. . .

Version 3.2.1

Remarkable changes

Remarkable changes do not affect system stability after ApiOMat upgrade, but may require changes in configuration, apps, or modules in the next development cycle.

Server side attribute validation

When using a collection attribute, the regex as well as min and max length validation is now executed for each element of the collection instead of the collection as a whole.

This only affects you if you're using regex or min/max length values for validating attribute values. Existing data is not changed at all and neither the returned data when fetching objects. But when creating or updating objects the new validation rules are followed.

TypeScript SDK

toJson() method in AbstractClientDataModel was renamed to toJsonString()

toJson() will now return a JSON-Object of the AbstractClientDataModel with all of its data

Dynamic Roles

When using Dynamic Roles, the custom role check (a.k.a. overwritten isUserInRoles() method in Native Module) was not called for ApiOmat's Customer objects since 3.1.1 . Since 3.1.4 the custom role check is executed for Customers, again.

You may be affected, if you implemented your own isUserInRoles() method that should be called for Customer requests assumed that the role class is assigned to a MetaModel. The isUserInRoles() method will now be called for Customers credentials again, like it is supposed to.

AOM.checkRoles() method

The basic user roles have always been hierarchical, which means for example that a user with the grant role could also read and write the object, and a user with the write role could also read the object. AOM.checkRoles() didn't adhere to this hierarchy, but instead lead to an authorization error when for example a user had write permissions and wanted to read an object. This was fixed.

AOM.checkRoles() is usually only required when combining custom auth methods with existing basic user roles. If you're using this method and didn't take the role hierarchy into account, you should revise your auth handling.

Java

We switched from Oracle JDK 8 to AdoptOpenJDK 8.

On Windows, when installing the JDK with the ApiOmat installer, the JDK installation path was previously "C:\Java\jdk8" (independent of the exact version), and now it depends on the OpenJDK version, for example "C:\Java\jdk8u202-b08", with a slightly changed subdirectory structure.

To copy the old Java keystore to the new location you can run the following command (only necessary when you changed the keystore):

copy "C:\Java\jdk8\jre8\lib\security\cacerts" "C:\Java\jdk8u202-b08\jre\lib\security\cacerts"


All changes in the current and previous versions can be found at the root page.

All deprecations and their removal date can be found at Deprecations and Migration.

Changelog

Schlüssel

Zusammenfassung

S

Lösung

AOM-5606

Password change not effective until restart of yambas in cluster

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5559

Fix CSV export of resources for new StaticDataHooks usage

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5534

Predicates in userInRoles doesn't work with custom auth enabled

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5513

Yambas shuts down with error due to deregistered logging

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5498

Validation of collections should be done for its elements instead of for the collection object itself

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5494

Organizations should have full access to data of an app of one of its customers

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5493

[IOS][Swift] Adaptation SDK for Swift 5

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5490

Customer requests aren't checked by custom role check anymore

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5467

[iOS][Swift] Add possibility to use analytics

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5462

[CSV] Add createdAt Timestamp to CSV Export

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5461

[Analytics] Fix Customer deletion when Analytics is activated

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5452

[TypeScript] Add localforage sql.js driver to typeorm

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5443

Support Swift 5

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5413

Manual auth verification in a hook method doesn't work when using an OAuth token

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5411

[Redhat] Yambas Service restart leads to java.net.BindException 8080/8009

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5395

[TypeScript] transient class instances should be saved in the collection storage

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5377

[Android-SQLite, C#-SQLite, TypeScript] Protect against internal SQL Injections + improve query by limit and offset

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5354

Transient class delivers incomplete data on query

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5353

Add JavaDoc to public methods in native module base classes

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5332

Query with '+' gets decoded when using X-forwarded-proto header

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5312

[TypeScript] rename simpleName attribute to modelName

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5299

[Android] SQLite Check deletion of referenced objects

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5295

Misleading Access Denied Error message in Log

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5255

Give developer the possibility to disable classNameFilter in native modules findBy.. methods

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5232

Docker with consul based hazelcast not working because of wrong configuration

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5137

[TypeScript] Rename function toJson() to toJsonString()

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5102

Bulk operation improvements

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5075

Support for MongoDB 4.0

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5073

Foreign ID gets overwritten by ID before calling custom role check method when a single reference is overwritten

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5069

A PUT request without changed allowedRoles is seen as GRANT request

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4936

Change Owner of App Backend is not applied for Analytics

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4929

Update to AdoptOpenJDK 8

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4852

Multiple methods don't use the correct Role hierarchy

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4273

[Push] Extend documentation for using in NativeModules

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4043

[Swift] When loading a reference collection the query parameter should not be ignored

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-3845

[Android] Can't load reference collections when offline

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-3702

Forbid same name for module and class (of module)

images/jira.apiomat.com/secure/viewavatar.png

Fixed

Authentifizierung um Ihren Vorgang abzurufen

37 Vorgänge