Skip to content

Defer inline checks when processing relationships #3040

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Defer inline checks when processing relationships #3040

wants to merge 2 commits into from

Conversation

@justin-tay
Copy link
Collaborator

Resolves #2986

Description

This defers inline checks in the ActivePermissionExecutor when processing relationships.

  • Added a deferInlineChecks variable in the RequestScope
  • Modified ActivePermissionExecutor to also take into consideration the deferInlineChecks variable
  • Modified JsonApiAtomicOperations and JsonApiJsonPatch to set defer inline checks to true when post processing relationships.

Motivation and Context

Previously it was possible for two separate consecutive updates to succeed but when the same updates were bundled into a atomic operation or json patch request were failing due to permissions checks.

How Has This Been Tested?

Added the appropriate tests.

License

I confirm that this contribution is made under an Apache 2.0 license and that I have the authority necessary to make this contribution on behalf of its copyright owner.

@justin-tay justin-tay requested a review from aklish July 25, 2023 08:05
@justin-tay
Copy link
Collaborator Author

I think the build test failure might be transient as I can't seem to replicate the failure of example.tests.AsyncTest locally.

@moizarafat
Copy link
Collaborator

I think the build test failure might be transient as I can't seem to replicate the failure of example.tests.AsyncTest locally.

restarted the build

aklish
aklish requested changes Aug 26, 2023
View reviewed changes
Copy link
Member

@aklish aklish left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See earlier comment in the issue. I don't think we can safely defer inline READ checks for any mutation operations.

@justin-tay justin-tay marked this pull request as draft August 27, 2023 04:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aklish aklish aklish requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

JSON Patch Operation Read Permission Issue

3 participants

@justin-tay @moizarafat @aklish