feat: Allow setting createdAt and updatedAt during Parse.Object creation with maintenance key

[westhom]

Pull Request

• Report security issues confidentially.
• Any contribution is under this license.
• Link this pull request to an issue.

Issue

Closes: #7447

Approach

Allows client-specified createdAt and updatedAt during object creation when using maintenanceKey.

The benefits of this are discussed in the linked issue, but in summary this is really useful for backfilling data, where you want createdAt to match to pre-existing data.

Tasks

• Add tests

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant]

Thanks for opening this pull request!

[codecov]

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (3d6d50e) 94.31% compared to head (244950b) 94.31%.
Report is 1 commits behind head on alpha.

❗ Current head 244950b differs from pull request most recent head 9b777e6. Consider uploading reports for the commit 9b777e6 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##            alpha    #8696      +/-   ##
==========================================
- Coverage   94.31%   94.31%   -0.01%     
==========================================
  Files         186      186              
  Lines       14770    14780      +10     
==========================================
+ Hits        13931    13940       +9     
- Misses        839      840       +1     

Files	Coverage Δ
src/Options/Definitions.js	100.00% <ø> (ø)
src/Options/index.js	100.00% <ø> (ø)
src/RestWrite.js	94.95% <100.00%> (-0.08%)	⬇️

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[mtrezza]

This requires an option in Parse Server which is disabled by default. In most cases the developer has no control over the client, so if the client can set a custom createdAt field that means the field value cannot be trusted anymore as it may have been set by the client.

I also changed the PR title and included the field updatedAt as it seems to be set to the same manipulated date, so both fields cannot be trusted anymore. This needs to be disclosed as a warning in the Parse Server option documentation.

[westhom]

so if the client can set a custom createdAt field that means the field value cannot be trusted anymore as it may have been set by the client

Good point. I can see why this change wants to be behind an option flag. In most cases you would only want to switch it on temporarily while backfilling anyway.

Do you have recommended option name? I can make that corresponding change.

[mtrezza]

An alternative could be to enable this only using the maintenanceKey, which was created for purposes such as data migration:

⚠️ This key is not intended to be used as part of a regular operation of Parse Server. This key is intended to conduct out-of-band changes such as one-time migrations or data correction tasks. Internal fields are not officially documented and may change at any time without publication in release changelogs. We strongly advice not to rely on internal fields as part of your regular operation and to investigate the implications of any planned changes directly in the source code of your current version of Parse Server.

• https://parseplatform.org/parse-server/api/6.2.0/ParseServerOptions.html

This would have the advantage that objects with custom createdAt date can be created while the server is publicly accessible, without risking that someone may be creating objects with modified createdAt date while the Parse Server option is enabled. So it's also usable in a live environment.

I'm not sure we fully understand what it means to allow to manipulate these fields. createdAt and updatedAt are fields that - IIRC - are used internally in Parse client SDKs as part of some internal logic, e.g. to determine whether an object has been saved, etc. If the field is set manually (not by SDK or server), then we may introduce unintended side-effects. That's just my guess, I haven't looked into that.

That may be a good reason to restrict this functionality to the maintenanceKey. On the other hand createdAt and updatedAt may not exactly be "internal data" (which are fields that are completely inaccessible), so we'd need to refine the access scope definition.

• https://github.com/parse-community/parse-server#access-scopes

[westhom]

@mtrezza Thanks for your feedback. I've updated the REST module to allow setting createdAt / updatedAt with a maintenance key, added additional tests, and added a new "Object timestamps" classification to the Access Scopes table in the readme.

Functional summary:

• maintenanceKey can set createdAt on new objects
• maintenanceKey can also set updatedAt on new objects if createdAt is also specified, and if updatedAt >= createdAt

(Setting updatedAt without createdAt felt too undefined as behavior on object creation.)

One last consideration: do we want to enable this maintenance feature on object update too?

[westhom]

https://github.com/parse-community/parse-server/blob/47022999a3a112b793dfa79ccbdb7149618d7a7c/README.md?plain=1#L361C1-L363

Under the first Scope column, Internal could be renamed Maintenance, since that scope can act on both internal and timestamps (non-internal) data now.

[mtrezza]

Actually we could say that it's modifying an internal key, as _created_at is the internal key and createdAt is the external read-only representation of it. Same with _updated_at for updatedAt and _id for objectId. But that may get too confusing for developers, so maybe we should change the scope to "internal and read-only fields".

[mtrezza]

• The scope names (1st column) are not descriptions but terms that reference a specific access scope, and I think we are referencing them in other places, so I'd suggest we keep them as they are.
• For readers it may be unclear what "Object timestamps" are, so I've renamed this category to "Read only data", and added a footnote to spell out the individual fields. For example, objectId is also a read-only field, but not an "object timestamp"; if we allow to update it in the future, we can just amend the footnote.

Just as a side note: given that this is the maintenance key, we could also allow to write the createdAt and updatedAt fields for existing objects, not just on object creation. I just came across a use case for that. It's already possible using the databaseAdapter directly, but it would make more sense to allow the maintenance key to do it. Just saying this in case you have a use case for that and want to extend this PR.

[westhom]

@mtrezza The specs have been rewritten and ready for review.

[mtrezza]

I'm rerunning the CI, but it seems to be passing apart from the flaky tests. It would be good if someone from @parse-community/server could review this before we merge.

[mtrezza]

@dplewis If you have some time, your opinion on this PR would be much appreciated.

[mtrezza]

Looks good

[parseplatformorg]

🎉 This change has been released in version 6.4.0-alpha.4

[parseplatformorg]

🎉 This change has been released in version 6.5.0-beta.1

[parseplatformorg]

🎉 This change has been released in version 6.5.0-alpha.1

[parseplatformorg]

🎉 This change has been released in version 6.5.0

[parseplatformorg]

🎉 This change has been released in version 7.0.0

[Jakub-Plan-d-k]

Hello, I would like to use this feature on my local server to set up test data. I have an algorithm, which relies on cretedAt relative to now.
I can see that I need to set up maintenanceKey in server config, which I did, but how do I pass it to Parse.Object.saveAll()? I have also updated to v 7.0.0

[mtrezza]

@Jakub-Plan-d-k

• For help with Parse Platform we recommend our community forum or our community chat
• For general coding questions we recommend Stack Overflow using the parse-platform tag
• For network and server questions we recommend ServerFault using the parse-server tag