Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Can't save new objects in CloudCode triggers when directAccess=true using Postgres #7714

Open
4 tasks done
cbaker6 opened this issue Nov 22, 2021 · 7 comments
Open
4 tasks done
Labels
type:question Support or code-level question

Comments

@cbaker6
Copy link
Contributor

cbaker6 commented Nov 22, 2021

New Issue Checklist

Issue Description

#6636 sets directAccess=true by default and seems to have introduced a breaking change that is prevalent saving a new object in a afterFind trigger using the masterKey on postgres. When I add a row in the Dashboard with alpha.3, I have the same issue.

I've tracked it to this PR 7593 and it's related issue #7579. 5.0.0-alpha.1 works for me, 5.0.0-alpha.2 I haven't tested yet, but it only adds a GraphQL change which I'm not using. Leaving PR 7597 in which my servers don't work anymore for 5.0.0-alpha.3. I've also tested beta.3 and the issue is still there.

Note, this completely crashes the server. Basically, when directAccess=true it can crash postgres in cloud code functions when saving a new object in cloud code (mongo works and the logs above are still relevant). This issue doesn't occur on my deployed servers that are reversed proxied and have an actual public URL. My initial thinking is useMasterKey may not be passed as I see the issue when triggering afterFind when clicking on a Parse class in the dashboard. This still needs some more investigation. I'm using the Swift SDK, but Query.and is implemented like the rest of the Client SDKs, so this a major breaking change. In addition, skimming the additions in this PR, I highly doubt the server wasn't handling $and before this PR. If I remove the code that uses triggers (see logs below), none of my client side queries work correctly because of the additions in 7593.

I'm using https://github.com/Blackburn-Labs/parse-auditor/ which audits and uses the CloudCode afterFind here: https://github.com/Blackburn-Labs/parse-auditor/blob/fc546406414b9408e8c84cb3dd20125fdc57753d/src/index.js#L69-L74. This has worked for earlier versions of ParseServer < 4.4.0 all the way up to alpha.1 (I didn't test 2).

Problem occurs on Postgres, seems to be working on Mongo.

Steps to reproduce

Login with a user and perform queries afterFind.

I'm still looking into how to replicate the problem as a test case.

Actual Outcome

Server crashes with the logs below.

It seems, the change in the linked PR causes the a problem around here:

switch (schema.fields[fieldName].type) {

Expected Outcome

No crashing when directAccess=true and for the new object created in the trigger to be saved to the server.

Environment

Server

  • Parse Server version: 5.0.0.alpha.3 and tested 5.0.0.beta.3
  • Operating system: Linux
  • Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc): Local docker

Database

  • System (MongoDB or Postgres): Postgres
  • Database version: Postgres 13
  • Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc): Local

Client

  • SDK (iOS, Android, JavaScript, PHP, Unity, etc): Swift SDK, Also tried in the Dashboard (crashes when I add a row)
  • SDK version: 2.0.0 - 2.2.6

Workaround

Set directAccess=false when configuring your server.

Logs

parse-hipaa-parse-1      | info: afterSave triggered for _User for user undefined:
parse-hipaa-parse-1      |   Input: {"authData":{"anonymous":{"id":"9601869f-2eef-4fff-8519-690a422310fa"}},"ACL":{"*":{"read":true,"write":false},"aAnt8JX15Q9vjix6kGdZgjRQWm5QGrPY":{"read":true,"write":true}},"createdAt":"2021-11-22T22:21:46.478Z","username":"YBBMbganzC1KGlFhhKXWFRjNn","sessionToken":"r:97d78ad4fac78246134dc96ed8c08cac","updatedAt":"2021-11-22T22:21:46.478Z","objectId":"aAnt8JX15Q9vjix6kGdZgjRQWm5QGrPY"}
parse-hipaa-parse-1      |   Result: undefined {"className":"_User","triggerType":"afterSave"}
parse-hipaa-parse-1      | /parse-server/lib/ParseServer.js:258
parse-hipaa-parse-1      |           throw err;
parse-hipaa-parse-1      |           ^
parse-hipaa-parse-1      | 
parse-hipaa-parse-1      | TypeError: Cannot read properties of undefined (reading 'type')
parse-hipaa-parse-1      |     at /parse-server/lib/Adapters/Storage/Postgres/PostgresStorageAdapter.js:1344:40
parse-hipaa-parse-1      |     at Array.forEach (<anonymous>)
parse-hipaa-parse-1      |     at PostgresStorageAdapter.createObject (/parse-server/lib/Adapters/Storage/Postgres/PostgresStorageAdapter.js:1303:25)
parse-hipaa-parse-1      |     at /parse-server/lib/Controllers/DatabaseController.js:782:29
parse-hipaa-parse-1      |     at processTicksAndRejections (node:internal/process/task_queues:96:5)
parse-hipaa-parse-1 exited with code 7

