Add records limit count per namespace

Author: KinyaElGrande

locale/en/corteza-server/compose/record.yaml

@@ -22,3 +22,4 @@ errors:
   staleData: stale data
   unknownBulkOperation: unknown bulk operation {bulkOperation}
   valueInput: invalid record value input
+  maxRecordsReached: maximum number of records per namespace reached

server/.env.example

@@ -33,7 +33,7 @@
 
 ###############################################################################
 # Allow insecure (invalid, expired TLS/SSL certificates) connections.
-#
+# 
 # [IMPORTANT]
 # ====
 # We strongly recommend keeping this value set to false except for local development or demos.
@@ -203,7 +203,7 @@
 
 ###############################################################################
 # Password for the web console endpoint. When running in dev environment, password is not required.
-#
+# 
 # Corteza intentionally sets default password to random chars to prevent security incidents.
 # Type:    string
 # Default: <no value>
@@ -290,7 +290,7 @@
 # Email sending
 #
 # Configure your local SMTP server or use one of the available providers.
-#
+# 
 # These values are copied to settings when the server starts and can be managed from the administration console.
 # We recommend you remove these values after they are copied to settings.
 # If server detects difference between these options and settings, it shows a warning in the log on server start.
@@ -430,7 +430,7 @@
 
 ###############################################################################
 # Password security allows you to disable constraints to which passwords must conform to.
-#
+# 
 # [CAUTION]
 # ====
 # Disabling password security can be useful for development environments as it removes the need for complex passwords.
@@ -442,12 +442,12 @@
 
 ###############################################################################
 # Algoritm to be use for JWT signature.
-#
+# 
 # Supported valus:
 #  - HS256, HS384, HS512
 #  - PS256, PS384, PS512,
 #  - RS256, RS384, RS512
-#
+# 
 # Provide shared secret string for HS256, HS384, HS512 and full private key or path to the file PS* and RS* algorithms.
 # Type:    string
 # Default: HS512
@@ -456,7 +456,7 @@
 ###############################################################################
 # Secret used for signing JWT tokens.
 # Value is used only when HS256, HS384 or HS512 algorithm is used.
-#
+# 
 # [IMPORTANT]
 # ====
 # If secret is not set, system auto-generates one from DB_DSN and HOSTNAME environment variables.
@@ -480,23 +480,23 @@
 
 ###############################################################################
 # Lifetime of the refresh token. Should be much longer than lifetime of the access token.
-#
+# 
 # Refresh tokens are used to exchange expired access tokens with new ones.
 # Type:    time.Duration
 # Default: 72h
 # AUTH_OAUTH2_REFRESH_TOKEN_LIFETIME=72h
 
 ###############################################################################
 # Redirect URL to be sent with OAuth2 authentication request to provider
-#
+# 
 # `provider` placeholder is replaced with the actual value when used.
 # Type:    string
 # Default: <no value>
 # AUTH_EXTERNAL_REDIRECT_URL=<no value>
 
 ###############################################################################
 # Secret used for securing cookies
-#
+# 
 # [IMPORTANT]
 # ====
 # If secret is not set, system auto-generates one from DB_DSN and HOSTNAME environment variables.
@@ -539,21 +539,21 @@
 
 ###############################################################################
 # Maximum time user is allowed to stay idle when logged in without "remember-me" option and before session is expired.
-#
+# 
 # Recomended value is between an hour and a day.
-#
+# 
 # [IMPORTANT]
 # ====
 # This affects only profile (/auth) pages. Using applications (admin, compose, ...) does not prolong the session.
 # ====
-#
+# 
 # Type:    time.Duration
 # Default: 24h
 # AUTH_SESSION_LIFETIME=24h
 
 ###############################################################################
 # Duration of the session in /auth lasts when user logs-in with "remember-me" option.
-#
+# 
 # If set to 0, "remember-me" option is removed.
 # Type:    time.Duration
 # Default: 8640h
@@ -580,7 +580,7 @@
 
 ###############################################################################
 # Secret used for securing CSRF protection
-#
+# 
 # [IMPORTANT]
 # ====
 # If secret is not set, system auto-generates one from DB_DSN and HOSTNAME environment variables.
@@ -610,19 +610,19 @@
 
 ###############################################################################
 # Handle for OAuth2 client used for automatic redirect from /auth/oauth2/go endpoint.
-#
+# 
 # This simplifies configuration for OAuth2 flow for Corteza Web applications as it removes
 # the need to suply redirection URL and client ID (oauth2/go endpoint does that internally)
-#
+# 
 # Type:    string
 # Default: corteza-webapp
 # AUTH_DEFAULT_CLIENT=corteza-webapp
 
