.2-1,4-1
h8c1.9,0,3.2,0.3,4,1c0.8,0.6,1.5,2,1.9,3.9l15.8,67l17.3-67c0.6-2,1.3-3.3,2-3.9c0.8-0.6,2.1-1,3.9-1h9.3c1.6,0,2.5,0.8,2.5,2.5
c0,0.5-0.1,1-0.2,1.6c-0.1,0.6-0.3,1.4-0.7,2.5l-24.1,77.3c-0.6,2-1.3,3.3-2.1,3.9c-0.8,0.6-2.1,1-3.8,1h-8.6c-1.9,0-3.2-0.3-4-1
c-0.8-0.7-1.5-2-1.9-4L156,23l-15.4,64.4c-0.5,2-1.1,3.3-1.9,4c-0.8,0.7-2.2,1-4,1H126.1z M254.6,95.1c-5.2,0-10.4-0.6-15.4-1.8
c-5-1.2-8.9-2.5-11.5-4c-1.6-0.9-2.7-1.9-3.1-2.8c-0.4-0.9-0.6-1.9-0.6-2.8v-5.1c0-2.1,0.8-3.1,2.3-3.1c0.6,0,1.2,0.1,1.8,0.3
c0.6,0.2,1.5,0.6,2.5,1c3.4,1.5,7.1,2.7,11,3.5c4,0.8,7.9,1.2,11.9,1.2c6.3,0,11.2-1.1,14.6-3.3c3.4-2.2,5.2-5.4,5.2-9.5
c0-2.8-0.9-5.1-2.7-7c-1.8-1.9-5.2-3.6-10.1-5.2L246,52c-7.3-2.3-12.7-5.7-16-10.2c-3.3-4.4-5-9.3-5-14.5c0-4.2,0.9-7.9,2.7-11.1
c1.8-3.2,4.2-6,7.2-8.2c3-2.3,6.4-4,10.4-5.2c4-1.2,8.2-1.7,12.6-1.7c2.2,0,4.5,0.1,6.7,0.4c2.3,0.3,4.4,0.7,6.5,1.1
c2,0.5,3.9,1,5.7,1.6c1.8,0.6,3.2,1.2,4.2,1.8c1.4,0.8,2.4,1.6,3,2.5c0.6,0.8,0.9,1.9,0.9,3.3v4.7c0,2.1-0.8,3.2-2.3,3.2
c-0.8,0-2.1-0.4-3.8-1.2c-5.7-2.6-12.1-3.9-19.2-3.9c-5.7,0-10.2,0.9-13.3,2.8c-3.1,1.9-4.7,4.8-4.7,8.9c0,2.8,1,5.2,3,7.1
c2,1.9,5.7,3.8,11,5.5l14.2,4.5c7.2,2.3,12.4,5.5,15.5,9.6c3.1,4.1,4.6,8.8,4.6,14c0,4.3-0.9,8.2-2.6,11.6
c-1.8,3.4-4.2,6.4-7.3,8.8c-3.1,2.5-6.8,4.3-11.1,5.6C264.4,94.4,259.7,95.1,254.6,95.1z"/>
<g>
<path class="st1" d="M273.5,143.7c-32.9,24.3-80.7,37.2-121.8,37.2c-57.6,0-109.5-21.3-148.7-56.7c-3.1-2.8-0.3-6.6,3.4-4.4
c42.4,24.6,94.7,39.5,148.8,39.5c36.5,0,76.6-7.6,113.5-23.2C274.2,133.6,278.9,139.7,273.5,143.7z"/>
<path class="st1" d="M287.2,128.1c-4.2-5.4-27.8-2.6-38.5-1.3c-3.2,0.4-3.7-2.4-0.8-4.5c18.8-13.2,49.7-9.4,53.3-5
c3.6,4.5-1,35.4-18.6,50.2c-2.7,2.3-5.3,1.1-4.1-1.9C282.5,155.7,291.4,133.4,287.2,128.1z"/>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.4 KiB

src/Appwrite/Auth/Auth.php
+33 -3
View File
@@ -91,6 +91,37 @@ class Auth
*/
public const MFA_RECENT_DURATION = 1800; // 30 mins
/**
* @var string
*/
public static $cookieName = 'a_session';
/**
* User Unique ID.
*
* @var string
*/
public static $unique = '';
/**
* User Secret Key.
*
* @var string
*/
public static $secret = '';
/**
* Set Cookie Name.
*
* @param $string
*
* @return string
*/
public static function setCookieName($string)
{
return self::$cookieName = $string;
}
/**
* Encode Session.
*
@@ -408,14 +439,13 @@ class Auth
* Returns all roles for a user.
*
* @param Document $user
* @param Authorization $auth
* @return array<string>
*/
public static function getRoles(Document $user, Authorization $auth): array
public static function getRoles(Document $user): array
{
$roles = [];
if (!self::isPrivilegedUser($auth->getRoles()) && !self::isAppUser($auth->getRoles())) {
if (!self::isPrivilegedUser(Authorization::getRoles()) && !self::isAppUser(Authorization::getRoles())) {
if ($user->getId()) {
$roles[] = Role::user($user->getId())->toString();
$roles[] = Role::users()->toString();
src/Appwrite/Auth/Authentication.php
-57
View File
@@ -1,57 +0,0 @@
<?php
namespace Appwrite\Auth;
class Authentication
{
/**
* User Unique ID.
*
* @var string
*/
private $unique = '';
/**
* User Secret Key.
*
* @var string
*/
private $secret = '';
/**
* @var string
*/
private $cookieName = 'a_session';
public function setCookieName($string): string
{
return $this->cookieName = $string;
}
public function getCookieName(): string
{
return $this->cookieName;
}
public function getUnique(): string
{
return $this->unique;
}
public function setUnique(string $unique): void
{
$this->unique = $unique;
}
public function getSecret(): string
{
return $this->secret;
}
public function setSecret(string $secret): void
{
$this->secret = $secret;
}
}
src/Appwrite/Auth/Validator/MockNumber.php
+2 -3
View File
@@ -2,8 +2,8 @@
namespace Appwrite\Auth\Validator;
use Utopia\Http\Validator;
use Utopia\Http\Validator\Text;
use Utopia\Validator;
use Utopia\Validator\Text;
/**
* MockNumber.
@@ -52,7 +52,6 @@ class MockNumber extends Validator
return false;
}
$this->message = '';
return true;
}
src/Appwrite/Auth/Validator/Password.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Auth\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
/**
* Password.
src/Appwrite/Auth/Validator/Phone.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Auth\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
/**
* Phone.
src/Appwrite/Event/Event.php
+22
View File
@@ -54,6 +54,7 @@ class Event
protected array $context = [];
protected ?Document $project = null;
protected ?Document $user = null;
protected ?string $userId = null;
protected bool $paused = false;
/**
@@ -145,6 +146,18 @@ class Event
return $this;
}
/**
* Set user ID for this event.
*
* @return self
*/
public function setUserId(string $userId): self
{
$this->userId = $userId;
return $this;
}
/**
* Get user responsible for triggering this event.
*
@@ -155,6 +168,14 @@ class Event
return $this->user;
}
/**
* Get user responsible for triggering this event.
*/
public function getUserId(): ?string
{
return $this->userId;
}
/**
* Set payload for this event.
