Release v1.30.0 #805
Merged
Release v1.30.0 #805
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Problem
We previously disabled batching multiple operations in a single HTTP
request. However, we still allow multiple root level fields in a single
operation. It was flagged out during VAPT that this might facilitate
potential DOS attacks and should only be enabled when strictly
necessary.
## Solution
Create a custom apollo plugin to detect if there are multiple root level
fields. If there are, throw a `BadUserInputError`.
## How to test
1. Run dev server and open http://localhost:3000/graphql to access the
sandbox
2. Test with the following query
```
query Batch {
h1: healthcheck {
version
}
h2: healthcheck {
version
}
}
```
3. You should be able to see the relevant error.
…PI (#793) ## Problem Allow headers to be set using variables for Custom API. ## Solution Add option to set custom headers in the "Set up step" with ability to select variables. - Default <img width="853" alt="Screenshot 2024-11-08 at 5 31 09 PM" src="https://github.com/user-attachments/assets/54d0d598-b063-43cc-b845-bc541a10496f"> - With custom headers <img width="859" alt="Screenshot 2024-11-08 at 12 13 56 PM" src="https://github.com/user-attachments/assets/56c3720e-2d88-432e-9505-24c144cc6919"> **Features**: - Enable custom headers to be sent (on top of headers configured during "Add new connection") - Implement multi column input to adopt similar input style as Postman/Bruno <img width="851" alt="Screenshot 2024-11-08 at 1 33 24 PM" src="https://github.com/user-attachments/assets/c2194022-4457-4676-ab0d-25a297f10c26"> ## Before & After Screenshots **BEFORE**: - N/A. New feature **AFTER**: 1. Custom Headers set on Plumber <img width="850" alt="Screenshot 2024-11-08 at 1 41 21 PM" src="https://github.com/user-attachments/assets/f1e97f81-2c85-4e5a-9273-51d2ab45b4cd"> 2. Custom Headers received <img width="855" alt="Screenshot 2024-11-08 at 1 42 22 PM" src="https://github.com/user-attachments/assets/696e0305-aeeb-4183-bf93-eb43328a0120"> ## Tests - [x] Validate key-value pairs, i.e. key/value should not be null - [x] Custom headers should not override headers set up during the "Add new connection" stage - [x] API calls still execute without custom headers **New scripts**: - `packages/backend/src/apps/custom-api/actions/http-request/schema.ts` : validate custom headers - `packages/frontend/src/components/MultiCol.tsx/index.tsx` : component for multi column input - `packages/frontend/src/components/MultiRow/RowDivider.tsx` : move "And" divider to separate component
## Problem Dates cannot be compared now for conditions. ## Solution Added description to each option instead of separating them into group for now because it is clear enough (Zapier also does this) <img width="383" alt="image" src="https://github.com/user-attachments/assets/04cc62d7-619c-4ddb-8099-956a33bd3c26"> To maintain backwards compatibility, add 2 options: `before` and `after` to compare dates: decided to allow any datetime format because it is not realistic to check for a similar datetime format before comparing. - Convert the datetime to a timestamp for easy comparison - Throw step error if the datetime is invalid - Added unit tests ## Screenshots ### Before https://github.com/user-attachments/assets/2f771b1e-75cd-46c5-a4c3-cc684ec1d9b8 ### After https://github.com/user-attachments/assets/6a3122a0-7868-49ff-a050-3588fbaa46bd ## Tests - [x] Other conditions still work - [x] Before and after datetime works for more common fields e.g. formsg date field and formsg submission time --------- Co-authored-by: Ian Chen <[email protected]>
## Problem Realised that we have conflicting formats `dd/LL/yy` vs `yy/LL/dd` and it could pose as a problem when people use this format later in a delay step ## Solution Remove the `yy/LL/dd` datetime format ## Regression test - Check that prod doesn't have any steps that uses this date format thankfully (only 2 but both are deleted) Simple query: ``` SELECT * FROM steps WHERE key = 'dateTime' and parameters::text ilike '%"formatDateTimeToFormat": "yy/LL/dd"%'' ```
## Problem Some fields are either missing or not user-friendly for mock data ## Improvements - Standardise email field types to the user email so it could be used in postman step - Add corppass missing info - Reference: https://github.com/opengovsg/FormSG/blob/82c5ba6fff7e9628b6c32449148e89c0224e9ff5/src/app/modules/spcp/spcp.util.ts#L92 - Can refer to this pipe in production for example: 9777d71f-dbac-47c4-a70a-c18f02e3a7bc - Hide NRIC collection if disabled - Add mock payment data if the form has payment enabled - For `Products` payment_type: take the first payment product available in the form setup (`Product or service`) - For `Variable` payment_type: mock a default product name and amount to be returned (`Respondents choose what to pay`) ## Tests (for mock data) - [x] Old and standard forms still work (no payment, singpass or corppass) - [x] Payment forms work (test using staging form, can add payments without a stripe account) - [x] Singpass forms still work with or without verified NRIC - [x] Corppass forms will return the verified NRIC and UEN
kevinkim-ogp
approved these changes
Nov 27, 2024
Datadog ReportBranch report: ✅ 0 Failed, 695 Passed, 0 Skipped, 2m 4.3s Total Time |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes