This package is used to simulate transactions (at the application level) for Mongo.
Although this package aims to improve the overall data integrity of your app, do not use it to write banking applications or anything like that. Seriously, don't.
Note: because this package attempts to implement something similar to a mongo 2-phase commit, it makes more than twice the usual number of db writes, which has server load implications.
A transaction can be a single action (insert, update or remove) on a single document, or a set of different actions across different documents.
An example app is up at http://transactions.meteor.com/. Github repo for the example app.
meteor add babrahams:transactions
The package exposes an object called tx which has all the methods you need to get transactions going.
You can make writes using an options hash with {tx: true} in it, as shown below, to make them part of a transaction (note that upsert is not supported):
Instead of:
Posts.insert({text: "My post"});
write:
Posts.insert({text: "My post"}, {tx: true});
Instead of:
Posts.update({_id: post_id}, {$set: {text: "My improved post"}});
write:
Posts.update({_id: post_id}, {$set: {text: "My improved post"}}, {tx: true});
Instead of:
Posts.remove({_id: post_id});
write:
Posts.remove({_id: post_id}, {tx: true});
The examples above will automatically start a transaction and automatically commit the transaction.
If you want a transaction that encompasses actions on several documents, you need to explictly start and commit the transaction:
tx.start("delete post");
Posts.remove({_id: post_id}, {tx: true});
Comments.find({post_id: post_id}).forEach(function (comment) {
Comments.remove({_id: comment._id}, {tx: true});
});
tx.commit();
Note that each comment has to be removed independently. Transactions don't support {multi: true}.
-
Although those look like mongo selectors in the
Posts.updateandPosts.removeexamples above, they're really not. This package is only looking for an_idfield in the object passed as the first parameter -- no other fields in the object are taken into account. -
Logging is on by default. It's quite handy for debugging. You can turn if off by setting
tx.logging = false;. Messages are logged to the console by default -- if you want to handle the logging yourself, you can overwritetx.logas follows:tx.log = function (message) { // Your own logging logic here } -
To run all actions through your own custom permission check, write a function as follows:
tx.checkPermission = function (action, collection, doc, modifier) { // Your permission check logic here };The parameters your function receives are as follows:
actionwill be a string - either "insert", "update" or "remove"collectionwill be the actual Meteor collection instance - you can query it if you need todocwill be the document in questionmodifierwill be the modifier used for an update action (this will benullfor "insert" or "remove" actions)
If your
tx.checkPermissionfunction returns a falsey value, the current transaction will be cancelled and rolled back. Make sure you overwritetx.checkPermissionin a production app -- it is completely permissive by default.
It's important to understand the following points before deciding whether babrahams:transactions will be the right package for your app:
-
It creates a collection called
transactionsin mongodb (or whatever you like, if you setMeteor.settings.transactionsCollectionvia asettings.jsonfile). The Meteor collection for this is exposed viatx.Transactionsnot just as plainTransactions. -
It queues all the actions you've called in a single
tx.start() ... tx.commit()block, doing permission checks as it goes. If a forbidden action (i.e. wheretx.checkPermissionreturnsfalse) is added to the queue, it will not execute any of the actions previously queued. It will clear the queue and wait for the next transaction to begin. This queue is created by monkey-patching theinsert,updateandremovemethods ofMongo.Collectioninstances so that these db mutator calls are intercepted and not executed until this package has done its thing (much likealdeed:collection2). And, yes, this need for monkey-patching is unfortunate, but it has to be addressed in Meteor core. -
Once permission checking is complete, it executes the actions in the order they were queued. If an error is caught, it will roll back all actions that have been executed so far and will not execute any further actions. The queue will be cleared and it will wait for the next transaction.
