Change default for isFilterable/isOrderable to true (#6707)

keystonejs · Oct 5, 2021 · 1f952fb · 1f952fb
1 parent 8614fd8
commit 1f952fb
Show file tree

Hide file tree

Showing 103 changed files with 1,256 additions and 290 deletions.
diff --git a/.changeset/late-zoos-turn.md b/.changeset/late-zoos-turn.md
@@ -0,0 +1,5 @@
+---
+'@keystone-next/auth': patch
+---
+
+Updated configuration error message.
diff --git a/.changeset/shaggy-yaks-jump.md b/.changeset/shaggy-yaks-jump.md
@@ -0,0 +1,5 @@
+---
+'@keystone-next/keystone': major
+---
+
+Changed the default for `defaultIsFilterable` and `defaultIsOrderable` from `false` to `true`. This means that all fields are filterable and orderable by default. Filtering can be disabled by setting either `defaultIsFilterable: false` at the list level, or `isFilterable: false` at the field level. Ordering can be disabled by setting either `defaultIsOrderable: false` at the list level, or `isOrderable: false` at the field level.
diff --git a/docs/pages/docs/apis/auth.mdx b/docs/pages/docs/apis/auth.mdx
@@ -42,7 +42,7 @@ export default withAuth(
     lists: {
       User: list({
         fields: {
-          email: text({ isIndexed: 'unique', isFilterable: true }),
+          email: text({ isIndexed: 'unique' }),
           password: password(),
           isAdmin: checkbox(),
         },
@@ -62,7 +62,7 @@ The `createAuth` function must be used in conjunction with a [session](./session
 The core functionality of the authentication system provides a GraphQL mutation to authenticate a user and then start a session, and a sign in page in the Admin UI.
 
 - `listKey`: The name of the list to authenticate against.
-- `identityField`: The name of the field to use as an identity field. This field must have `{ isIndexed: 'unique', isFilterable: true }` set.
+- `identityField`: The name of the field to use as an identity field. This field must have `{ isIndexed: 'unique' }` set.
 - `secretField`: The name of the field to use as a secret. This field must be a `password()` field type.
 
 ```typescript

diff --git a/docs/pages/docs/apis/fields.mdx b/docs/pages/docs/apis/fields.mdx
@@ -60,12 +60,12 @@ All options are optional.
 
 Options:
 
-- `isFilterable` (default: `false`): If `false` (default), the GraphQL API and admin UI will not support filtering by this field.
-  If `true`, the GraphQL API and Admin UI will support filtering by this field.
+- `isFilterable` (default: `true`): If `false`, the GraphQL API and admin UI will not support filtering by this field.
+  If `true` (default), the GraphQL API and Admin UI will support filtering by this field.
   If a function is provided, it will be evaluated dynamically each time this field is used as a filter in a GraphQL operation.
   If the function returns `false`, the operation will return an error indicating that filtering on this field is not allowed.
-- `isOrderable` (default: `false`): If `false` (default), the GraphQL API and admin UI will not support ordering by this field.
-  If `true`, the GraphQL API and Admin UI will support ordering by this field.
+- `isOrderable` (default: `true`): If `false`, the GraphQL API and admin UI will not support ordering by this field.
+  If `true` (default), the GraphQL API and Admin UI will support ordering by this field.
   If a function is provided, it will be evaluated dynamically each time this field is used as an ordering field in a GraphQL operation.
   If the function returns `false`, the operation will return an error indicating this ordering by this field is not allowed.
 - `access`: Defines the [Access Control](../guides/access-control) rules for the field.

diff --git a/docs/pages/docs/apis/filters.mdx b/docs/pages/docs/apis/filters.mdx
@@ -10,8 +10,6 @@ Each field type provides its own set of filters which can be used with [queries]
 This page lists all the filters available for each field type.
 For more details on how to use filters in queries please consult to the [GraphQL Queries - Filters](../guides/filters) guide.
 
-?> Filters are disabled by default as a security precaution. To enable the filters on a field, set the config option `{ isFilterable: true }`.
-
 ## Scalar types
 
 ### checkbox

diff --git a/docs/pages/docs/apis/graphql.mdx b/docs/pages/docs/apis/graphql.mdx
@@ -17,7 +17,7 @@ import { text } from '@keystone-next/keystone/fields';
 
 export default config({
   lists: {
-    User: list({ fields: { name: text({ isOrderable: true }) } }),
+    User: list({ fields: { name: text() } }),
   },
   /* ... */
 });

diff --git a/docs/pages/docs/apis/hooks.mdx b/docs/pages/docs/apis/hooks.mdx
@@ -278,16 +278,16 @@ export default config({
 
 The `afterOperation` function is used to perform side effects after the data has been saved to the database (for a `create` or `update` operation), or deleted from the database (for `delete` operations).
 
-| Argument       | Description                                                                                                                                                                                                |
-| :------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `listKey`      | The key of the list being operated on.                                                                                                                                                                     |
-| `fieldKey`     | The key of the field being operated on (field hooks only).                                                                                                                                                 |
-| `operation`    | The operation being performed (`'create'`, `'update'`, or `'delete'`).                                                                                                                                     |
-| `inputData`    | The value of `data` passed into the mutation. `undefined` for `delete` operations.                                                                                                                         |
+| Argument       | Description                                                                                                                                                                                               |
+| :------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `listKey`      | The key of the list being operated on.                                                                                                                                                                    |
+| `fieldKey`     | The key of the field being operated on (field hooks only).                                                                                                                                                |
+| `operation`    | The operation being performed (`'create'`, `'update'`, or `'delete'`).                                                                                                                                    |
+| `inputData`    | The value of `data` passed into the mutation. `undefined` for `delete` operations.                                                                                                                        |
 | `originalItem` | The original value of the item being updated or deleted, `undefined` for `create` operations. This object is an internal database item. [DB API](./db-items) for more details on internal database items. |
-| `item`         | The new value of the item being updated or created, `undefined` for `delete` operations. This object is an internal database item. [DB API](./db-items) for more details on internal database items.                                            |
-| `resolvedData` | A [`resolved data`](#resolved-data-stages) object. The resolved data value after all data resolver stages have been completed. `undefined` for `delete` operations.                           |
-| `context`      | The [`KeystoneContext`](./context) object of the originating GraphQL operation.                                                                                                                            |
+| `item`         | The new value of the item being updated or created, `undefined` for `delete` operations. This object is an internal database item. [DB API](./db-items) for more details on internal database items.      |
+| `resolvedData` | A [`resolved data`](#resolved-data-stages) object. The resolved data value after all data resolver stages have been completed. `undefined` for `delete` operations.                                       |
+| `context`      | The [`KeystoneContext`](./context) object of the originating GraphQL operation.                                                                                                                           |
 
