Skip to content

Commit 1a0267c

Browse files
abnegateabnegate
committed
Fix tenant scoping
1 parent 24f97a1 commit 1a0267c

1 file changed

Lines changed: 22 additions & 12 deletions

File tree

src/Database/Database.php

Lines changed: 22 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4185,11 +4185,15 @@ public function updateDocuments(string $collection, Document $updates, array $qu
41854185
$affectedDocuments
41864186
);
41874187

4188-
$skipAuth ? $authorization->skip($getResults) : $getResults();
4188+
$skipAuth
4189+
? $authorization->skip($getResults)
4190+
: $getResults();
41894191
});
41904192

41914193
foreach ($documents as $document) {
4192-
$this->purgeCachedDocument($collection->getId(), $document->getId());
4194+
$this->withTenant($document->getTenant(), function() use ($collection, $document) {
4195+
$this->purgeCachedDocument($collection->getId(), $document->getId());
4196+
});
41934197
}
41944198

41954199
if (count($affectedDocuments) < $batchSize) {
@@ -4661,16 +4665,18 @@ public function createOrUpdateDocumentsWithIncrease(
46614665
}
46624666

46634667
foreach ($documents as $key => $document) {
4664-
$old = Authorization::skip(fn () => $this->silent(fn () => $this->getDocument(
4665-
$collection->getId(),
4666-
$document->getId(),
4667-
[Query::select($selects)],
4668-
forUpdate: true
4669-
)));
4668+
$old = $this->withTenant($document->getTenant(), function() use ($collection, $document, $selects) {
4669+
return Authorization::skip(fn () => $this->silent(fn () => $this->getDocument(
4670+
$collection->getId(),
4671+
$document->getId(),
4672+
[Query::select($selects)],
4673+
forUpdate: true
4674+
)));
4675+
});
46704676

46714677
// If old is empty, check if user has create permission on the collection
46724678
// If old is not empty, check if user has update permission on the collection
4673-
// If old is not empty AND documentSecurity is enabled, we need to check if user has update permission on the collection or document
4679+
// If old is not empty AND documentSecurity is enabled, check if user has update permission on the collection or document
46744680

46754681
$validator = new Authorization(
46764682
$old->isEmpty() ?
@@ -4754,7 +4760,9 @@ public function createOrUpdateDocumentsWithIncrease(
47544760

47554761
$documents[$key] = $this->decode($collection, $document);
47564762

4757-
$this->purgeCachedDocument($collection->getId(), $document->getId());
4763+
$this->withTenant($document->getTenant(), function() use ($collection, $document) {
4764+
$this->purgeCachedDocument($collection->getId(), $document->getId());
4765+
});
47584766
}
47594767

47604768
$this->trigger(self::EVENT_DOCUMENTS_UPSERT, new Document([
@@ -5528,7 +5536,9 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
55285536
});
55295537

55305538
foreach ($affectedDocuments as $affectedDocument) {
5531-
$this->purgeCachedDocument($collection->getId(), $affectedDocument->getId());
5539+
$this->withTenant($affectedDocument->getTenant(), function () use ($collection, $affectedDocument) {
5540+
$this->purgeCachedDocument($collection->getId(), $affectedDocument->getId());
5541+
});
55325542
}
55335543

55345544
if (count($affectedDocuments) < $batchSize) {
@@ -5580,8 +5590,8 @@ public function purgeCachedCollection(string $collectionId): bool
55805590
*
55815591
* @param string $collectionId
55825592
* @param string $id
5583-
*
55845593
* @return bool
5594+
* @throws Exception
55855595
*/
55865596
public function purgeCachedDocument(string $collectionId, string $id): bool
55875597
{

0 commit comments

Comments
 (0)