-
Notifications
You must be signed in to change notification settings - Fork 10.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FIX] 'Query' support for channels.list.joined, groups.list, groups.listAll, im.list #9424
Merged
Merged
Changes from all commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
36ce870
[REST API] Add query parameter to channels.list.joined, groups.list, …
xbolshe b5b0794
Add customFields from Room to Subscription to enable query
xbolshe b16bde5
Add customFields for Direct Messages of the calling user
xbolshe d9dfcd8
Propogate user's customFields changes to Direct Messages' Rooms
xbolshe 0f4da73
Merge branch 'develop' into develop
xbolshe File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it safe to just blindly pass query through?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@geekgonecrazy it's not exactly passing the query blindly. The function
parseJsonQueryhandles several cases and line 410 ensures that the calling user is only able to query their own...although I say that without trying it. @xbolshe what happens whenever someone passes the query with a nested property like the one the stringu._idis doing? For example,{ "u": { "_id": "other_users_id" } }?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@graywolf336 One string and nested string will have different actions as described here: https://stackoverflow.com/questions/16002659/how-to-query-nested-objects
Becase "u" has several fields inside, only nested "_id" will find no records at all:
But one string provides a records selection:
So, need to use all fields nested inside "u" like shown below:
Providing 2 different values for one field like "u._id" will cause a search of no records:
Answering on your question, one field cannot be equal at the same time to 2 different values.
If a value will be duplicated like shown below, a search will be performed:
So, only records belongs to this.userId will be searched for channels.list.joined.
I have tried to inherit constraints like this.userId applied before my changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
BTW: the last constraint's value overwrites the previous one:
So, 'u._id': this.userId shall be after 'query' as it's done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for looking into it in more depth! 👍