Enabling verbose and using Postgres:

parse-hipaa-parse-1      | verbose: REQUEST for [GET] /parse/classes/_User: {
parse-hipaa-parse-1      |   "where": {},
parse-hipaa-parse-1      |   "limit": 200,
parse-hipaa-parse-1      |   "order": "-createdAt"
parse-hipaa-parse-1      | } {"method":"GET","url":"/parse/classes/_User","headers":{"host":"localhost:1337","content-type":"text/plain","origin":"http://localhost:4040","accept-encoding":"gzip, deflate","connection":"keep-alive","accept":"*/*","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15","referer":"http://localhost:4040/","content-length":"253","accept-language":"en-US,en;q=0.9"},"body":{"where":{},"limit":200,"order":"-createdAt"}}
parse-hipaa-parse-1      | info: afterFind triggered for _User for user undefined:
parse-hipaa-parse-1      |   Input: "AfterFind"
parse-hipaa-parse-1      |   Result: "[{\"objectId\":\"HU0tDkfarECUNFhISewoJTwFEyPpzxL5\",\"createdAt\":\"2021-11-22T23:54:00.615Z\",\"updatedAt\":\"2021-11-22T23:54:00.615Z\",\"username\":\"Hello\",\"ACL\":{\"*\":{\"read\":true},\"HU0tDkfarECUNFhISewoJTwFEyPpzxL5\":{\"read\":true,\"write\":true}}}]" {"className":"_User","triggerType":"afterFind"}
parse-hipaa-parse-1      | info: afterFind triggered for _User for user undefined:
parse-hipaa-parse-1      |   Input: "[{\"createdAt\":\"2021-11-22T23:54:00.615Z\",\"updatedAt\":\"2021-11-22T23:54:00.615Z\",\"username\":\"Hello\",\"ACL\":{\"*\":{\"read\":true},\"HU0tDkfarECUNFhISewoJTwFEyPpzxL5\":{\"read\":true,\"write\":true}},\"objectId\":\"HU0tDkfarECUNFhISewoJTwFEyPpzxL5\"}]" {"className":"_User","triggerType":"afterFind"}
parse-hipaa-parse-1      | verbose: RESPONSE from [GET] /parse/classes/_User: {
parse-hipaa-parse-1      |   "response": {
parse-hipaa-parse-1      |     "results": [
parse-hipaa-parse-1      |       {
parse-hipaa-parse-1      |         "createdAt": "2021-11-22T23:54:00.615Z",
parse-hipaa-parse-1      |         "updatedAt": "2021-11-22T23:54:00.615Z",
parse-hipaa-parse-1      |         "username": "Hello",
parse-hipaa-parse-1      |         "ACL": {
parse-hipaa-parse-1      |           "*": {
parse-hipaa-parse-1      |             "read": true
parse-hipaa-parse-1      |           },
parse-hipaa-parse-1      |           "HU0tDkfarECUNFhISewoJTwFEyPpzxL5": {
parse-hipaa-parse-1      |             "read": true,
parse-hipaa-parse-1      |             "write": true
parse-hipaa-parse-1      |           }
parse-hipaa-parse-1      |         },
parse-hipaa-parse-1      |         "objectId": "HU0tDkfarECUNFhISewoJTwFEyPpzxL5"
parse-hipaa-parse-1      |       }
parse-hipaa-parse-1      |     ]
parse-hipaa-parse-1      |   }
parse-hipaa-parse-1      | } {"result":{"response":{"results":[{"createdAt":"2021-11-22T23:54:00.615Z","updatedAt":"2021-11-22T23:54:00.615Z","username":"Hello","ACL":{"*":{"read":true},"HU0tDkfarECUNFhISewoJTwFEyPpzxL5":{"read":true,"write":true}},"objectId":"HU0tDkfarECUNFhISewoJTwFEyPpzxL5"}]}}}
parse-hipaa-parse-1      | /parse-server/lib/ParseServer.js:258
parse-hipaa-parse-1      |           throw err;
parse-hipaa-parse-1      |           ^
parse-hipaa-parse-1      | 
parse-hipaa-parse-1      | TypeError: Cannot read properties of undefined (reading 'type')
parse-hipaa-parse-1      |     at /parse-server/lib/Adapters/Storage/Postgres/PostgresStorageAdapter.js:1344:40
parse-hipaa-parse-1      |     at Array.forEach (<anonymous>)
parse-hipaa-parse-1      |     at PostgresStorageAdapter.createObject (/parse-server/lib/Adapters/Storage/Postgres/PostgresStorageAdapter.js:1303:25)
parse-hipaa-parse-1      |     at /parse-server/lib/Controllers/DatabaseController.js:782:29
parse-hipaa-parse-1      |     at processTicksAndRejections (node:internal/process/task_queues:96:5)
parse-hipaa-parse-1 exited with code 7
@parse-github-assistant
Copy link