 ```typescript
 import { config, list } from '@keystone-next/keystone';

diff --git a/docs/pages/docs/apis/schema.mdx b/docs/pages/docs/apis/schema.mdx
@@ -20,8 +20,8 @@ export default config({
       graphql: { /* ... */ },
       db: { /* ... */ },
       description: '...',
-      defaultIsFilterable: true,
-      defaultIsOrderable: true,
+      defaultIsFilterable: false,
+      defaultIsOrderable: false,
     }),
     /* ... */
   }),

diff --git a/docs/pages/docs/guides/filters.mdx b/docs/pages/docs/guides/filters.mdx
@@ -12,8 +12,6 @@ This guide will show you how to use filters to get data you need.
 
 !> The filter references in this guide are based on the schema defined in the [Task Manager](https://github.com/keystonejs/keystone/tree/master/examples/task-manager) example project.
 
-?> Filters are disabled by default as a security precaution. To enable the filters on a field, set the config option `{ isFilterable: true }`.
-
 ## Scalar Filters
 
 If we want to find all the `Tasks` in our system, we can use the query `tasks()`.

diff --git a/examples-staging/assets-cloud/schema.graphql b/examples-staging/assets-cloud/schema.graphql
@@ -70,6 +70,11 @@ input PostWhereInput {
   OR: [PostWhereInput!]
   NOT: [PostWhereInput!]
   id: IDFilter
+  title: StringFilter
+  status: PostStatusTypeNullableFilter
+  content: StringFilter
+  publishDate: DateTimeNullableFilter
+  author: AuthorWhereInput
 }
 
 input IDFilter {
@@ -83,8 +88,58 @@ input IDFilter {
   not: IDFilter
 }
 
+input StringFilter {
+  equals: String
+  in: [String!]
+  notIn: [String!]
+  lt: String
+  lte: String
+  gt: String
+  gte: String
+  contains: String
+  startsWith: String
+  endsWith: String
+  not: NestedStringFilter
+}
+
+input NestedStringFilter {
+  equals: String
+  in: [String!]
+  notIn: [String!]
+  lt: String
+  lte: String
+  gt: String
+  gte: String
+  contains: String
+  startsWith: String
+  endsWith: String
+  not: NestedStringFilter
+}
+
+input PostStatusTypeNullableFilter {
+  equals: PostStatusType
+  in: [PostStatusType!]
+  notIn: [PostStatusType!]
+  not: PostStatusTypeNullableFilter
+}
+
+input DateTimeNullableFilter {
+  equals: DateTime
+  in: [DateTime!]
+  notIn: [DateTime!]
+  lt: DateTime
+  lte: DateTime
+  gt: DateTime
+  gte: DateTime
+  not: DateTimeNullableFilter
+}
+
 input PostOrderByInput {
   id: OrderDirection
+  title: OrderDirection
+  status: OrderDirection
+  content: OrderDirection
+  publishDate: OrderDirection
 }
 