*
@@ -303,6 +324,7 @@ class Event
return $client->enqueue([
'project' => $this->project,
'user' => $this->user,
'userId' => $this->userId,
'payload' => $this->payload,
'context' => $this->context,
'events' => Event::generateEvents($this->getEvent(), $this->getParams())
src/Appwrite/Event/Func.php
+3 -2
View File
@@ -175,9 +175,9 @@ class Func extends Event
*
* @return string
*/
public function getBody(): string
public function getData(): string
{
return $this->body;
return $this->data;
}
/**
@@ -222,6 +222,7 @@ class Func extends Event
return $client->enqueue([
'project' => $this->project,
'user' => $this->user,
'userId' => $this->userId,
'function' => $this->function,
'functionId' => $this->functionId,
'execution' => $this->execution,
src/Appwrite/Event/Migration.php
+1 -1
View File
@@ -81,7 +81,7 @@ class Migration extends Event
return $client->enqueue([
'project' => $this->project,
'user' => $this->user,
'migration' => $this->migration
'migration' => $this->migration,
]);
}
}
src/Appwrite/Event/Validator/Event.php
+1 -1
View File
@@ -3,7 +3,7 @@
namespace Appwrite\Event\Validator;
use Utopia\Config\Config;
use Utopia\Http\Validator;
use Utopia\Validator;
class Event extends Validator
{
src/Appwrite/Functions/Validator/Headers.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Functions\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
/**
* Headers.
src/Appwrite/Functions/Validator/Payload.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Functions\Validator;
use Utopia\Http\Validator\Text;
use Utopia\Validator\Text;
class Payload extends Text
{
src/Appwrite/Functions/Validator/RuntimeSpecification.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Functions\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
class RuntimeSpecification extends Validator
{
src/Appwrite/GraphQL/Resolvers.php
+83 -87
View File
@@ -6,12 +6,9 @@ use Appwrite\GraphQL\Exception as GQLException;
use Appwrite\Promises\Swoole;
use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response;
use Utopia\DI\Container;
use Utopia\App;
use Utopia\Exception;
use Utopia\Http\Http;
use Utopia\Http\Request as UtopiaHttpRequest;
use Utopia\Http\Response as UtopiaHttpResponse;
use Utopia\Http\Route;
use Utopia\Route;
use Utopia\System\System;
class Resolvers
@@ -19,21 +16,24 @@ class Resolvers
/**
* Create a resolver for a given API {@see Route}.
*
* @param Http $http
* @param App $utopia
* @param ?Route $route
* @return callable
*/
public function api(
Http $http,
public static function api(
App $utopia,
?Route $route,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $route, $args, $context, $info) {
/** @var App $utopia */
/** @var Response $response */
/** @var Request $request */
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $route, $args, $context, $container, $info, $request, $response, $resolver) {
$path = $route->getPath();
foreach ($args as $key => $value) {
if (\str_contains($path, '/:' . $key)) {
@@ -46,13 +46,14 @@ class Resolvers
switch ($route->getMethod()) {
case 'GET':
$request->setQuery($args);
$request->setQueryString($args);
break;
default:
$request->setPayload($args);
break;
}
$resolver->resolve($http, $request, $response, $container, $resolve, $reject);
self::resolve($utopia, $request, $response, $resolve, $reject);
}
);
}
@@ -60,20 +61,20 @@ class Resolvers
/**
* Create a resolver for a document in a specified database and collection with a specific method type.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param string $methodType
* @return callable
*/
public function document(
Http $http,
public static function document(
App $utopia,
string $databaseId,
string $collectionId,
string $methodType,
): callable {
return [self::class, 'document' . \ucfirst($methodType)](
$http,
$utopia,
$databaseId,
$collectionId
);
@@ -82,28 +83,28 @@ class Resolvers
/**
* Create a resolver for getting a document in a specified database and collection.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param callable $url
* @return callable
*/
public function documentGet(
Http $http,
public static function documentGet(
App $utopia,
string $databaseId,
string $collectionId,
callable $url,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $databaseId, $collectionId, $url, $type, $args, $container, $request, $response, $resolver) {
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $databaseId, $collectionId, $url, $type, $args) {
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
$request->setMethod('GET');
$request->setURI($url($databaseId, $collectionId, $args));
$resolver->resolve($http, $request, $response, $container, $resolve, $reject);
self::resolve($utopia, $request, $response, $resolve, $reject);
}
);
}
@@ -111,35 +112,35 @@ class Resolvers
/**
* Create a resolver for listing documents in a specified database and collection.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param callable $url
* @param callable $params
* @return callable
*/
public function documentList(
Http $http,
public static function documentList(
App $utopia,
string $databaseId,
string $collectionId,
callable $url,
callable $params,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $databaseId, $collectionId, $url, $params, $type, $args, $container, $request, $response, $resolver) {
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $databaseId, $collectionId, $url, $params, $type, $args) {
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
$request->setMethod('GET');
$request->setURI($url($databaseId, $collectionId, $args));
$request->setQuery($params($databaseId, $collectionId, $args));
$request->setQueryString($params($databaseId, $collectionId, $args));
$beforeResolve = function ($payload) {
return $payload['documents'];
};
$resolver->resolve($http, $request, $response, $container, $resolve, $reject, $beforeResolve);
self::resolve($utopia, $request, $response, $resolve, $reject, $beforeResolve);
}
);
}
@@ -147,31 +148,31 @@ class Resolvers
/**
* Create a resolver for creating a document in a specified database and collection.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param callable $url
* @param callable $params
* @return callable
*/
public function documentCreate(
Http $http,
public static function documentCreate(
App $utopia,
string $databaseId,
string $collectionId,
callable $url,
callable $params,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $databaseId, $collectionId, $url, $params, $type, $args, $container, $request, $response, $resolver) {
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $databaseId, $collectionId, $url, $params, $type, $args) {
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
$request->setMethod('POST');
$request->setURI($url($databaseId, $collectionId, $args));
$request->setPayload($params($databaseId, $collectionId, $args));
$resolver->resolve($http, $request, $response, $container, $resolve, $reject);
self::resolve($utopia, $request, $response, $resolve, $reject);
}
);
}
@@ -179,31 +180,31 @@ class Resolvers
/**
* Create a resolver for updating a document in a specified database and collection.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param callable $url
* @param callable $params
* @return callable
*/
public function documentUpdate(
Http $http,
public static function documentUpdate(
App $utopia,
string $databaseId,
string $collectionId,
callable $url,
callable $params,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $databaseId, $collectionId, $url, $params, $type, $args, $container, $request, $response, $resolver) {
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $databaseId, $collectionId, $url, $params, $type, $args) {
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
$request->setMethod('PATCH');
$request->setURI($url($databaseId, $collectionId, $args));
$request->setPayload($params($databaseId, $collectionId, $args));
$resolver->resolve($http, $request, $response, $container, $resolve, $reject);
self::resolve($utopia, $request, $response, $resolve, $reject);
}
);
}
@@ -211,34 +212,34 @@ class Resolvers
/**
* Create a resolver for deleting a document in a specified database and collection.
