Skip to content

Commit

Permalink
fix: infinite recursion when injecting field selection for field-leve…
Browse files Browse the repository at this point in the history
…l permission check
  • Loading branch information
ymc9 committed May 15, 2024
1 parent 4cbfe8d commit 5441665
Show file tree
Hide file tree
Showing 17 changed files with 86 additions and 21 deletions.
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "zenstack-monorepo",
"version": "2.1.0",
"version": "2.1.1",
"description": "",
"scripts": {
"build": "pnpm -r build",
Expand Down
2 changes: 1 addition & 1 deletion packages/ide/jetbrains/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ plugins {
}

group = "dev.zenstack"
version = "2.1.0"
version = "2.1.1"

repositories {
mavenCentral()
Expand Down
2 changes: 1 addition & 1 deletion packages/ide/jetbrains/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "jetbrains",
"version": "2.1.0",
"version": "2.1.1",
"displayName": "ZenStack JetBrains IDE Plugin",
"description": "ZenStack JetBrains IDE plugin",
"homepage": "https://zenstack.dev",
Expand Down
2 changes: 1 addition & 1 deletion packages/language/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@zenstackhq/language",
"version": "2.1.0",
"version": "2.1.1",
"displayName": "ZenStack modeling language compiler",
"description": "ZenStack modeling language compiler",
"homepage": "https://zenstack.dev",
Expand Down
2 changes: 1 addition & 1 deletion packages/misc/redwood/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/redwood",
"displayName": "ZenStack RedwoodJS Integration",
"version": "2.1.0",
"version": "2.1.1",
"description": "CLI and runtime for integrating ZenStack with RedwoodJS projects.",
"repository": {
"type": "git",
Expand Down
2 changes: 1 addition & 1 deletion packages/plugins/openapi/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/openapi",
"displayName": "ZenStack Plugin and Runtime for OpenAPI",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack plugin and runtime supporting OpenAPI",
"main": "index.js",
"repository": {
Expand Down
2 changes: 1 addition & 1 deletion packages/plugins/swr/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/swr",
"displayName": "ZenStack plugin for generating SWR hooks",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack plugin for generating SWR hooks",
"main": "index.js",
"repository": {
Expand Down
2 changes: 1 addition & 1 deletion packages/plugins/tanstack-query/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/tanstack-query",
"displayName": "ZenStack plugin for generating tanstack-query hooks",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack plugin for generating tanstack-query hooks",
"main": "index.js",
"exports": {
Expand Down
2 changes: 1 addition & 1 deletion packages/plugins/trpc/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/trpc",
"displayName": "ZenStack plugin for tRPC",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack plugin for tRPC",
"main": "index.js",
"repository": {
Expand Down
3 changes: 3 additions & 0 deletions packages/plugins/trpc/tests/projects/t3-trpc-v10/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,9 @@
"@trpc/next": "^10.43.6",
"@trpc/react-query": "^10.43.6",
"@trpc/server": "^10.43.6",
"@zenstackhq/language": "file:../../../../../../.build/zenstackhq-language-2.1.0.tgz",
"@zenstackhq/runtime": "file:../../../../../../.build/zenstackhq-runtime-2.1.0.tgz",
"@zenstackhq/sdk": "file:../../../../../../.build/zenstackhq-sdk-2.1.0.tgz",
"next": "^14.0.4",
"react": "18.2.0",
"react-dom": "18.2.0",
Expand Down
2 changes: 1 addition & 1 deletion packages/runtime/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "@zenstackhq/runtime",
"displayName": "ZenStack Runtime Library",
"version": "2.1.0",
"version": "2.1.1",
"description": "Runtime of ZenStack for both client-side and server-side environments.",
"repository": {
"type": "git",
Expand Down
18 changes: 11 additions & 7 deletions packages/runtime/src/enhancements/policy/policy-utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -960,13 +960,9 @@ export class PolicyUtil extends QueryUtils {
* @returns
*/
injectReadCheckSelect(model: string, args: any) {
if (this.hasFieldLevelPolicy(model)) {
// recursively inject selection for fields needed for field-level read checks
const readFieldSelect = this.getReadFieldSelect(model);
if (readFieldSelect) {
this.doInjectReadCheckSelect(model, args, { select: readFieldSelect });
}
}
// we need to recurse into relation fields before injecting the current level, because
// injection into current level can result in relation being selected/included, which
// can then cause infinite recursion when we visit relation later

// recurse into relation fields
for (const [k, v] of Object.entries<any>(args.select ?? args.include ?? {})) {
Expand All @@ -975,6 +971,14 @@ export class PolicyUtil extends QueryUtils {
this.injectReadCheckSelect(field.type, v);
}
}

if (this.hasFieldLevelPolicy(model)) {
// recursively inject selection for fields needed for field-level read checks
const readFieldSelect = this.getReadFieldSelect(model);
if (readFieldSelect) {
this.doInjectReadCheckSelect(model, args, { select: readFieldSelect });
}
}
}

private doInjectReadCheckSelect(model: string, args: any, input: any) {
Expand Down
2 changes: 1 addition & 1 deletion packages/schema/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"publisher": "zenstack",
"displayName": "ZenStack Language Tools",
"description": "Build scalable web apps with minimum code by defining authorization and validation rules inside the data schema that closer to the database",
"version": "2.1.0",
"version": "2.1.1",
"author": {
"name": "ZenStack Team"
},
Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@zenstackhq/sdk",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack plugin development SDK",
"main": "index.js",
"scripts": {
Expand Down
2 changes: 1 addition & 1 deletion packages/server/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@zenstackhq/server",
"version": "2.1.0",
"version": "2.1.1",
"displayName": "ZenStack Server-side Adapters",
"description": "ZenStack server-side adapters",
"homepage": "https://zenstack.dev",
Expand Down
2 changes: 1 addition & 1 deletion packages/testtools/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@zenstackhq/testtools",
"version": "2.1.0",
"version": "2.1.1",
"description": "ZenStack Test Tools",
"main": "index.js",
"private": true,
Expand Down
58 changes: 58 additions & 0 deletions tests/regression/tests/issue-1451.test.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
import { loadSchema } from '@zenstackhq/testtools';

describe('issue 1452', () => {
it('regression', async () => {
const { prisma, enhance } = await loadSchema(
`
model User {
id String @id
memberships Membership[]
}
model Space {
id String @id
memberships Membership[]
}
model Membership {
userId String
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
spaceId String
space Space @relation(fields: [spaceId], references: [id], onDelete: Cascade)
role String @deny("update", auth() == user)
employeeReference String? @deny("read, update", space.memberships?[auth() == user && !(role in ['owner', 'admin'])])
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
@@id([userId, spaceId])
@@allow('all', true)
}
`,
{ logPrismaQuery: true }
);

await prisma.user.create({
data: { id: '1' },
});

await prisma.space.create({
data: { id: '1' },
});

await prisma.membership.create({
data: {
user: { connect: { id: '1' } },
space: { connect: { id: '1' } },
role: 'foo',
employeeReference: 'xyz',
},
});

const db = enhance({ id: '1' });
const r = await db.membership.findMany();
expect(r).toHaveLength(1);
expect(r[0].employeeReference).toBeUndefined();
});
});

0 comments on commit 5441665

Please sign in to comment.