 enum OrderDirection {
@@ -158,17 +213,29 @@ type Author {
 
 input AuthorWhereUniqueInput {
   id: ID
+  email: String
 }
 
 input AuthorWhereInput {
   AND: [AuthorWhereInput!]
   OR: [AuthorWhereInput!]
   NOT: [AuthorWhereInput!]
   id: IDFilter
+  name: StringFilter
+  email: StringFilter
+  posts: PostManyRelationFilter
+}
+
+input PostManyRelationFilter {
+  every: PostWhereInput
+  some: PostWhereInput
+  none: PostWhereInput
 }
 
 input AuthorOrderByInput {
   id: OrderDirection
+  name: OrderDirection
+  email: OrderDirection
 }
 
 input AuthorUpdateInput {

diff --git a/examples-staging/assets-local/schema.graphql b/examples-staging/assets-local/schema.graphql
@@ -55,6 +55,11 @@ input PostWhereInput {
   OR: [PostWhereInput!]
   NOT: [PostWhereInput!]
   id: IDFilter
+  title: StringFilter
+  status: PostStatusTypeNullableFilter
+  content: StringFilter
+  publishDate: DateTimeNullableFilter
+  author: AuthorWhereInput
 }
 
 input IDFilter {
@@ -68,8 +73,58 @@ input IDFilter {
   not: IDFilter
 }
 
+input StringFilter {
+  equals: String
+  in: [String!]
+  notIn: [String!]
+  lt: String
+  lte: String
+  gt: String
+  gte: String
+  contains: String
+  startsWith: String
+  endsWith: String
+  not: NestedStringFilter
+}
+
+input NestedStringFilter {
+  equals: String
+  in: [String!]
+  notIn: [String!]
+  lt: String
+  lte: String
+  gt: String
+  gte: String
+  contains: String
+  startsWith: String
+  endsWith: String
+  not: NestedStringFilter
+}
+
+input PostStatusTypeNullableFilter {
+  equals: PostStatusType
+  in: [PostStatusType!]
+  notIn: [PostStatusType!]
+  not: PostStatusTypeNullableFilter
+}
+
+input DateTimeNullableFilter {
+  equals: DateTime
+  in: [DateTime!]
+  notIn: [DateTime!]
+  lt: DateTime
+  lte: DateTime
+  gt: DateTime
+  gte: DateTime
+  not: DateTimeNullableFilter
+}
+
 input PostOrderByInput {
   id: OrderDirection
+  title: OrderDirection
+  status: OrderDirection
+  content: OrderDirection
+  publishDate: OrderDirection
 }
 
 enum OrderDirection {
@@ -136,17 +191,29 @@ type Author {
 
 input AuthorWhereUniqueInput {
   id: ID
+  email: String
 }
 
 input AuthorWhereInput {
   AND: [AuthorWhereInput!]
   OR: [AuthorWhereInput!]
   NOT: [AuthorWhereInput!]
   id: IDFilter
+  name: StringFilter
+  email: StringFilter
+  posts: PostManyRelationFilter
+}
+
+input PostManyRelationFilter {
+  every: PostWhereInput
+  some: PostWhereInput
+  none: PostWhereInput
 }
 
 input AuthorOrderByInput {
   id: OrderDirection
+  name: OrderDirection
+  email: OrderDirection
 }
 
 input AuthorUpdateInput {

diff --git a/examples-staging/auth/schema.graphql b/examples-staging/auth/schema.graphql
@@ -61,7 +61,10 @@ input UserWhereInput {
   OR: [UserWhereInput!]
   NOT: [UserWhereInput!]
   id: IDFilter
+  name: StringFilter
   email: StringFilter
+  password: PasswordFilter
+  isAdmin: BooleanFilter
 }
 
 input IDFilter {
@@ -103,8 +106,20 @@ input NestedStringFilter {
   not: NestedStringFilter
 }
 
+input PasswordFilter {
+  isSet: Boolean!
+}
+
+input BooleanFilter {
+  equals: Boolean
+  not: BooleanFilter
+}
+
 input UserOrderByInput {
   id: OrderDirection
+  name: OrderDirection
+  email: OrderDirection
+  isAdmin: OrderDirection
 }
 
 enum OrderDirection {

diff --git a/examples-staging/auth/schema.ts b/examples-staging/auth/schema.ts
@@ -21,7 +21,7 @@ export const lists = {
       // The user's name
       name: text({ validation: { isRequired: true } }),
       // The user's email address, used as the identity field for auth
-      email: text({ isIndexed: 'unique', isFilterable: true, validation: { isRequired: true } }),
+      email: text({ isIndexed: 'unique', validation: { isRequired: true } }),
       // The user's password, used as the secret field for auth
       password: password({
         access: {