*
* @param Http $http
* @param App $utopia
* @param string $databaseId
* @param string $collectionId
* @param callable $url
* @return callable
*/
public function documentDelete(
Http $http,
public static function documentDelete(
App $utopia,
string $databaseId,
string $collectionId,
callable $url,
UtopiaHttpRequest $request,
UtopiaHttpResponse $response,
Container $container,
): callable {
$resolver = $this;
return fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($http, $databaseId, $collectionId, $url, $type, $args, $container, $request, $response, $resolver) {
return static fn ($type, $args, $context, $info) => new Swoole(
function (callable $resolve, callable $reject) use ($utopia, $databaseId, $collectionId, $url, $type, $args) {
$utopia = $utopia->getResource('utopia:graphql', true);
$request = $utopia->getResource('request', true);
$response = $utopia->getResource('response', true);
$request->setMethod('DELETE');
$request->setURI($url($databaseId, $collectionId, $args));
$resolver->resolve($http, $request, $response, $container, $resolve, $reject);
self::resolve($utopia, $request, $response, $resolve, $reject);
}
);
}
/**
* @param Http $http
* @param App $utopia
* @param Request $request
* @param Response $response
* @param callable $resolve
@@ -248,11 +249,10 @@ class Resolvers
* @return void
* @throws Exception
*/
private function resolve(
Http $http,
private static function resolve(
App $utopia,
Request $request,
Response $response,
Container $context,
callable $resolve,
callable $reject,
?callable $beforeResolve = null,
@@ -263,16 +263,14 @@ class Resolvers
$request->removeHeader('content-type');
}
$request = clone $request;
$utopia->setResource('request', static fn () => $request);
$response->setContentType(Response::CONTENT_TYPE_NULL);
try {
$context
->refresh('cache')
->refresh('dbForProject')
->refresh('dbForConsole')
->refresh('getProjectDb');
$route = $utopia->match($request, fresh: true);
$http->run(clone $context);
$utopia->execute($route, $request, $response);
} catch (\Throwable $e) {
if ($beforeReject) {
$e = $beforeReject($e);
@@ -287,12 +285,10 @@ class Resolvers
if ($beforeReject) {
$payload = $beforeReject($payload);
}
$reject(
new GQLException(
message: $payload['message'],
code: $response->getStatusCode()
)
);
$reject(new GQLException(
message: $payload['message'],
code: $response->getStatusCode()
));
return;
}
src/Appwrite/GraphQL/Schema.php
+54 -65
View File
@@ -3,63 +3,54 @@
namespace Appwrite\GraphQL;
use Appwrite\GraphQL\Types\Mapper;
use Appwrite\Utopia\Response\Models;
use GraphQL\Type\Definition\ObjectType;
use GraphQL\Type\Definition\Type;
use GraphQL\Type\Schema as GQLSchema;
use Utopia\DI\Container;
use Utopia\App;
use Utopia\Exception;
use Utopia\Http\Adapter\Swoole\Response as UtopiaSwooleResponse;
use Utopia\Http\Http;
use Utopia\Http\Request;
use Utopia\Http\Response as UtopiaHttpResponse;
use Utopia\Http\Route;
use Utopia\Route;
class Schema
{
protected ?GQLSchema $schema = null;
protected array $dirty = [];
protected static ?GQLSchema $schema = null;
protected static array $dirty = [];
/**
*
* @param Http $http
* @param callable $complexity Function to calculate complexity
* @param callable $attributes Function to get attributes
* @param array $urls Array of functions to get urls for specific method types
* @param array $params Array of functions to build parameters for specific method types
* @param App $utopia
* @param callable $complexity Function to calculate complexity
* @param callable $attributes Function to get attributes
* @param array $urls Array of functions to get urls for specific method types
* @param array $params Array of functions to build parameters for specific method types
* @return GQLSchema
* @throws Exception
*/
public function build(
Http $http,
Request $request,
UtopiaHttpResponse $response,
Container $container,
public static function build(
App $utopia,
callable $complexity,
callable $attributes,
array $urls,
array $params,
): GQLSchema {
if (!empty($this->schema)) {
return $this->schema;
App::setResource('utopia:graphql', static function () use ($utopia) {
return $utopia;
});
if (!empty(self::$schema)) {
return self::$schema;
}
$api = $this->api(
$http,
$request,
$response,
$container,
$api = static::api(
$utopia,
$complexity
);
// $collections = $this->collections(
// $http,
// $complexity,
// $request,
// $response,
// $attributes,
// $urls,
// $params,
// );
//$collections = static::collections(
// $utopia,
// $complexity,
// $attributes,
// $urls,
// $params,
//);
$queries = \array_merge_recursive(
$api['query'],
@@ -73,7 +64,7 @@ class Schema
\ksort($queries);
\ksort($mutations);
return $this->schema = new GQLSchema([
return static::$schema = new GQLSchema([
'query' => new ObjectType([
'name' => 'Query',
'fields' => $queries
@@ -89,23 +80,21 @@ class Schema
* This function iterates all API routes and builds a GraphQL
* schema defining types and resolvers for all response models.
*
* @param Http $http
* @param Request $request
* @param UtopiaSwooleResponse $response
* @param App $utopia
* @param callable $complexity
* @return array
* @throws \Exception
* @throws Exception
*/
protected function api(Http $http, Request $request, UtopiaHttpResponse $response, Container $container, callable $complexity): array
protected static function api(App $utopia, callable $complexity): array
{
Mapper::init(Models::getModels());
$mapper = new Mapper();
Mapper::init($utopia
->getResource('response')
->getModels());
$queries = [];
$mutations = [];
foreach ($http->getRoutes() as $routes) {
foreach ($utopia->getRoutes() as $routes) {
foreach ($routes as $route) {
/** @var Route $route */
@@ -117,7 +106,7 @@ class Schema
continue;
}
foreach ($mapper->route($http, $route, $request, $response, $container, $complexity) as $field) {
foreach (Mapper::route($utopia, $route, $complexity) as $field) {
switch ($route->getMethod()) {
case 'GET':
$queries[$name] = $field;
@@ -145,7 +134,7 @@ class Schema
* Iterates all of a projects attributes and builds GraphQL
* queries and mutations for the collections they make up.
*
* @param Http $http
* @param App $utopia
* @param callable $complexity
* @param callable $attributes
* @param array $urls
@@ -154,7 +143,7 @@ class Schema
* @throws \Exception
*/
protected static function collections(
Http $http,
App $utopia,
callable $complexity,
callable $attributes,
array $urls,
@@ -205,36 +194,36 @@ class Schema
$queryFields[$collectionId . 'Get'] = [
'type' => $objectType,
'args' => Mapper::args('id'),
/*'resolve' => Resolvers::documentGet(
$http,
'resolve' => Resolvers::documentGet(
$utopia,
$databaseId,
$collectionId,
$urls['get'],
)*/
)
];
$queryFields[$collectionId . 'List'] = [
'type' => Type::listOf($objectType),
'args' => Mapper::args('list'),
/*'resolve' => Resolvers::documentList(
$http,
'resolve' => Resolvers::documentList(
$utopia,
$databaseId,
$collectionId,
$urls['list'],
$params['list'],
),*/
),
'complexity' => $complexity,
];
$mutationFields[$collectionId . 'Create'] = [
'type' => $objectType,
'args' => $attributes,
/*'resolve' => Resolvers::documentCreate(
$http,
'resolve' => Resolvers::documentCreate(
$utopia,
$databaseId,
$collectionId,
$urls['create'],
$params['create'],
)*/
)
];
$mutationFields[$collectionId . 'Update'] = [
'type' => $objectType,
@@ -245,23 +234,23 @@ class Schema
$attributes
)
),
/*'resolve' => Resolvers::documentUpdate(
$http,
'resolve' => Resolvers::documentUpdate(
$utopia,
$databaseId,
$collectionId,
$urls['update'],
$params['update'],
)*/
)
];
$mutationFields[$collectionId . 'Delete'] = [
'type' => Mapper::model('none'),
'args' => Mapper::args('id'),
/*'resolve' => Resolvers::documentDelete(
$http,
'resolve' => Resolvers::documentDelete(
$utopia,
