Noviny Github contribution chart
Noviny Github Stats
Noviny Most Used Languages

Activity

20 Sep 2022

Noviny

change changeset

Pushed On 20 Sep 2022 at 04:24:46

Noviny

use isSingleton not singleton function

Created On 20 Sep 2022 at 04:24:21
Create Branch
Noviny In keystonejs/keystone Create Branchnoviny/remove-singleton-function

Noviny

The most powerful headless CMS for Node.js — built with GraphQL and React

On 20 Sep 2022 at 04:24:09

Noviny

remove unused variable

Pushed On 07 Sep 2022 at 03:12:17

Noviny

Singletons

Created On 07 Sep 2022 at 03:01:29

Noviny

changeset

Pushed On 07 Sep 2022 at 02:59:28

Noviny

Add docs to singletons

Pushed On 07 Sep 2022 at 02:59:28

Noviny

fix test for mysql case

Pushed On 07 Sep 2022 at 02:23:12

Noviny

fix linting

Pushed On 07 Sep 2022 at 02:00:06

Noviny

smol fix

Pushed On 07 Sep 2022 at 01:53:52

Noviny

example fix

Pushed On 07 Sep 2022 at 01:13:23

Noviny

singleton in sandbox

Pushed On 07 Sep 2022 at 01:07:47

Noviny

typo

Pushed On 07 Sep 2022 at 01:04:04

Noviny

add singleton example

Pushed On 07 Sep 2022 at 01:02:57

Noviny

ban relating to singletons

Pushed On 07 Sep 2022 at 01:02:57

Noviny

remove random line change

Pushed On 06 Sep 2022 at 06:04:33

Noviny

small tweaks based on talking with Mitchell

Pushed On 06 Sep 2022 at 06:04:33

Noviny

clean up of test file

Pushed On 06 Sep 2022 at 06:04:33

Noviny

prisma and graphql changes

Pushed On 06 Sep 2022 at 01:46:47

Noviny

fix(deps): update jest monorepo to v29 (major) (#7862)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Upgrade to graphql@16 (#7817)

  • Upgrade to graphql@16

  • add changeset

Co-authored-by: Daniel Cousens dcousens@users.noreply.github.com

Pushed On 06 Sep 2022 at 12:27:54

Noviny

fix(fields): fix calendarDay non-nullable input type name (#7866)

  • fix(fields): fix calendarDay non-nullable input type name

  • Update .changeset/tasty-lies-move.md

Co-authored-by: Mitchell Hamilton mitchell@hamil.town

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Bump moment-timezone from 0.5.34 to 0.5.37 (#7869)

Bumps moment-timezone from 0.5.34 to 0.5.37.


updated-dependencies:

  • dependency-name: moment-timezone dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Signed-off-by: dependabot[bot] support@github.com Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Remove validation in executeGraphQLFieldToRootVal (#7872)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Remove unused/duplicate deps (#7873)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Only setup express server when necessary (#7871)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Fix rate limiting in CI (#7875)

Co-authored-by: Daniel Cousens 413395+dcousens@users.noreply.github.com

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Rename 'Schema API' to 'Lists API' (#7876)

  • rename Schema API to Lists API

  • s/Name/someName

Co-authored-by: Daniel Cousens dcousens@users.noreply.github.com

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Remove prettier formatting the generated schema.graphql (#7874)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Make operations permissions required (#7848)

Co-authored-by: Daniel Cousens 413395+dcousens@users.noreply.github.com Co-authored-by: Daniel Cousens dcousens@users.noreply.github.com

Pushed On 06 Sep 2022 at 12:27:54

Noviny

fix(deps): update prisma monorepo to v4.3.0 (#7868)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Example boilerplates and Document Field Customisation Example (#7813)

  • Feature and E2E boilerplate

  • Document field customisation and DocumentRenderer customisation

  • Review suggestion: Add key while iterating elements

Co-authored-by: Mitchell Hamilton mitchell@hamil.town

  • Load examples/*/keystone-server projects in scripts/generate-artifacts-for-projects

  • Update examples/document-field-customisation/keystone-server/README.md

  • Don't seed database serially for each entry

  • Replace apollo client with a simple fetch

  • Compatibility changes after rebasing with main

Co-authored-by: Mitchell Hamilton mitchell@hamil.town

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Fixes context.graphql types and adds ts-gql example (#7878)

Pushed On 06 Sep 2022 at 12:27:54

Noviny

fix(deps): update dependency @types/gtag.js to ^0.0.11 (#7885)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Pushed On 06 Sep 2022 at 12:27:54

Noviny

Singletons as lists

Pushed On 06 Sep 2022 at 12:27:54

Noviny

move singleton example to testing

Pushed On 06 Sep 2022 at 12:27:54

Noviny

make singleton function work as intended, and ensure singletons have correct db settings