-
You can specify a few options in the third parameter of the
tx.insertandtx.removecalls (fourth parameter oftx.update). One of these is the "instant" option:Posts.remove({_id: post._id}, {tx: true, instant: true});. The effect of this is that the action on the document is taken instantly, not queued for later execution. (If a roll back is later found to be required, the action will be un-done.) This is useful if subsequent updates to other documents (in the same transaction) are based on calculations that require the first document to be changed already (e.g removed from the collection). For example, in a RPG where a new player gets a few items by default:tx.start('add new player'); var newPlayerId = Players.insert({name: "New player"}, {tx: true, instant: true}); // Instant because we need to use the new _id value returned by Players.insert var newPlayerDefaultItems = [ {name: "Sword", type: "weapon", attack: 5}, {name: "Shield", type: "armor", defence: 4}, {name: "Cloak", type: "clothing", warmth: 3} ]; _.each(newPlayerDefaultItems,function(item) { item.player_id = newPlayerId; Items.insert(item, {tx: true}); // Doesn't need to be instant as we don't do anything with these new _id values }); tx.commit();Note: the options can also be passed as follows:
Players.insert({name: "New player"}, {tx: {instant: true}});. This can be used to avoid potential namespace collisions with other packages that use the same options hash, such asaldeed:collection2. As soon as an options hash is passed as the value fortx(instead oftrue), this package won't consider any other options except those in the hash. -
a. For single actions within a transaction, you can pass a callback function as the next parameter after the options hash. In rare situations you might find you need to pass your callback function explicitly as
callbackin the options hash. e.g.Posts.remove({_id: post._id}, {instant: true, callback: function (err, res) { console.log(this, err, res); }});. Note: if the callback functions fired on individual actions (in either a single-action, auto-committed transaction or atx.start() ... tx.commit()block) make changes to collections, these will NOT be undoable as part of the transaction.b. A callback can also be passed as the parameter of the
commitfunction, as follows:tx.commit(function(err, res) { console.log(this, err, res); });. In the callback:erris aMeteor.Errorwhen the transaction is unsuccessful (andreswill be false); if the transaction was successful,restakes the value(s) of the new _id for transactions that contain insert operations (a single string if there was one insert or an object with arrays of strings indexed by collection name if there were multiple inserts), ortruefor transactions comprising only updates and removes;reswill befalseif the transaction was rolled back; in the callback function context,thisis an object of the form{transaction_id: <transaction_id>, writes: <an object containing all inserts, updates and removes>}(writesis not set for unsuccessful transactions). -
Another option is
overridePermissionCheck:Posts.remove({_id: post_id}, {tx: true, overridePermissionCheck: true});. This can be used when your generictx.checkPermissionfunction is a little over-zealous. Be sure to wrap your transaction calls in some other permission check logic if you're going tooverridePermissionCheck. This option only works on the server, for obvious reasons. -
If you want to do custom filtering of the
tx.Transactionscollection in some admin view, you'll probably want to record some context for each transaction. Acontextfield is added to each transaction record and should be a JSON object. By default, we addcontext: {}, but you can set a custom context in a few different ways.You may set context multiple times within one transaction, using multiple methods. Each time you set context the properties will be added to the context you have set already (using underscore.js "extend" behind the scenes). If you set the same key more than once then last write wins.
Here's how you can set context:
-
When Starting a Transaction you can set context like this:
tx.start('add comments', {context: {post_id: "dgt234rehe346ijhh"}}) -
Anytime During a Transaction you may add to context with:
tx.setContext({ more_info : "something else to remember" }) -
Automatically When Adding an Action you may override the function
tx.makeContext = function(action, collection, doc, modifier) { ... }to add to context based on each action.actionis "update", "remove", etc.collectionis a reference to the Mongo.Collection,docis the object being modified, andmodifieris the mongo modifier e.g.{$set: {foo: "bar"}}. Remember that last write wins if multiple actions happen in the same transaction. -
Manually When Adding an Action you can pass
{context: { <Your JSON object for context> }}into the options parameter when adding an action to the transaction. E.G.Posts.update({ _id: postId}, {$set:{foo:"bar"}}, { tx: true, context:{ postAuthorName: "Jack Black" }) -
For individual updates, there is an option to provide a custom inverse operation if the transactions package is not getting it right by default. This is the format that a custom inverse operation would need to take (in the options object of the update call):
"inverse": { "command": "$set", "data": [ { "key": "text", "value": "My old post text" } ] }If you want to override the default inverse for a certain update operation, you can supply your own function in the
tx.inverseOperationshash. For example, if you wanted to restore the entire current state of an array field after a$pushor$addToSetoperation, you could implement it like this:tx.inverseOperations.$addToSet = function (collection, existingDoc, updateMap, opt) { var self = this, inverseCommand = '$set', formerValues = {}; _.each(_.keys(updateMap), function (keyName) { var formerVal = self._drillDown(existingDoc, keyName); if (typeof formerVal !== 'undefined') { formerValues[keyName] = formerVal; } else { // Reset to empty array. Really should be an $unset but cannot mix inverse actions formerValues[keyName] = []; } }) return {command: inverseCommand, data: formerValues}; };Note that supplying a
inverseoptions property in an individual update always takes precedence over the functions intx.inverseOperations. -
The transaction queue is processed entirely on the server, but can be built on the client OR the server (not both). You can't mix client-side changes and server-side changes (i.e. Meteor methods) in a single transaction. If the transaction is committed on the client, then an array of actions will be sent to the server via a method for processing. However, if you perform actions with
{instant:true}on the client, these will be sent immediately to the server as regular "insert", "udpate" and "remove" methods, so each action will have to get through your allow and deny rules. This means that yourtx.permissionCheckfunction will need to be aligned fairly closely to yourallowanddenyrules in order to get the expected results. And remember, thetx.permissionCheckfunction is all that stands between transaction code executed on the client and your database. -
Fields are added to documents that are affected by transactions.