 ###############################################################################
 # Path to js, css, images and template source files
-#
+# 
 # When corteza starts, if path exists it tries to load template files from it.
-#
+# 
 # When empty path is set (default value), embedded files are used.
 # Type:    string
 # Default: <no value>
@@ -631,7 +631,7 @@
 ###############################################################################
 # When enabled, corteza reloads template before every execution.
 # Enable this for debugging or when developing auth templates.
-#
+# 
 # Should be disabled in production where templates do not change between server restarts.
 # Type:    bool
 # Default: <no value>
@@ -640,7 +640,7 @@
 ###############################################################################
 # When set, Corteza creates one or more users with the configured values using provided email as a password.
 # It skips existing (email, handle). All new users are assigned to all bypass roles.
-#
+# 
 # When set in production, Corteza stops and reports an error
 # Type:    string
 # Default: <no value>
@@ -810,6 +810,12 @@
 # Default: <no value>
 # LIMIT_SYSTEM_USERS=<no value>
 
+###############################################################################
+# Maximum number of records per namespace
+# Type:    int
+# Default: <no value>
+# LIMIT_RECORD_COUNT_PER_NAMESPACE=<no value>
+
 ###############################################################################
 ###############################################################################
 # locale
@@ -818,16 +824,16 @@
 ###############################################################################
 # List of compa delimited languages (language tags) to enable.
 # In case when an enabled language can not be loaded, error is logged.
-#
+# 
 # When loading language configurations (config.xml) from the configured path(s).
-#
+# 
 # Type:    string
 # Default: en
 # LOCALE_LANGUAGES=en
 
 ###############################################################################
 # 	One or more paths to locale config and translation files, separated by colon
-#
+# 
 # 	When with LOCALE_DEVELOPMENT_MODE=true, default value for path is ../../locale
 # Type:    string
 # Default: <no value>
@@ -837,7 +843,7 @@
 # Name of the query string parameter used to pass the language tag (it overrides Accept-Language header).
 # Set it to empty string to disable detection from the query string.
 # This parameter is ignored if only one language is enabled
-#
+# 
 # Type:    string
 # Default: lng
 # LOCALE_QUERY_STRING_PARAM=lng
@@ -868,57 +874,57 @@
 
 ###############################################################################
 # Disables json format for logging and enables more human-readable output with colors.
-#
+# 
 # Disable for production.
-#
+# 
 # Type:    bool
 # Default: <no value>
 # LOG_DEBUG=<no value>
 
 ###############################################################################
 # Minimum logging level. If set to "warn",
 # Levels warn, error, dpanic panic and fatal will be logged.
-#
+# 
 # Recommended value for production: warn
-#
+# 
 # Possible values: debug, info, warn, error, dpanic, panic, fatal
-#
+# 
 # Type:    string
 # Default: warn
 # LOG_LEVEL=warn
 
 ###############################################################################
 # Log filtering rules by level and name (log-level:log-namespace).
 # Please note that level (LOG_LEVEL) is applied before filter and it affects the final output!
-#
+# 
 # Leave unset for production.
-#
+# 
 # Example:
 # `warn+:* *:auth,workflow.*`
 # Log warnings, errors, panic, fatals. Everything from auth and workflow is logged.
-#
-#
+# 
+# 
 # See more examples and documentation here: https://github.com/moul/zapfilter
-#
+# 
 # Type:    string
 # Default: <no value>
 # LOG_FILTER=<no value>
 
 ###############################################################################
 # Set to true to see where the logging was called from.
-#
+# 
 # Disable for production.
-#
+# 
 # Type:    bool
 # Default: <no value>
 # LOG_INCLUDE_CALLER=<no value>
 
 ###############################################################################
 # Include stack-trace when logging at a specified level or below.
 # Disable for production.
-#
+# 
 # Possible values: debug, info, warn, error, dpanic, panic, fatal
-#
+# 
 # Type:    string
 # Default: dpanic
 # LOG_STACKTRACE_LEVEL=dpanic
@@ -1013,11 +1019,11 @@
 #
 # Provisioning allows you to configure a {PRODUCT_NAME} instance when deployed.
 # It occurs automatically after the {PRODUCT_NAME} server starts.
-#
+# 
 # [IMPORTANT]
 # ====
 # We recommend you to keep provisioning enabled as it simplifies version updates by updating the database and updating settings.
-#
+# 
 # If you're doing local development or some debugging, you can disable this.
 # ====
 #
@@ -1043,7 +1049,7 @@
 # ====
 # These parameters help in the development and testing process.
 # When you are deploying to production, these should be disabled to improve performance and reduce storage usage.
-#
+# 
 # You should configure external services such as Sentry or ELK to keep track of logs and error reports.
 # ====
 #
@@ -1149,7 +1155,7 @@
 # Delay system startup
 #
 # You can configure these options to defer API execution until another external (HTTP) service is up and running.
-#
+# 
 # [ TIP ]
 # ====
 # Delaying API execution can come in handy in complex setups where execution order is important.
@@ -1173,7 +1179,7 @@
 ###############################################################################
 # Space delimited list of hosts and/or URLs to probe.
 #     Host format: `host` or `host:443` (port will default to 80).
-#
+# 
 # [NOTE]
 # ====
 # Services are probed in parallel.