$databaseId,
$collectionId,
$urls['delete'],
)*/
)
];
}
$offset += $limit;
@@ -273,8 +262,8 @@ class Schema
];
}
public function setDirty(string $projectId): void
public static function setDirty(string $projectId): void
{
$this->dirty[$projectId] = true;
self::$dirty[$projectId] = true;
}
}
src/Appwrite/GraphQL/Types/Mapper.php
+30 -35
View File
@@ -8,13 +8,10 @@ use Exception;
use GraphQL\Type\Definition\ObjectType;
use GraphQL\Type\Definition\Type;
use GraphQL\Type\Definition\UnionType;
use Utopia\DI\Container;
use Utopia\Http\Adapter\Swoole\Response as UtopiaSwooleResponse;
use Utopia\Http\Http;
use Utopia\Http\Request;
use Utopia\Http\Route;
use Utopia\Http\Validator;
use Utopia\Http\Validator\Nullable;
use Utopia\App;
use Utopia\Route;
use Utopia\Validator;
use Utopia\Validator\Nullable;
class Mapper
{
@@ -53,6 +50,7 @@ class Mapper
$defaults = [
'boolean' => Type::boolean(),
'string' => Type::string(),
'payload' => Type::string(),
'integer' => Type::int(),
'double' => Type::float(),
'datetime' => Type::string(),
@@ -77,15 +75,12 @@ class Mapper
return self::$args[$key] ?? [];
}
public function route(
Http $http,
public static function route(
App $utopia,
Route $route,
Request $request,
UtopiaSwooleResponse $response,
Container $container,
callable $complexity
): iterable {
foreach (static::$blacklist as $blacklist) {
foreach (self::$blacklist as $blacklist) {
if (\str_starts_with($route->getPath(), $blacklist)) {
return;
}
@@ -107,7 +102,7 @@ class Mapper
$list = true;
}
$parameterType = Mapper::param(
$container,
$utopia,
$parameter['validator'],
!$parameter['optional'],
$parameter['injections']
@@ -122,7 +117,7 @@ class Mapper
'type' => $type,
'description' => $description,
'args' => $params,
'resolve' => (new Resolvers())->api($http, $route, $request, $response, $container)
'resolve' => Resolvers::api($utopia, $route)
];
if ($list) {
@@ -211,7 +206,7 @@ class Mapper
/**
* Map a {@see Route} parameter to a GraphQL Type
*
* @param Container $container
* @param App $utopia
* @param Validator|callable $validator
* @param bool $required
* @param array $injections
@@ -219,13 +214,13 @@ class Mapper
* @throws Exception
*/
public static function param(
Container $container,
App $utopia,
Validator|callable $validator,
bool $required,
array $injections
): Type {
$validator = \is_callable($validator)
? \call_user_func_array($validator, array_map(fn ($injection) => $container->get($injection), $injections))
? \call_user_func_array($validator, $utopia->getResources($injections))
: $validator;
$isNullable = $validator instanceof Nullable;
@@ -238,20 +233,20 @@ class Mapper
case 'Appwrite\Network\Validator\CNAME':
case 'Appwrite\Task\Validator\Cron':
case 'Appwrite\Utopia\Database\Validator\CustomId':
case 'Utopia\Http\Validator\Domain':
case 'Utopia\Validator\Domain':
case 'Appwrite\Network\Validator\Email':
case 'Appwrite\Event\Validator\Event':
case 'Appwrite\Event\Validator\FunctionEvent':
case 'Utopia\Http\Validator\HexColor':
case 'Utopia\Http\Validator\Host':
case 'Utopia\Http\Validator\IP':
case 'Utopia\Validator\HexColor':
case 'Utopia\Validator\Host':
case 'Utopia\Validator\IP':
case 'Utopia\Database\Validator\Key':
case 'Utopia\Http\Validator\Origin':
case 'Utopia\Validator\Origin':
case 'Appwrite\Auth\Validator\Password':
case 'Utopia\Http\Validator\Text':
case 'Utopia\Validator\Text':
case 'Utopia\Database\Validator\UID':
case 'Utopia\Http\Validator\URL':
case 'Utopia\Http\Validator\WhiteList':
case 'Utopia\Validator\URL':
case 'Utopia\Validator\WhiteList':
default:
$type = Type::string();
break;
@@ -279,29 +274,29 @@ class Mapper
case 'Appwrite\Utopia\Database\Validator\Queries\Variables':
$type = Type::listOf(Type::string());
break;
case 'Utopia\Http\Validator\Boolean':
case 'Utopia\Validator\Boolean':
$type = Type::boolean();
break;
case 'Utopia\Http\Validator\ArrayList':
case 'Utopia\Validator\ArrayList':
$type = Type::listOf(self::param(
$container,
$utopia,
$validator->getValidator(),
$required,
$injections
));
break;
case 'Utopia\Http\Validator\Integer':
case 'Utopia\Http\Validator\Numeric':
case 'Utopia\Http\Validator\Range':
case 'Utopia\Validator\Integer':
case 'Utopia\Validator\Numeric':
case 'Utopia\Validator\Range':
$type = Type::int();
break;
case 'Utopia\Http\Validator\FloatValidator':
case 'Utopia\Validator\FloatValidator':
$type = Type::float();
break;
case 'Utopia\Http\Validator\Assoc':
case 'Utopia\Validator\Assoc':
$type = Types::assoc();
break;
case 'Utopia\Http\Validator\JSON':
case 'Utopia\Validator\JSON':
$type = Types::json();
break;
case 'Utopia\Storage\Validator\File':
src/Appwrite/Messaging/Adapter/Realtime.php
+9
View File
@@ -243,7 +243,11 @@ class Realtime extends Adapter
* @param string $event
* @param Document $payload
* @param Document|null $project
* @param Document|null $database
* @param Document|null $collection
* @param Document|null $bucket
* @return array
* @throws \Exception
*/
public static function fromPayload(string $event, Document $payload, Document $project = null, Document $database = null, Document $collection = null, Document $bucket = null): array
{
@@ -262,6 +266,7 @@ class Realtime extends Adapter
break;
case 'rules':
$channels[] = 'console';
$channels[] = 'projects.' . $project->getId();
$projectId = 'console';
$roles = [Role::team($project->getAttribute('teamId'))->toString()];
break;
@@ -280,6 +285,7 @@ class Realtime extends Adapter
case 'databases':
if (in_array($parts[4] ?? [], ['attributes', 'indexes'])) {
$channels[] = 'console';
$channels[] = 'projects.' . $project->getId();
$projectId = 'console';
$roles = [Role::team($project->getAttribute('teamId'))->toString()];
} elseif (($parts[4] ?? '') === 'documents') {
@@ -319,6 +325,7 @@ class Realtime extends Adapter
if ($parts[2] === 'executions') {
if (!empty($payload->getRead())) {
$channels[] = 'console';
$channels[] = 'projects.' . $project->getId();
$channels[] = 'executions';
$channels[] = 'executions.' . $payload->getId();
$channels[] = 'functions.' . $payload->getAttribute('functionId');
@@ -326,6 +333,7 @@ class Realtime extends Adapter
}
} elseif ($parts[2] === 'deployments') {
$channels[] = 'console';
$channels[] = 'projects.' . $project->getId();
$projectId = 'console';
$roles = [Role::team($project->getAttribute('teamId'))->toString()];
}
@@ -333,6 +341,7 @@ class Realtime extends Adapter
break;
case 'migrations':
$channels[] = 'console';
$channels[] = 'projects.' . $project->getId();
$projectId = 'console';
$roles = [Role::team($project->getAttribute('teamId'))->toString()];
break;
src/Appwrite/Migration/Migration.php
+21 -18
View File
@@ -88,7 +88,8 @@ abstract class Migration
'1.5.7' => 'V20',
'1.5.8' => 'V20',
'1.5.9' => 'V20',
'1.5.10' => 'V20',
'1.5.10' => 'V20',
'1.5.11' => 'V20',
'1.6.0' => 'V21',
];
@@ -97,10 +98,10 @@ abstract class Migration
*/
protected array $collections;
public function __construct(Authorization $auth)
public function __construct()
{
$auth->disable();
$auth->setDefaultStatus(false);
Authorization::disable();
Authorization::setDefaultStatus(false);
$this->collections = Config::getParam('collections', []);
@@ -175,23 +176,25 @@ abstract class Migration
Console::log('Migrating Collection ' . $collection['$id'] . ':');
foreach ($this->documentsIterator($collection['$id']) as $document) {
if (empty($document->getId()) || empty($document->getCollection())) {
return;
}
go(function (Document $document, callable $callback) {
if (empty($document->getId()) || empty($document->getCollection())) {
return;
}
$old = $document->getArrayCopy();
$new = call_user_func($callback, $document);
$old = $document->getArrayCopy();
$new = call_user_func($callback, $document);
if (is_null($new) || $new->getArrayCopy() == $old) {
return;
}
if (is_null($new) || $new->getArrayCopy() == $old) {
return;
}
try {
$this->projectDB->updateDocument($document->getCollection(), $document->getId(), $document);
} catch (\Throwable $th) {
Console::error('Failed to update document: ' . $th->getMessage());
return;
}
try {
$this->projectDB->updateDocument($document->getCollection(), $document->getId(), $document);
} catch (\Throwable $th) {
Console::error('Failed to update document: ' . $th->getMessage());
return;
}
}, $document, $callback);
}
}
}
src/Appwrite/Network/Validator/CNAME.php
+1 -1
View File
@@ -2,7 +2,7 @@
namespace Appwrite\Network\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
class CNAME extends Validator
{
src/Appwrite/Network/Validator/Email.php
+2 -2
View File
@@ -2,14 +2,14 @@
namespace Appwrite\Network\Validator;
use Utopia\Http\Validator;
use Utopia\Validator;
/**
* Email
*
* Validate that an variable is a valid email address
*
* @package Utopia\Http\Validator
* @package Utopia\Validator
*/
class Email extends Validator
{
src/Appwrite/Network/Validator/Origin.php
+2 -2
View File
@@ -2,8 +2,8 @@
namespace Appwrite\Network\Validator;
use Utopia\Http\Validator;
use Utopia\Http\Validator\Hostname;
use Utopia\Validator;
use Utopia\Validator\Hostname;
class Origin extends Validator
{
src/Appwrite/Platform/Tasks/Doctor.php
+33 -71
View File
@@ -3,17 +3,13 @@
namespace Appwrite\Platform\Tasks;
use Appwrite\ClamAV\Network;
use Appwrite\Utopia\Queue\Connections;
use Utopia\App;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Adapter\MariaDB;
use Utopia\Database\Adapter\MySQL;
use Utopia\Domains\Domain;
use Utopia\DSN\DSN;
use Utopia\Http\Http;
use Utopia\Logger\Logger;
use Utopia\Platform\Action;
use Utopia\Queue\Connection\Redis;
use Utopia\Registry\Registry;
use Utopia\Storage\Device\Local;
use Utopia\Storage\Storage;
@@ -31,11 +27,10 @@ class Doctor extends Action
$this
->desc('Validate server health')
->inject('register')
->inject('connections')
->callback(fn (Registry $register, Connections $connections) => $this->action($register, $connections));
->callback(fn (Registry $register) => $this->action($register));
}
public function action(Registry $register, Connections $connections): void
public function action(Registry $register): void
{
Console::log(" __ ____ ____ _ _ ____ __ ____ ____ __ __
/ _\ ( _ \( _ \/ )( \( _ \( )(_ _)( __) ( )/ \
@@ -130,73 +125,17 @@ class Doctor extends Action
//throw $th;
}
/** @var array $pools */
$pools = $register->get('pools');
$pools = $register->get('pools'); /** @var \Utopia\Pools\Group $pools */
$configs = [
'Console.DB' => [
'prefix' => 'console',
'databases' => Config::getParam('pools-console')
],
'Database.DB' => [
'prefix' => 'database',
'databases' => Config::getParam('pools-database')
],
'Console.DB' => Config::getParam('pools-console'),
'Projects.DB' => Config::getParam('pools-database'),
];
foreach ($configs as $key => $config) {
foreach ($config['databases'] as $database) {
foreach ($config as $database) {
try {
$pool = $pools['pools-' . $config['prefix'] . '-' . $database]['pool'];
$dsn = $pools['pools-' . $config['prefix'] . '-' . $database]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = match ($dsn->getScheme()) {
'mariadb' => new MariaDB($connection),
'mysql' => new MySQL($connection),
default => null
};
$adapter->setDatabase($dsn->getPath());
if ($adapter->ping()) {
Console::success('🟢 ' . str_pad("$key({$database})", 50, '.') . 'connected');
} else {
Console::error('🔴 ' . str_pad("$key({$database})", 47, '.') . 'disconnected');
}
} catch (\Throwable $th) {
Console::error('🔴 ' . str_pad("{$key}.({$database})", 47, '.') . 'disconnected');
}
}
}
/** @var array $pools */
$pools = $register->get('pools');
$configs = [
'Cache' => [
'prefix' => 'cache',
'databases' => Config::getParam('pools-cache')
],
'Queue' => [
'prefix' => 'queue',
'databases' => Config::getParam('pools-queue')
],
'PubSub' => [
'prefix' => 'pubsub',
'databases' => Config::getParam('pools-pubsub')
],
];
foreach ($configs as $key => $config) {
foreach ($config['databases'] as $database) {
try {
$pool = $pools['pools-' . $config['prefix'] . '-' . $database]['pool'];
$dsn = $pools['pools-' . $config['prefix'] . '-' . $database]['dsn'];
$connection = $pool->get();
$connections->add($connection, $pool);
$adapter = new Redis($dsn->getHost(), $dsn->getPort());
$adapter = $pools->get($database)->pop()->getResource();
if ($adapter->ping()) {
Console::success('🟢 ' . str_pad("{$key}({$database})", 50, '.') . 'connected');
@@ -204,7 +143,30 @@ class Doctor extends Action
Console::error('🔴 ' . str_pad("{$key}({$database})", 47, '.') . 'disconnected');
}
} catch (\Throwable $th) {
Console::error('🔴 ' . str_pad("{$key}({$database})", 47, '.') . 'disconnected');
Console::error('🔴 ' . str_pad("{$key}.({$database})", 47, '.') . 'disconnected');
}
}
}
$pools = $register->get('pools'); /** @var \Utopia\Pools\Group $pools */
$configs = [
'Cache' => Config::getParam('pools-cache'),
'Queue' => Config::getParam('pools-queue'),
'PubSub' => Config::getParam('pools-pubsub'),
];
foreach ($configs as $key => $config) {
foreach ($config as $pool) {
try {
$adapter = $pools->get($pool)->pop()->getResource();
if ($adapter->ping()) {
Console::success('🟢 ' . str_pad("{$key}({$pool})", 50, '.') . 'connected');
} else {
Console::error('🔴 ' . str_pad("{$key}({$pool})", 47, '.') . 'disconnected');
}
} catch (\Throwable $th) {
Console::error('🔴 ' . str_pad("{$key}({$pool})", 47, '.') . 'disconnected');
}
}
}
@@ -296,7 +258,7 @@ class Doctor extends Action
}
try {
if (Http::isProduction()) {
if (App::isProduction()) {
Console::log('');
$version = \json_decode(@\file_get_contents(System::getEnv('_APP_HOME', 'http://localhost') . '/version'), true);
src/Appwrite/Platform/Tasks/Install.php
+6 -5
View File
@@ -8,9 +8,9 @@ use Appwrite\Docker\Env;
use Appwrite\Utopia\View;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Text;
use Utopia\Platform\Action;
use Utopia\Validator\Boolean;
use Utopia\Validator\Text;
class Install extends Action
{
@@ -213,7 +213,8 @@ class Install extends Action
}
$env = '';
$output = '';
$stdout = '';
$stderr = '';
foreach ($input as $key => $value) {
if ($value) {
@@ -224,13 +225,13 @@ class Install extends Action
$exit = 0;
if (!$noStart) {
Console::log("Running \"docker compose up -d --remove-orphans --renew-anon-volumes\"");
$exit = Console::execute("$env docker compose --project-directory $this->path up -d --remove-orphans --renew-anon-volumes", '', $output);
$exit = Console::execute("$env docker compose --project-directory $this->path up -d --remove-orphans --renew-anon-volumes", '', $stdout, $stderr);
}
if ($exit !== 0) {
$message = 'Failed to install Appwrite dockers';
Console::error($message);
Console::error($output);
Console::error($stderr);
Console::exit($exit);
} else {
$message = 'Appwrite installed successfully';
src/Appwrite/Platform/Tasks/Maintenance.php
+14 -6
View File
@@ -49,12 +49,7 @@ class Maintenance extends Action
$this->foreachProject($dbForConsole, function (Document $project) use ($queueForDeletes, $usageStatsRetentionHourly) {
$queueForDeletes->setProject($project);
$this->notifyDeleteTargets($queueForDeletes);
$this->notifyDeleteExecutionLogs($queueForDeletes);
$this->notifyDeleteAbuseLogs($queueForDeletes);
$this->notifyDeleteAuditLogs($queueForDeletes);
$this->notifyDeleteUsageStats($usageStatsRetentionHourly, $queueForDeletes);
$this->notifyDeleteExpiredSessions($queueForDeletes);
$this->notifyProjects($queueForDeletes, $usageStatsRetentionHourly);
});
$this->notifyDeleteConnections($queueForDeletes);
@@ -64,6 +59,19 @@ class Maintenance extends Action
}, $interval, $delay);
}
/**
* Hook to allow sub-classes to extend project-level maintenance functionality.
