We are happy to announce the new release of Amplication 0.12.7 🥳
Help us spread the word about Amplication by starring 🌟 the repo or tweeting 🐦 about the release. 🚀
Amplication release 0.12.7 is a good example of how we keep our code fine-tuned while introducing awesome new features.
We have done code refactoring with significant improvements to the generated code while introducing support for public endpoints - a feature that was requested by many of our enterprise users.
New interceptors for access controls 🌠
We created two new NestJS Interceptors to enforce Access Control policies:
AclValidateRequestInterceptor - this interceptor is used to validate that users are not updating or creating data they are not allowed to, based on the permissions that were defined for their role.
AclFilterResponseInterceptor - this interceptor is used to filter the response data based on the permissions that were defined for their role.
Interceptor refactored code example
Before
When creating a customer record, the request data was checked for any property that is not allowed to be updated by the current user, and an exception is thrown when needed.
The function was not easily readable and included a lot of boilerplate code.
@nestAccessControl.UseRoles({
resource: "Customer",
action: "create",
possession: "any",
})
@common.Post()
async create(
@common.Body() data: CustomerCreateInput,
@nestAccessControl.UserRoles() userRoles: string[]
): Promise<Customer> {
const permission = this.rolesBuilder.permission({
role: userRoles,
action: "create",
possession: "any",
resource: "Customer",
});
const invalidAttributes = abacUtil.getInvalidAttributes(permission, data);
if (invalidAttributes.length) {
const properties = invalidAttributes
.map((attribute: string) => JSON.stringify(attribute))
.join(", ");
const roles = userRoles
.map((role: string) => JSON.stringify(role))
.join(",");
throw new errors.ForbiddenException(
`providing the properties: ${properties} on ${"Customer"} creation is forbidden for roles: ${roles}`
);
}
return await this.service.create({
data: data,
select: {
id: true,
createdAt: true,
updatedAt: true,
name: true,
},
});
}
After
Now, the boilerplate code has been removed, and the function includes only a single line of code that calls the service.create function.
Instead of the boilerplate code, the AclValidateRequestInterceptor interceptor was added as a decorator to the function.
@common.UseInterceptors(AclValidateRequestInterceptor)
@nestAccessControl.UseRoles({
resource: "Customer",
action: "create",
possession: "any",
})
@common.Post()
async create(@common.Body() data: CustomerCreateInput): Promise<Customer> {
return await this.service.create({
data: data,
select: {
id: true,
createdAt: true,
updatedAt: true,
name: true,
},
});
}
Public Endpoints 🚀
When building APIs, usually you would like to secure the API so it can be accessed by authorized users only. But, in many use cases, you might be required to build a public API, and sometimes, you may even need to build an API where some endpoints are private while other endpoints are public.
The request to support public endpoints is one of the most popular requests on our GitHub repository #2006.
We have now introduced built-in support to define endpoints as public. This option is available per action per entity- meaning you can easily configure the endpoint so that creating, editing, or deleting blog posts will require authentication, but for viewing the blog posts, no authentication will be needed.
Endpoint Authentication Example
//This endpoint requires authentication
@common.UseInterceptors(AclFilterResponseInterceptor)
@nestAccessControl.UseRoles({
resource: "Customer",
action: "read",
possession: "any",
})
@common.Get()
async findMany(@common.Req() request: Request): Promise<Customer[]> {
//This endpoint is accessible by authenticated and non-authenticated users
//We use the @Public decorator to flag public endpoints
@Public()
@common.Get()
async findMany(@common.Req() request: Request): Promise<Customer[]> {
General 🔹
| Issue | Description |
|---|---|
| Removed unnecessary files in the root of the project. | |
| Creating models without auth guard. |
Generated App 📱
| Issue | Description |
|---|---|
| Added logic for handling public queries and mutation for resolvers to-many and to-one relations. | |
Added .server-id to gitignore.
| |
| Removed unused parameters from controller endpoints. | |
| Removed unused imports and parameter on controller base and resolver base. | |
| Removed unused imports of interceptors when all the methods on controllers and resolvers are public. | |
| Restructured the place of decorator on the controllers and resolvers. | |
Changed the methods names on dsg create-controller template to key on option map.
|
Generated Server 💾
| Issue | Description |
|---|---|
| Changed the auto cleanup time period, which happens after deployment, from 30 days to 14 days. | |
| Fixed the bug where public decorator in m2m is added to related entity instead of entity. |
CLI 🖥️
| Issue | Description |
|---|---|
Removed unused package @ockuf/test in CLI.
|
Amplication Client 👨💻
| Issue | Description |
|---|---|
| Improved the readability of the text in the Amplication client. | |
| Fixed the unnecessary padding dropdown has on Sync with Github screen. | |
| Fixed the wrong spacing and added missing hover effect on Create App screen. |
Dependencies ⚠️
| Issue | Description |
|---|---|
Upgraded the root dsg @nestjs/passport version to 8.2.1.
|
The complete list of all issues resolved in this release can be found on the 0.12.7 milestone on Github
Credits 👏
For this release, we had the help of many contributors – thank you all very much!
- @jainpawan21 💯
- @devblin 💯
- @abrl91 💯
- @achamorro-dev 💯
- @tupe12334 💯
- @souravjain540 💯