Pushed On 06 Sep 2022 at 12:27:54

Noviny

starting on singleton testing

Pushed On 06 Sep 2022 at 12:27:54

Noviny

testing

Pushed On 06 Sep 2022 at 12:27:54

Noviny

add access control in unambiguous cases

Pushed On 31 Aug 2022 at 06:07:24

Noviny

add operation permissions to all lists

Pushed On 31 Aug 2022 at 06:07:24

Noviny

add allowAll in some more dubious places

Pushed On 31 Aug 2022 at 06:07:24

Noviny

small type changes to fix allOperations function

Pushed On 31 Aug 2022 at 06:07:24

Noviny

don't apply access control on sudo

Pushed On 31 Aug 2022 at 06:07:24

Noviny

docs and changeset

Pushed On 31 Aug 2022 at 06:07:24

Noviny

Remove unused/duplicate deps

  • object-hash, normalize-path and copy-to-clipboard were unused in @keystone-6/core (did not create a changeset because users don't need to care, it can be released whenever)
  • The website used copy-to-clipboard, the Admin UI uses clipboard-copy which uses navigator.clipboard.writeText itself so I've made the website use clipboard-copy

Merged On 31 Aug 2022 at 05:13:50

Noviny

Commented On 31 Aug 2022 at 05:13:50

Noviny

move singleton example to testing

Pushed On 30 Aug 2022 at 01:12:19

Noviny

make singleton function work as intended, and ensure singletons have correct db settings

Pushed On 30 Aug 2022 at 01:12:19

Noviny

starting on singleton testing

Pushed On 30 Aug 2022 at 01:12:19

Noviny

docs and changeset

Pushed On 30 Aug 2022 at 12:00:44

Noviny

don't apply access control on sudo

Pushed On 30 Aug 2022 at 05:49:09

Noviny

docs update

Pushed On 29 Aug 2022 at 06:22:57

Noviny

add workflow dispatch for tests (#7839)

Pushed On 29 Aug 2022 at 06:13:35

Noviny

fix(deps): update dependency @emotion/cache to v11.10.3 (#7826)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Pushed On 29 Aug 2022 at 06:13:35

Noviny

Restore resolvedData types (#7833)

Co-authored-by: Daniel Cousens dcousens@users.noreply.github.com

Pushed On 29 Aug 2022 at 06:13:35

Noviny

Fix broken website link to database config (#7843)

Co-authored-by: Daniel Cousens 413395+dcousens@users.noreply.github.com

Pushed On 29 Aug 2022 at 06:13:35

Noviny

Change view module resolution (#7805)

Co-authored-by: Daniel Cousens dcousens@users.noreply.github.com Co-authored-by: Daniel Cousens 413395+dcousens@users.noreply.github.com

Pushed On 29 Aug 2022 at 06:13:35

Noviny

Use GitHub Actions' built-in path filtering for skipping workflows (#7847)

Pushed On 29 Aug 2022 at 06:13:35

Noviny

options added

Pushed On 29 Aug 2022 at 06:13:35

Noviny

make basic search optional

Pushed On 29 Aug 2022 at 06:13:35

Noviny

bad use of query for this work

Pushed On 29 Aug 2022 at 06:13:35

Noviny

updates based on discussion

Pushed On 29 Aug 2022 at 06:13:35

Noviny

graphql fix

Pushed On 29 Aug 2022 at 06:13:35

Noviny

udpates from design

Pushed On 29 Aug 2022 at 06:13:35
Merge

Noviny

Make operations permisssions required

When looking at operations permissions, we've found people often misconfigure them, generally allowing data to be provided more widely than was intended or desired. While we want to encourage more thought around access control for lists, we don't want to enforce privacy as a default, so instead, access.operations on lists is required to be explicitly set.

The basic change is the following:

- list({
-   access?: {
-     operation?: {
-       query?: ({ session, context, listKey, operation }) => boolean,
-       create?: ({ session, context, listKey, operation }) => boolean,
-       update?: ({ session, context, listKey, operation }) => boolean,
-       delete?: ({ session, context, listKey, operation }) => boolean,
-     }
-     ...
-   },
-   ...
- })
+ list({
+   access: {
+     operation: {
+       query: ({ session, context, listKey, operation }) => boolean,
+       create: ({ session, context, listKey, operation }) => boolean,
+       update: ({ session, context, listKey, operation }) => boolean,
+       delete: ({ session, context, listKey, operation }) => boolean,
+     }
+     ...
+   },
+   ...
+ }) 

To make this a bit easier however, we are adding two new options.

list({
  access: ({ session, context, listKey, operation }) => boolean
  ...
}) 

allows you to set all access controls at once, and

list({
  access: {
    operations: ({ session, context, listKey, operation }) => boolean,
    ...
  },
  ...
}); 

allows you to set all operations access controls for a list at once.

New exports

We are providing three new helper exports to help out with this change so you can have code that reads well:

import { allowAll, denyAll, allOperations } from "@keystone-6/core" 

These functions should allow quickly applying access controls to lists. For example, to get the existing default access controls, you could do:

list({
  access: allowAll,
  ...
}); 

or

list({
  access: allowAll,
  ...
}); 
list({
  access: { operations: allowAll },
  ...
}); 

If you were setting access for create operations, you can quickly update to:

list({
  access: { operations: { ...allOperations(alloAll), create: myCustomCreateAccessCheck } },
  ...
}); 

Forked On 25 Aug 2022 at 11:47:45

Noviny

@mitchellhamilton or @dcousens This type functions but getting here felt like flailing not knowledge, and would love some scrutiny and feedback of this.
On 25 Aug 2022 at 11:47:45

Noviny

Make operations permisssions required

When looking at operations permissions, we've found people often misconfigure them, generally allowing data to be provided more widely than was intended or desired. While we want to encourage more thought around access control for lists, we don't want to enforce privacy as a default, so instead, access.operations on lists is required to be explicitly set.

The basic change is the following:

- list({
-   access?: {
-     operation?: {
-       query?: ({ session, context, listKey, operation }) => boolean,
-       create?: ({ session, context, listKey, operation }) => boolean,
-       update?: ({ session, context, listKey, operation }) => boolean,
-       delete?: ({ session, context, listKey, operation }) => boolean,
-     }
-     ...
-   },
-   ...
- })
+ list({
+   access: {
+     operation: {
+       query: ({ session, context, listKey, operation }) => boolean,
+       create: ({ session, context, listKey, operation }) => boolean,
+       update: ({ session, context, listKey, operation }) => boolean,
+       delete: ({ session, context, listKey, operation }) => boolean,
+     }
+     ...
+   },
+   ...
+ }) 

To make this a bit easier however, we are adding two new options.

list({
  access: ({ session, context, listKey, operation }) => boolean
  ...
}) 

allows you to set all access controls at once, and

list({
  access: {
    operations: ({ session, context, listKey, operation }) => boolean,
    ...
  },
  ...
}); 

allows you to set all operations access controls for a list at once.

New exports

We are providing three new helper exports to help out with this change so you can have code that reads well:

import { allowAll, denyAll, allOperations } from "@keystone-6/core" 

These functions should allow quickly applying access controls to lists. For example, to get the existing default access controls, you could do:

list({
  access: allowAll,
  ...
}); 

or

list({
  access: allowAll,
  ...
}); 
list({
  access: { operations: allowAll },
  ...
}); 

If you were setting access for create operations, you can quickly update to:

list({
  access: { operations: { ...allOperations(alloAll), create: myCustomCreateAccessCheck } },
  ...
}); 

Merged On 25 Aug 2022 at 11:47:45

Noviny

Commented On 25 Aug 2022 at 11:47:45
Issue Comment

Noviny

Make operations permisssions required

When looking at operations permissions, we've found people often misconfigure them, generally allowing data to be provided more widely than was intended or desired. While we want to encourage more thought around access control for lists, we don't want to enforce privacy as a default, so instead, access.operations on lists is required to be explicitly set.

The basic change is the following:

- list({
-   access?: {
-     operation?: {
-       query?: ({ session, context, listKey, operation }) => boolean,
-       create?: ({ session, context, listKey, operation }) => boolean,
-       update?: ({ session, context, listKey, operation }) => boolean,
-       delete?: ({ session, context, listKey, operation }) => boolean,
-     }
-     ...
-   },
-   ...
- })
+ list({
+   access: {
+     operation: {
+       query: ({ session, context, listKey, operation }) => boolean,
+       create: ({ session, context, listKey, operation }) => boolean,
+       update: ({ session, context, listKey, operation }) => boolean,
+       delete: ({ session, context, listKey, operation }) => boolean,
+     }
+     ...
+   },
+   ...
+ }) 

To make this a bit easier however, we are adding two new options.

list({
  access: ({ session, context, listKey, operation }) => boolean
  ...
}) 

allows you to set all access controls at once, and

list({
  access: {
    operations: ({ session, context, listKey, operation }) => boolean,
    ...
  },
  ...
}); 

allows you to set all operations access controls for a list at once.

New exports

We are providing three new helper exports to help out with this change so you can have code that reads well:

import { allowAll, denyAll, allOperations } from "@keystone-6/core" 

These functions should allow quickly applying access controls to lists. For example, to get the existing default access controls, you could do:

list({
  access: allowAll,
  ...
}); 

or

list({
  access: allowAll,
  ...
}); 
list({
  access: { operations: allowAll },
  ...
}); 

If you were setting access for create operations, you can quickly update to:

list({
  access: { operations: { ...allOperations(alloAll), create: myCustomCreateAccessCheck } },
  ...
}); 

Forked On 25 Aug 2022 at 11:45:03

Noviny

Commit history should be a good guide here in understanding actual changes vs updating all our various configs to comply with the change.

TODO:

  • [ ] update docs to reflect the new reality
  • [ ] changeset

Commented On 25 Aug 2022 at 11:45:03

Noviny

Make operations permisssions required

Created On 25 Aug 2022 at 11:43:44
Create Branch
Noviny In keystonejs/keystone Create Branchmake-permisssions-required

Noviny

The most powerful headless CMS for Node.js — built with GraphQL and React

On 25 Aug 2022 at 11:23:59

Noviny

graphql fix

Pushed On 25 Aug 2022 at 05:54:10

Noviny

updates based on discussion

Pushed On 25 Aug 2022 at 04:57:42