We are happy to announce the new release of Amplication 0.12.7
🥳
Help us spread the word about Amplication by starring 🌟 the repo or tweeting 🐦 about the release. 🚀
Amplication release 0.12.7
is a good example of how we keep our code fine-tuned while introducing awesome new features.
We have done code refactoring with significant improvements to the generated code while introducing support for public endpoints - a feature that was requested by many of our enterprise users.
New interceptors for access controls 🌠
We created two new NestJS Interceptors to enforce Access Control policies:
AclValidateRequestInterceptor
- this interceptor is used to validate that users are not updating or creating data they are not allowed to, based on the permissions that were defined for their role.
AclFilterResponseInterceptor
- this interceptor is used to filter the response data based on the permissions that were defined for their role.
Interceptor refactored code example
Before
When creating a customer record, the request data was checked for any property that is not allowed to be updated by the current user, and an exception is thrown when needed.
The function was not easily readable and included a lot of boilerplate code.
@nestAccessControl.UseRoles({
resource: "Customer",
action: "create",
possession: "any",
})
@common.Post()
async create(
@common.Body() data: CustomerCreateInput,
@nestAccessControl.UserRoles() userRoles: string[]
): Promise<Customer> {
const permission = this.rolesBuilder.permission({
role: userRoles,
action: "create",
possession: "any",
resource: "Customer",
});
const invalidAttributes = abacUtil.getInvalidAttributes(permission, data);
if (invalidAttributes.length) {
const properties = invalidAttributes
.map((attribute: string) => JSON.stringify(attribute))
.join(", ");
const roles = userRoles
.map((role: string) => JSON.stringify(role))
.join(",");
throw new errors.ForbiddenException(
`providing the properties: ${properties} on ${"Customer"} creation is forbidden for roles: ${roles}`
);
}
return await this.service.create({
data: data,
select: {
id: true,
createdAt: true,
updatedAt: true,
name: true,
},
});
}
After
Now, the boilerplate code has been removed, and the function includes only a single line of code that calls the service.create
function.
Instead of the boilerplate code, the AclValidateRequestInterceptor
interceptor was added as a decorator to the function.
@common.UseInterceptors(AclValidateRequestInterceptor)
@nestAccessControl.UseRoles({
resource: "Customer",
action: "create",
possession: "any",
})
@common.Post()
async create(@common.Body() data: CustomerCreateInput): Promise<Customer> {
return await this.service.create({
data: data,
select: {
id: true,
createdAt: true,
updatedAt: true,
name: true,
},
});
}
Public Endpoints 🚀
When building APIs, usually you would like to secure the API so it can be accessed by authorized users only. But, in many use cases, you might be required to build a public API, and sometimes, you may even need to build an API where some endpoints are private while other endpoints are public.
The request to support public endpoints is one of the most popular requests on our GitHub repository #2006.
We have now introduced built-in support to define endpoints as public. This option is available per action per entity- meaning you can easily configure the endpoint so that creating, editing, or deleting blog posts will require authentication, but for viewing the blog posts, no authentication will be needed.
Endpoint Authentication Example
//This endpoint requires authentication
@common.UseInterceptors(AclFilterResponseInterceptor)
@nestAccessControl.UseRoles({
resource: "Customer",
action: "read",
possession: "any",
})
@common.Get()
async findMany(@common.Req() request: Request): Promise<Customer[]> {
//This endpoint is accessible by authenticated and non-authenticated users
//We use the @Public decorator to flag public endpoints
@Public()
@common.Get()
async findMany(@common.Req() request: Request): Promise<Customer[]> {
General 🔹
Issue | Description |
---|---|
Removed unnecessary files in the root of the project. | |
Creating models without auth guard. |
Generated App 📱
Generated Server 💾
CLI 🖥️
Issue | Description |
---|---|
Removed unused package @ockuf/test in CLI.
|
Amplication Client 👨💻
Dependencies ⚠️
Issue | Description |
---|---|
Upgraded the root dsg @nestjs/passport version to 8.2.1 .
|
The complete list of all issues resolved in this release can be found on the 0.12.7 milestone on Github
Credits 👏
For this release, we had the help of many contributors – thank you all very much!
- @jainpawan21 💯
- @devblin 💯
- @abrl91 💯
- @achamorro-dev 💯
- @tupe12334 💯
- @souravjain540 💯