parse-github-assistant bot commented Nov 22, 2021

Thanks for opening this issue!

  • 🚀 You can help us to fix this issue faster by opening a pull request with a failing test. See our Contribution Guide for how to make a pull request, or read our New Contributor's Guide if this is your first time contributing.

@cbaker6 cbaker6 changed the title Server no longer working for me beginning in 5.0.0-alpha.3 CloudCode hooks no longer working properly in Postgres since 5.0.0-alpha.3 Nov 23, 2021
@cbaker6 cbaker6 changed the title CloudCode hooks no longer working properly in Postgres since 5.0.0-alpha.3 CloudCode triggers no longer working properly in Postgres since 5.0.0-alpha.3 Nov 23, 2021
@mtrezza mtrezza added severity:high type:bug Impaired feature or lacking behavior that is likely assumed labels Nov 24, 2021
@mtrezza
Copy link
Member

mtrezza commented Nov 24, 2021

Could you please open a PR with a failing test to demonstrate the issue? The test should not have any DB type exclusion, i.e. it should be for Postgres and MongoDB. This looks like a major issue that we should fix urgently before 5.0 release.

@cbaker6
Copy link
Contributor Author

cbaker6 commented Nov 24, 2021

It seems this was a false alarm as there was a deprecation warning related to promises the server was giving me pre-alpha 3 that I was missing. My guess is, beginning ~alpha-2/3 the warning switched to throwing an error which is what began crashing my server. I simply removed my code that created the warning in the first place. Sorry about this...

Related to PR 7593, I did find some minor issues with the placement of the test case (it's placed in an sendEmail test along with some incorrect variable names that are probably left over from a copy/paste in the DatabaseController. I'll submit a PR to clean up the code shortly.

@cbaker6
Copy link
Contributor Author

cbaker6 commented Nov 24, 2021

@dplewis @mtrezza So I think I'm closer to where the issue actually is. It's related to the changes in directAccess. Basically, when this is enabled it can crash postgres in cloud code functions when saving a new object in cloud code (mongo works and the logs above are still relevant). This issue doesn't occur on my deployed servers that are reversed proxied and have an actual public URL. My initial thinking is useMasterKey may not be passed as I see the issue when triggering afterFind when clicking on a Parse class in the dashboard. This still needs some more investigation.

I haven’t tried it yet, but I think this can be replicated by turning on directAcess in the CloudCode.spec. I’m thinking a number of tests will fail when directAccess is enabled.

The remedy is to set directAccess=false when running into this situation.

@mtrezza
Copy link
Member

mtrezza commented Nov 25, 2021

Can you please open a new issue for this? It sounds quite different to what you described originally which you said was a "false alarm". It sounds like a bug with at least high severity. I'll go ahead and close this issue.

@mtrezza mtrezza closed this as completed Nov 25, 2021
@mtrezza mtrezza added type:question Support or code-level question and removed type:bug Impaired feature or lacking behavior that is likely assumed severity:high labels Nov 25, 2021
@cbaker6
Copy link
Contributor Author

cbaker6 commented Nov 25, 2021

It’s the same exact issue as I originally described. The false alarm was blaming the PR I originally blamed. Everything I reported is still the same, it occurs when directAccess=true. So it doesn’t make sense to open a different issue

@cbaker6 cbaker6 changed the title CloudCode triggers no longer working properly in Postgres since 5.0.0-alpha.3 CloudCode triggers no longer working properly in Postgres when directAccess=true Nov 25, 2021
@cbaker6 cbaker6 changed the title CloudCode triggers no longer working properly in Postgres when directAccess=true Can't save new objects in CloudCode triggers when directAccess=true using Postgres Nov 25, 2021
@mtrezza
Copy link
Member

mtrezza commented Nov 25, 2021

I see that you have edited your issue description instead of creating a new one, I will open this issue again.

@mtrezza mtrezza reopened this Nov 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type:question Support or code-level question
Projects
None yet
Development

No branches or pull requests

2 participants