transaction_idis added to any document that is inserted, updated or soft-deleted via a transaction. This package takes care of updating your schema to allow for this if you are using thealdeed:collection2package. -
The default setting is
tx.softDelete = false, meaning documents that are removed are taken out of their own collection and stored in a document in thetransactionscollection. This can default can be changed at run time by settingtx.softDelete = true. Or, for finer grained management, thesoftDelete: trueoption can be passed on individualremovecalls. IfsoftDeleteistrue,deleted: <mongo ISO date object>will be added to the removed document, and then thisdeletedfield is$unsetwhen the action is undone. This means that thefindandfindOnecalls in your Meteor method calls and publications will need,deleted: {$exists: false}in the selector in order to keep deleted documents away from the client, if that's what you want. This is, admittedly, a pain having to handle the check on thedeletedfield yourself, but it's less prone to error than having a document gone from the database and sitting in a stale state in thetransactionscollection where it won't be updated by migrations, etc. For this reason, we recommend settingtx.softDelete = trueand dealing with the pain.Note: When doing a remove on the client using a transaction with
softDeleteset tofalseand{instant: true}, only the published fields of the document are stored for retrieval. So if a document with only some of its fields published is removed on the client and then that is undone, there will be data loss (the unpublished fields will be gone from the db) which could cause your app to break or behave strangely, depending on how those fields were used. To prevent this, there are three options:- use
softDelete: true(then you'll have to change your selectors infindandfindOneeverywhere to include, deleted: {$exists: false}) - publish the whole document to the client
- [best option] use a method call and put the remove transaction call in that, so it executes server-side where it has access to the whole document
- use
-
This is all "last write wins". No Operational Transform going on here. Using
tx.undo, if a document has been modified by a different transaction than the one you are trying to undo, the undo operation will be cancelled. If users are simultaneously writing to the same sets of documents via transactions, a scenario could potentially arise in which neither user was able to undo their last transaction. This package will not work well for multiple writes to the same document by different users - e.g. Etherpad type apps. -
Under the hood, all it's doing is putting a document in the
transactionsmongodb collection, one per transaction, that records: a list of which actions were taken on which documents in which collection and then, alongside each of those, the inverse action required for anundoand the state of the action (pending,doneorundone). -
The only
updatecommands we currently support are$set,$unset,$addToSet,$pulland$inc. We've got a great amount of mileage out of them so far (see below). -
There is built-in support for the popular
aldeed:collection2package, but this is a failry volatile combination, as both packages wrap theinsertandupdatemethods onMongo.Collectionand both remove any options hash* before passing the call on to the native functions (while still allowing any callbacks to fire, to match the behaviour specified in the Meteor docs). Open an issue if this package doesn't seem to work withaldeed:collection2.* although
babrahams:transactionsdoes allow thealdeed:collection2options through if it detects the presence of that package -
When starting a transaction, you can write
var txid = tx.start('add post');and then target this particular transaction for undo/redo usingtx.undo(txid). You can also pass a callback instead of (or in addition to) a txid value, as follows:tx.undo(function (err, res) { // `res` will be true if the transaction was undone or false if it is an expired transaction // `this` will be the tx object } -
By default, the package will look for any incomplete transactions on app startup and try to repair app state by completing them. This behaviour can be changed by setting
tx.selfRepairMode = 'rollback'if you'd rather incomplete transactions be rolled back, ortx.selfRepairMode = 'none'if you want to handle app state repair manually. (Default istx.selfRepairMode = 'complete'.)Note: to try a repair from
meteor shell, usetx._repairAllIncomplete(mode)or, for individual transactions,tx._repairIncomplete(transactionDoc, mode)(where mode is"complete"or"rollback"andtransactionDocis a document from thetx.Transactionscollection. -
Monkey patching of the
Mongo.Collectionobject is becoming a problem in Meteor and this package usesdburles:mongo-collection-instances, which monkey patches theMongo.Collectionobject for developer convenience (but in doing so adds to the overall problem of interoperability). This means this package will not work well with other packages that do the same thing (there are many!). -
You may not want all collections to be available for transactions, in which case you can set
tx.collectionIndexmanually in a file that is common to client and server. E.g.
tx.collectionIndex = {
'posts' : Posts,
'comments' : Comments
}
where 'posts' is the name of the Mongo collection and Posts is the Meteor Mongo.Collection instance variable.
We've been using this package in a complex production app for almost three years and it's never given us any trouble. That said, we have a fairly small user base and those users perform writes infrequently, so concurrent writes to the same document are unlikely.
- 0.3 -
Add callbacks totx.commit() - 0.4 -
Remove the need fortx.collectionIndex, usingdburles:mongo-collection-instancespackage - 0.4.5 -
Add support forsimple-schema - 0.5 -
WrapMongo.Collectioninsert,updateandremovemethods to create less of an all-or-nothing API - 0.6 -
Store removed documents in the transaction document itself and actually remove them from collections as a default behaviour (softDelete:truecan be passed to set the deleted field instead) - 0.7 -
Implement something like the mongo two-phase commit approach (see issue #5) and factor out undo/redo UI to a separate package - 0.8 - Add more test coverage and refactor code for better maintainability
- 0.9 - Add/improve support for other/existing mongo operators
- 1.0 - Complete test coverage and security audit
- 1.0+ - Operational Transform
- 1.0+ - Look into support for {multi:true}
As you can see from the roadmap, there are still some key things missing from this package. I currently use it in a production app, but it's very much a case of use-at-your-own-risk right now.