*/
protected function notifyProjects(Delete $queueForDeletes, int $usageStatsRetentionHourly): void
{
$this->notifyDeleteTargets($queueForDeletes);
$this->notifyDeleteExecutionLogs($queueForDeletes);
$this->notifyDeleteAbuseLogs($queueForDeletes);
$this->notifyDeleteAuditLogs($queueForDeletes);
$this->notifyDeleteUsageStats($usageStatsRetentionHourly, $queueForDeletes);
$this->notifyDeleteExpiredSessions($queueForDeletes);
}
protected function foreachProject(Database $dbForConsole, callable $callback): void
{
// TODO: @Meldiron name of this method no longer matches. It does not delete, and it gives whole document
src/Appwrite/Platform/Tasks/Migrate.php
+12 -10
View File
@@ -10,10 +10,10 @@ use Utopia\Database\Database;
use Utopia\Database\Document;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Http\Validator\Text;
use Utopia\Platform\Action;
use Utopia\Registry\Registry;
use Utopia\System\System;
use Utopia\Validator\Text;
class Migrate extends Action
{
@@ -30,15 +30,12 @@ class Migrate extends Action
->desc('Migrate Appwrite to new version')
/** @TODO APP_VERSION_STABLE needs to be defined */
->param('version', APP_VERSION_STABLE, new Text(8), 'Version to migrate to.', true)
->inject('cache')
->inject('dbForConsole')
->inject('getProjectDB')
->inject('register')
->inject('authorization')
->inject('console')
->callback(function ($version, $dbForConsole, $getProjectDB, Registry $register, Authorization $authorization, Document $console) {
\Co\run(function () use ($version, $dbForConsole, $getProjectDB, $register, $authorization, $console) {
$this->action($version, $dbForConsole, $getProjectDB, $register, $authorization, $console);
->callback(function ($version, $dbForConsole, $getProjectDB, Registry $register) {
\Co\run(function () use ($version, $dbForConsole, $getProjectDB, $register) {
$this->action($version, $dbForConsole, $getProjectDB, $register);
});
});
}
@@ -61,12 +58,13 @@ class Migrate extends Action
}
}
public function action(string $version, Database $dbForConsole, callable $getProjectDB, Registry $register, Authorization $auth, Document $console)
public function action(string $version, Database $dbForConsole, callable $getProjectDB, Registry $register)
{
$auth->disable();
Authorization::disable();
if (!array_key_exists($version, Migration::$versions)) {
Console::error("Version {$version} not found.");
Console::exit(1);
return;
}
@@ -79,8 +77,12 @@ class Migrate extends Action
10
);
$app = new App('UTC');
Console::success('Starting Data Migration to version ' . $version);
$console = $app->getResource('console');
$limit = 30;
$sum = 30;
$offset = 0;
@@ -99,7 +101,7 @@ class Migrate extends Action
$class = 'Appwrite\\Migration\\Version\\' . Migration::$versions[$version];
/** @var Migration $migration */
$migration = new $class($auth, );
$migration = new $class();
while (!empty($projects)) {
foreach ($projects as $project) {
src/Appwrite/Platform/Tasks/QueueCount.php
+2 -2
View File
@@ -3,11 +3,11 @@
namespace Appwrite\Platform\Tasks;
use Utopia\CLI\Console;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Platform\Action;
use Utopia\Queue\Client;
use Utopia\Queue\Connection;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
class QueueCount extends Action
{
src/Appwrite/Platform/Tasks/QueueRetry.php
+2 -2
View File
@@ -3,11 +3,11 @@
namespace Appwrite\Platform\Tasks;
use Utopia\CLI\Console;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\Wildcard;
use Utopia\Platform\Action;
use Utopia\Queue\Client;
use Utopia\Queue\Connection;
use Utopia\Validator\Text;
use Utopia\Validator\Wildcard;
class QueueRetry extends Action
{
src/Appwrite/Platform/Tasks/SSL.php
+2 -2
View File
@@ -5,10 +5,10 @@ namespace Appwrite\Platform\Tasks;
use Appwrite\Event\Certificate;
use Utopia\CLI\Console;
use Utopia\Database\Document;
use Utopia\Http\Validator\Boolean;
use Utopia\Http\Validator\Hostname;
use Utopia\Platform\Action;
use Utopia\System\System;
use Utopia\Validator\Boolean;
use Utopia\Validator\Hostname;
class SSL extends Action
{
src/Appwrite/Platform/Tasks/ScheduleBase.php
+67 -80
View File
@@ -2,44 +2,41 @@
namespace Appwrite\Platform\Tasks;
use Appwrite\Utopia\Queue\Connections;
use Swoole\Timer;
use Utopia\CLI\Console;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Database\Document;
use Utopia\Database\Exception;
use Utopia\Database\Query;
use Utopia\Platform\Action;
use Utopia\Pools\Group;
use Utopia\System\System;
use function Swoole\Coroutine\run;
abstract class ScheduleBase extends Action
{
protected const UPDATE_TIMER = 10; //seconds
protected const ENQUEUE_TIMER = 60; //seconds
protected array $schedules = [];
protected Connections $connections;
abstract public static function getName(): string;
abstract public static function getSupportedResource(): string;
abstract protected function enqueueResources(
array $pools,
callable $getConsoleDB
);
abstract public static function getCollectionId(): string;
abstract protected function enqueueResources(Group $pools, Database $dbForConsole, callable $getProjectDB): void;
public function __construct()
{
$this->connections = new Connections();
$type = static::getSupportedResource();
$this
->desc("Execute {$type}s scheduled in Appwrite")
->inject('pools')
->inject('getConsoleDB')
->inject('dbForConsole')
->inject('getProjectDB')
->callback(fn (array $pools, callable $getConsoleDB, callable $getProjectDB) => $this->action($pools, $getConsoleDB, $getProjectDB));
->callback(fn (Group $pools, Database $dbForConsole, callable $getProjectDB) => $this->action($pools, $dbForConsole, $getProjectDB));
}
/**
@@ -47,12 +44,11 @@ abstract class ScheduleBase extends Action
* 2. Create timer that sync all changes from 'schedules' collection to local copy. Only reading changes thanks to 'resourceUpdatedAt' attribute
* 3. Create timer that prepares coroutines for soon-to-execute schedules. When it's ready, coroutine sleeps until exact time before sending request to worker.
*/
public function action(array $pools, callable $getConsoleDB, callable $getProjectDB): void
public function action(Group $pools, Database $dbForConsole, callable $getProjectDB): void
{
Console::title(\ucfirst(static::getSupportedResource()) . ' scheduler V1');
Console::success(APP_NAME . ' ' . \ucfirst(static::getSupportedResource()) . ' scheduler v1 has started');
[$_, $_, $dbForConsole] = $getConsoleDB();
/**
* Extract only necessary attributes to lower memory used.
*
@@ -63,14 +59,8 @@ abstract class ScheduleBase extends Action
$getSchedule = function (Document $schedule) use ($dbForConsole, $getProjectDB): array {
$project = $dbForConsole->getDocument('projects', $schedule->getAttribute('projectId'));
$collectionId = match ($schedule->getAttribute('resourceType')) {
'function' => 'functions',
'message' => 'messages',
'execution' => 'executions'
};
$resource = $getProjectDB($project)->getDocument(
$collectionId,
static::getCollectionId(),
$schedule->getAttribute('resourceId')
);
@@ -114,12 +104,7 @@ abstract class ScheduleBase extends Action
try {
$this->schedules[$document->getInternalId()] = $getSchedule($document);
} catch (\Throwable $th) {
$collectionId = match ($document->getAttribute('resourceType')) {
'function' => 'functions',
'message' => 'messages',
'execution' => 'executions'
};
$collectionId = static::getCollectionId();
Console::error("Failed to load schedule for project {$document['projectId']} {$collectionId} {$document['resourceId']}");
Console::error($th->getMessage());
}
@@ -128,74 +113,76 @@ abstract class ScheduleBase extends Action
$latestDocument = \end($results);
}
$pools->reclaim();
Console::success("{$total} resources were loaded in " . (\microtime(true) - $loadStart) . " seconds");
Console::success("Starting timers at " . DateTime::now());
run(function () use ($dbForConsole, &$lastSyncUpdate, $getSchedule, $pools, $getProjectDB) {
/**
* The timer synchronize $schedules copy with database collection.
