Skip to content

2.38.1 (LTS)

Latest
Latest
Compare
Choose a tag to compare
@bajtos bajtos released this 13 Mar 15:37
· 753 commits to master since this release
v2.38.1
45284c3

loopback 2.38.1 (LTS)

Improve "filter" arg description

Add an example showing how to serialize object values as JSON.

Fix creation of verification links

Fix User.prototype.verify to call querystring.stringify instead of concatenating query-string components directly.

In particular, this fixes the bug where options.redirect containing a hash fragment like #/home?arg1=value1&arg2=value2 produced incorrect URL, because the redirect value was not correctly encoded.

Include link to docs in logoutSessions warning

Make it easy for people encountering the long warning about "logoutSessionsOnSensitiveChanges" to find the relevant information in our documentation.

Preserve sessions on User.save() making no changes

Fix session-invalidation code to correctly recognize the case when User.save() was called but neither password nor email was changed.

Modify the code detecting whether logoutSessionsOnSensitiveChanges is enabled to correctly handle the case when the model is not attached to any application, as is the case with loopback-component-passport tests.

Fix logout to handle missing or unknown accessToken

Return 401 when the request does not provide any accessToken argument or the token was not found.

Also simplify the implementation of the logout method to make only a single database call (deleteById) instead of findById + delete.

Role model: resolve related models by name

Resolve models related to the Role model by name instead of class instance. This allows to use localRegistry in app without monkeypatching Role manually.

When loading the Role model into a custom registry (e.g. by setting localRegistry to true when instantiating the app object), static roles can not be resolved because the RoleMapping model used inside static methods (e.g. Role.isInRole()) is loaded into a different registry (i.e. loopback) and thus not attached to any dataSource. The patch changed code resolving models related to the Role model to use model name instead of a global model constructor, which leads to them being resolved from the same registry that Role is loaded in as well.

Fix User methods to use correct Primary Key

Do not use hard-coded "id" property name, call idName() to get the name of the PK property.

strong-remoting 2.33.0 (LTS)

See https://github.com/strongloop/strong-remoting/releases/tag/v2.33.0

Enable remote methods to be disabled by alias

Fix disableMethodByName method to allow callers to specify one of method aliases instead of the "canonical" name. For example, disable the method removeById by calling disableMethodByName('destroyById').

Fix content-type reported by the built-in error handler

When a remote method sets a custom content-type (e.g. image/jpeg) and then fails, the content-type is reset back to application/json now, in order to match the body contents.

Convert object query params to JSON in outgoing requests

When invoking a remote method via strong-remoting, fix the code building query string parameters to correctly handle edge cases like a deeply-nested empty-array value.

Consider the following invocation:

Model.find({where: {id: {inq: []}}})

Before the fix, an empty argument value was sent.

strong-remoting is sending the correct argument value now.

loopback-datasource-juggler 2.54.1 (LTS)

See https://github.com/strongloop/loopback-datasource-juggler/releases/tag/v2.54.1

Fix datasource to report connector-loading errors

When resolving full connector path, all errors used to be ignored. As a result, when the connector was installed but not correctly built (e.g. loopback-connector-db2 which uses a native addon), a very confusing message was reported by LoopBack.

We fixed the code handling require() errors to ignore only MODULE_NOT_FOUND errors that contain the name of the required module.

Assets 2