*/
Timer::tick(static::UPDATE_TIMER * 1000, function () use ($dbForConsole, &$lastSyncUpdate, $getSchedule, $pools) {
$time = DateTime::now();
$timerStart = \microtime(true);
Timer::tick(static::UPDATE_TIMER * 1000, function () use ($getConsoleDB, &$lastSyncUpdate, $getSchedule, $pools) {
[$connection,$pool, $dbForConsole] = $getConsoleDB();
$connections = new Connections();
$connections->add($connection, $pool);
$limit = 1000;
$sum = $limit;
$total = 0;
$latestDocument = null;
$time = DateTime::now();
$timerStart = \microtime(true);
Console::log("Sync tick: Running at $time");
$limit = 1000;
$sum = $limit;
$total = 0;
$latestDocument = null;
while ($sum === $limit) {
$paginationQueries = [Query::limit($limit)];
Console::log("Sync tick: Running at $time");
while ($sum === $limit) {
$paginationQueries = [Query::limit($limit)];
if ($latestDocument) {
$paginationQueries[] = Query::cursorAfter($latestDocument);
}
$results = $dbForConsole->find('schedules', \array_merge($paginationQueries, [
Query::equal('region', [System::getEnv('_APP_REGION', 'default')]),
Query::equal('resourceType', [static::getSupportedResource()]),
Query::greaterThanEqual('resourceUpdatedAt', $lastSyncUpdate),
]));
$sum = count($results);
$total = $total + $sum;
foreach ($results as $document) {
$localDocument = $schedules[$document['resourceId']] ?? null;
// Check if resource has been updated since last sync
$org = $localDocument !== null ? \strtotime($localDocument['resourceUpdatedAt']) : null;
$new = \strtotime($document['resourceUpdatedAt']);
if (!$document['active']) {
Console::info("Removing: {$document['resourceId']}");
unset($this->schedules[$document->getInternalId()]);
} elseif ($new !== $org) {
Console::info("Updating: {$document['resourceId']}");
$this->schedules[$document->getInternalId()] = $getSchedule($document);
if ($latestDocument) {
$paginationQueries[] = Query::cursorAfter($latestDocument);
}
$results = $dbForConsole->find('schedules', \array_merge($paginationQueries, [
Query::equal('region', [System::getEnv('_APP_REGION', 'default')]),
Query::equal('resourceType', [static::getSupportedResource()]),
Query::greaterThanEqual('resourceUpdatedAt', $lastSyncUpdate),
]));
$sum = count($results);
$total = $total + $sum;
foreach ($results as $document) {
$localDocument = $this->schedules[$document->getInternalId()] ?? null;
// Check if resource has been updated since last sync
$org = $localDocument !== null ? \strtotime($localDocument['resourceUpdatedAt']) : null;
$new = \strtotime($document['resourceUpdatedAt']);
if (!$document['active']) {
Console::info("Removing: {$document['resourceType']}::{$document['resourceId']}");
unset($this->schedules[$document->getInternalId()]);
} elseif ($new !== $org) {
Console::info("Updating: {$document['resourceType']}::{$document['resourceId']}");
$this->schedules[$document->getInternalId()] = $getSchedule($document);
}
}
$latestDocument = \end($results);
}
$latestDocument = \end($results);
}
$lastSyncUpdate = $time;
$timerEnd = \microtime(true);
$lastSyncUpdate = $time;
$timerEnd = \microtime(true);
$pools->reclaim();
$connections->reclaim();
Console::log("Sync tick: {$total} schedules were updated in " . ($timerEnd - $timerStart) . " seconds");
Console::log("Sync tick: {$total} schedules were updated in " . ($timerEnd - $timerStart) . " seconds");
});
Timer::tick(
static::ENQUEUE_TIMER * 1000,
fn () => $this->enqueueResources($pools, $dbForConsole, $getProjectDB)
);
$this->enqueueResources($pools, $dbForConsole, $getProjectDB);
});
Timer::tick(
static::ENQUEUE_TIMER * 1000,
fn () => $this->enqueueResources($pools, $getConsoleDB)
);
$this->enqueueResources($pools, $getConsoleDB);
}
}
src/Appwrite/Platform/Tasks/ScheduleExecutions.php
+28 -23
View File
@@ -4,7 +4,8 @@ namespace Appwrite\Platform\Tasks;
use Appwrite\Event\Func;
use Swoole\Coroutine as Co;
use Utopia\Queue\Connection\Redis;
use Utopia\Database\Database;
use Utopia\Pools\Group;
class ScheduleExecutions extends ScheduleBase
{
@@ -21,16 +22,16 @@ class ScheduleExecutions extends ScheduleBase
return 'execution';
}
protected function enqueueResources(array $pools, callable $getConsoleDB): void
public static function getCollectionId(): string
{
[$connection,$pool, $dbForConsole] = $getConsoleDB();
$this->connections->add($connection, $pool);
return 'executions';
}
$pool = $pools['pools-queue-queue']['pool'];
$connection = $pool->get();
$this->connections->add($connection, $pool);
$queueForFunctions = new Func(new Redis($connection));
protected function enqueueResources(Group $pools, Database $dbForConsole, callable $getProjectDB): void
{
$queue = $pools->get('queue')->pop();
$connection = $queue->getResource();
$queueForFunctions = new Func($connection);
$intervalEnd = (new \DateTime())->modify('+' . self::ENQUEUE_TIMER . ' seconds');
foreach ($this->schedules as $schedule) {
@@ -49,34 +50,38 @@ class ScheduleExecutions extends ScheduleBase
continue;
}
$data = $dbForConsole->getDocument(
'schedules',
$schedule['$id'],
)->getAttribute('data', []);
$delay = $scheduledAt->getTimestamp() - (new \DateTime())->getTimestamp();
\go(function () use ($queueForFunctions, $schedule, $delay, $dbForConsole) {
\go(function () use ($queueForFunctions, $schedule, $delay, $data) {
Co::sleep($delay);
$queueForFunctions
->setType('schedule')
$queueForFunctions->setType('schedule')
// Set functionId instead of function as we don't have $dbForProject
// TODO: Refactor to use function instead of functionId
->setFunctionId($schedule['resource']['functionId'])
->setExecution($schedule['resource'])
->setMethod($schedule['data']['method'] ?? 'POST')
->setPath($schedule['data']['path'] ?? '/')
->setHeaders($schedule['data']['headers'] ?? [])
->setBody($schedule['data']['body'] ?? '')
->setMethod($data['method'] ?? 'POST')
->setPath($data['path'] ?? '/')
->setHeaders($data['headers'] ?? [])
->setBody($data['body'] ?? '')
->setProject($schedule['project'])
->setUserId($data['userId'] ?? '')
->trigger();
$dbForConsole->deleteDocument(
'schedules',
$schedule['$id'],
);
});
$dbForConsole->deleteDocument(
'schedules',
$schedule['$id'],
);
unset($this->schedules[$schedule['$internalId']]);
}
$this->connections->reclaim();
$queue->reclaim();
}
}
src/Appwrite/Platform/Tasks/ScheduleFunctions.php
+12 -10
View File
@@ -5,8 +5,9 @@ namespace Appwrite\Platform\Tasks;
use Appwrite\Event\Func;
use Cron\CronExpression;
use Utopia\CLI\Console;
use Utopia\Database\Database;
use Utopia\Database\DateTime;
use Utopia\Queue\Connection\Redis;
use Utopia\Pools\Group;
class ScheduleFunctions extends ScheduleBase
{
@@ -25,7 +26,12 @@ class ScheduleFunctions extends ScheduleBase
return 'function';
}
protected function enqueueResources(array $pools, callable $getConsoleDB): void
public static function getCollectionId(): string
{
return 'functions';
}
protected function enqueueResources(Group $pools, Database $dbForConsole, callable $getProjectDB): void
{
$timerStart = \microtime(true);
$time = DateTime::now();
@@ -67,11 +73,8 @@ class ScheduleFunctions extends ScheduleBase
\go(function () use ($delay, $scheduleKeys, $pools) {
\sleep($delay); // in seconds
$pool = $pools['pools-queue-queue']['pool'];
$connection = $pool->get();
$this->connections->add($connection, $pool);
$queueConnection = new Redis($connection);
$queue = $pools->get('queue')->pop();
$connection = $queue->getResource();
foreach ($scheduleKeys as $scheduleKey) {
// Ensure schedule was not deleted
@@ -81,7 +84,7 @@ class ScheduleFunctions extends ScheduleBase
$schedule = $this->schedules[$scheduleKey];
$queueForFunctions = new Func($queueConnection);
$queueForFunctions = new Func($connection);
$queueForFunctions
->setType('schedule')
@@ -92,8 +95,7 @@ class ScheduleFunctions extends ScheduleBase
->trigger();
}
$this->connections->reclaim();
// $queue->reclaim(); // TODO: Do in try/catch/finally, or add to connectons resource
$queue->reclaim();
});
}
src/Appwrite/Platform/Tasks/ScheduleMessages.php
+13 -14
View File
@@ -3,7 +3,8 @@
namespace Appwrite\Platform\Tasks;
use Appwrite\Event\Messaging;
use Utopia\Queue\Connection\Redis;
use Utopia\Database\Database;
use Utopia\Pools\Group;
class ScheduleMessages extends ScheduleBase
{
@@ -20,11 +21,13 @@ class ScheduleMessages extends ScheduleBase
return 'message';
}
protected function enqueueResources(array $pools, callable $getConsoleDB): void
public static function getCollectionId(): string
{
[$connection,$pool, $dbForConsole] = $getConsoleDB();
$this->connections->add($connection, $pool);
return 'messages';
}
protected function enqueueResources(Group $pools, Database $dbForConsole, callable $getProjectDB): void
{
foreach ($this->schedules as $schedule) {
if (!$schedule['active']) {
continue;
@@ -37,15 +40,10 @@ class ScheduleMessages extends ScheduleBase
continue;
}
\go(function () use ($now, $schedule, $pools, $dbForConsole) {
$pool = $pools['pools-queue-queue']['pool'];
$dsn = $pools['pools-queue-queue']['dsn'];
$connection = $pool->get();
$this->connections->add($connection, $pool);
$queueConnection = new Redis($dsn->getHost(), $dsn->getPort());
$queueForMessaging = new Messaging($queueConnection);
\go(function () use ($schedule, $pools, $dbForConsole) {
$queue = $pools->get('queue')->pop();
$connection = $queue->getResource();
$queueForMessaging = new Messaging($connection);
$queueForMessaging
->setType(MESSAGE_SEND_TYPE_EXTERNAL)
@@ -58,7 +56,8 @@ class ScheduleMessages extends ScheduleBase
$schedule['$id'],
);
$this->connections->reclaim();
$queue->reclaim();
unset($this->schedules[$schedule['$internalId']]);
});
}
src/Appwrite/Platform/Tasks/Specs.php
+32 -37
View File
@@ -5,27 +5,25 @@ namespace Appwrite\Platform\Tasks;
use Appwrite\Specification\Format\OpenAPI3;
use Appwrite\Specification\Format\Swagger2;
use Appwrite\Specification\Specification;
use Appwrite\Utopia\Response;
use Appwrite\Utopia\Response\Models;
use Appwrite\Utopia\Request as AppwriteRequest;
use Appwrite\Utopia\Response as AppwriteResponse;
use Exception;
use Swoole\Http\Request as SwooleHttpRequest;
use Swoole\Http\Response as SwooleHttpResponse;
use Swoole\Http\Request as SwooleRequest;
use Swoole\Http\Response as SwooleResponse;
use Utopia\App;
use Utopia\Cache\Adapter\None;
use Utopia\Cache\Cache;
use Utopia\CLI\Console;
use Utopia\Config\Config;
use Utopia\Database\Adapter\MySQL;
use Utopia\Database\Database;
use Utopia\DI\Container;
use Utopia\DI\Dependency;
use Utopia\Http\Adapter\FPM\Server;
use Utopia\Http\Adapter\Swoole\Request;
use Utopia\Http\Adapter\Swoole\Response as HttpResponse;
use Utopia\Http\Http;
use Utopia\Http\Validator\Text;
use Utopia\Http\Validator\WhiteList;
use Utopia\Platform\Action;
use Utopia\Registry\Registry;
use Utopia\Request as UtopiaRequest;
use Utopia\Response as UtopiaResponse;
use Utopia\System\System;
use Utopia\Validator\Text;
use Utopia\Validator\WhiteList;
class Specs extends Action
{
@@ -34,38 +32,37 @@ class Specs extends Action
return 'specs';
}
public function getRequest(): UtopiaRequest
{
return new AppwriteRequest(new SwooleRequest());
}
public function getResponse(): UtopiaResponse
{
return new AppwriteResponse(new SwooleResponse());
}
public function __construct()
{
$this
->desc('Generate Appwrite API specifications')
->param('version', 'latest', new Text(16), 'Spec version', true)
->param('mode', 'normal', new WhiteList(['normal', 'mocks']), 'Spec Mode', true)
->inject('context')
->callback(fn (string $version, string $mode, Container $context) => $this->action($version, $mode, $context));
->inject('register')
->callback(fn (string $version, string $mode, Registry $register) => $this->action($version, $mode, $register));
}
public function action(string $version, string $mode, Container $container): void
public function action(string $version, string $mode, Registry $register): void
{
$appRoutes = Http::getRoutes();
$response = new Response(new HttpResponse(new SwooleHttpResponse()));
$appRoutes = App::getRoutes();
$response = $this->getResponse();
$mocks = ($mode === 'mocks');
$requestDependency = new Dependency();
$responseDependency = new Dependency();
$dbForConsole = new Dependency();
$dbForProject = new Dependency();
// Mock dependencies
$requestDependency->setName('request')->setCallback(fn () => new Request(new SwooleHttpRequest()));
$responseDependency->setName('response')->setCallback(fn () => $response);
$dbForConsole->setName('dbForConsole')->setCallback(fn () => new Database(new MySQL(''), new Cache(new None())));
$dbForProject->setName('dbForProject')->setCallback(fn () => new Database(new MySQL(''), new Cache(new None())));
$container
->set($requestDependency)
->set($responseDependency)
->set($dbForProject)
->set($dbForConsole);
App::setResource('request', fn () => $this->getRequest());
App::setResource('response', fn () => $response);
App::setResource('dbForConsole', fn () => new Database(new MySQL(''), new Cache(new None())));
App::setResource('dbForProject', fn () => new Database(new MySQL(''), new Cache(new None())));
$platforms = [
'client' => APP_PLATFORM_CLIENT,
@@ -199,10 +196,8 @@ class Specs extends Action
case APP_AUTH_TYPE_SESSION:
$sdkPlatforms[] = APP_PLATFORM_CLIENT;
break;
case APP_AUTH_TYPE_KEY:
$sdkPlatforms[] = APP_PLATFORM_SERVER;
break;
case APP_AUTH_TYPE_JWT:
case APP_AUTH_TYPE_KEY:
$sdkPlatforms[] = APP_PLATFORM_SERVER;
break;
case APP_AUTH_TYPE_ADMIN:
@@ -257,7 +252,7 @@ class Specs extends Action
];
}
$models = Models::getModels();
$models = $response->getModels();
foreach ($models as $key => $value) {
if ($platform !== APP_PLATFORM_CONSOLE && !$value->isPublic()) {
@@ -265,7 +260,7 @@ class Specs extends Action
}
}
$arguments = [new Http(new Server(), $container, 'UTC'), $services, $routes, $models, $keys[$platform], $authCounts[$platform] ?? 0];
$arguments = [new App('UTC'), $services, $routes, $models, $keys[$platform], $authCounts[$platform] ?? 0];
foreach (['swagger2', 'open-api3'] as $format) {
$formatInstance = match ($format) {
'swagger2' => new Swagger2(...$arguments),

Some files were not shown because too many files have changed in this diff Show More