@expo/entity 0.53.0 → 0.54.0

package/src/utils/EntityPrivacyUtils.ts

@@ -5,9 +5,9 @@ import {
   EntityEdgeDeletionAuthorizationInferenceBehavior,
   EntityEdgeDeletionBehavior,
 } from '../EntityFieldDefinition';
-import { EntityCascadingDeletionInfo } from '../EntityMutationInfo';
-import { EntityPrivacyPolicy } from '../EntityPrivacyPolicy';
+import { EntityPrivacyPolicy, EntityPrivacyPolicyEvaluationContext } from '../EntityPrivacyPolicy';
 import { EntityQueryContext } from '../EntityQueryContext';
+import { ReadonlyEntity } from '../ReadonlyEntity';
 import { ViewerContext } from '../ViewerContext';
 import { failedResults, partitionArray } from '../entityUtils';
 import { EntityNotAuthorizedError } from '../errors/EntityNotAuthorizedError';
@@ -74,7 +74,7 @@ export async function canViewerUpdateAsync<
   const result = await canViewerUpdateInternalAsync(
     entityClass,
     sourceEntity,
-    /* cascadingDeleteCause */ null,
+    { previousValue: sourceEntity, cascadingDeleteCause: null },
     queryContext,
   );
   return result.allowed;
@@ -121,7 +121,7 @@ export async function getCanViewerUpdateResultAsync<
   return await canViewerUpdateInternalAsync(
     entityClass,
     sourceEntity,
-    /* cascadingDeleteCause */ null,
+    { previousValue: sourceEntity, cascadingDeleteCause: null },
     queryContext,
   );
 }
@@ -149,7 +149,13 @@ async function canViewerUpdateInternalAsync<
     TSelectedFields
   >,
   sourceEntity: TEntity,
-  cascadingDeleteCause: EntityCascadingDeletionInfo | null,
+  evaluationContext: EntityPrivacyPolicyEvaluationContext<
+    TFields,
+    TIDField,
+    TViewerContext,
+    TEntity,
+    TSelectedFields
+  >,
   queryContext: EntityQueryContext,
 ): Promise<EntityPrivacyEvaluationResult> {
   const companion = sourceEntity
@@ -160,7 +166,7 @@ async function canViewerUpdateInternalAsync<
     privacyPolicy.authorizeUpdateAsync(
       sourceEntity.getViewerContext(),
       queryContext,
-      { previousValue: null, cascadingDeleteCause },
+      evaluationContext,
       sourceEntity,
       companion.getMetricsAdapter(),
     ),
@@ -217,7 +223,7 @@ export async function canViewerDeleteAsync<
   const result = await canViewerDeleteInternalAsync(
     entityClass,
     sourceEntity,
-    /* cascadingDeleteCause */ null,
+    { previousValue: null, cascadingDeleteCause: null },
     queryContext,
   );
   return result.allowed;
@@ -264,7 +270,7 @@ export async function getCanViewerDeleteResultAsync<
   return await canViewerDeleteInternalAsync(
     entityClass,
     sourceEntity,
-    /* cascadingDeleteCause */ null,
+    { previousValue: null, cascadingDeleteCause: null },
     queryContext,
   );
 }
@@ -292,7 +298,13 @@ async function canViewerDeleteInternalAsync<
     TSelectedFields
   >,
   sourceEntity: TEntity,
-  cascadingDeleteCause: EntityCascadingDeletionInfo | null,
+  evaluationContext: EntityPrivacyPolicyEvaluationContext<
+    TFields,
+    TIDField,
+    TViewerContext,
+    TEntity,
+    TSelectedFields
+  >,
   queryContext: EntityQueryContext,
 ): Promise<EntityPrivacyEvaluationResult> {
   const viewerContext = sourceEntity.getViewerContext();
@@ -306,7 +318,7 @@ async function canViewerDeleteInternalAsync<
     privacyPolicy.authorizeDeleteAsync(
       sourceEntity.getViewerContext(),
       queryContext,
-      { previousValue: null, cascadingDeleteCause },
+      evaluationContext,
       sourceEntity,
       viewerScopedCompanion.getMetricsAdapter(),
     ),
@@ -321,7 +333,7 @@ async function canViewerDeleteInternalAsync<
 
   const newCascadingDeleteCause = {
     entity: sourceEntity,
-    cascadingDeleteCause,
+    cascadingDeleteCause: evaluationContext.cascadingDeleteCause,
   };
 
   // Take entity X which is proposed to be deleted, look at inbound edges (entities that reference X).
@@ -366,7 +378,7 @@ async function canViewerDeleteInternalAsync<
       const edgeDeletionPermissionInferenceBehavior =
         association.edgeDeletionAuthorizationInferenceBehavior;
 
-      let entityResultsToCheckForInboundEdge: readonly Result<any>[];
+      let entityResultsToCheckForInboundEdge: readonly Result<ReadonlyEntity<any, any, any, any>>[];
 
       if (
         edgeDeletionPermissionInferenceBehavior ===
@@ -419,7 +431,7 @@ async function canViewerDeleteInternalAsync<
               canViewerDeleteInternalAsync(
                 inboundEdge,
                 entity,
-                newCascadingDeleteCause,
+                { previousValue: null, cascadingDeleteCause: newCascadingDeleteCause },
                 queryContext,
               ),
             ),
@@ -435,14 +447,43 @@ async function canViewerDeleteInternalAsync<
 
         case EntityEdgeDeletionBehavior.SET_NULL:
         case EntityEdgeDeletionBehavior.SET_NULL_INVALIDATE_CACHE_ONLY: {
+          // create synthetic entities with the reference field set to null to properly evaluate
+          // privacy policy as it would be after the cascading SET NULL operation
+          const previousAndSyntheticEntitiesForInboundEdge = entitiesForInboundEdge.map(
+            (entity) => {
+              const entityLoader = viewerContext
+                .getViewerScopedEntityCompanionForClass(inboundEdge)
+                .getLoaderFactory()
+                .forLoad(queryContext, {
+                  previousValue: entity,
+                  cascadingDeleteCause: newCascadingDeleteCause,
+                });
+
+              const allFields = entity.getAllDatabaseFields();
+              const syntheticFields = {
+                ...allFields,
+                [fieldName]: null,
+              };
+
+              return {
+                previousValue: entity,
+                syntheticallyUpdatedValue: entityLoader.utils.constructEntity(syntheticFields),
+              };
+            },
+          );
+
           const canUpdateEvaluationResults = await Promise.all(
-            entitiesForInboundEdge.map((entity) =>
-              canViewerUpdateInternalAsync(
-                inboundEdge,
-                entity,
-                newCascadingDeleteCause,
-                queryContext,
-              ),
+            previousAndSyntheticEntitiesForInboundEdge.map(
+              ({ previousValue, syntheticallyUpdatedValue }) =>
+                canViewerUpdateInternalAsync(
+                  inboundEdge,
+                  syntheticallyUpdatedValue,
+                  {
+                    previousValue,
+                    cascadingDeleteCause: newCascadingDeleteCause,
+                  },
+                  queryContext,
+                ),
             ),
           );
 

package/src/utils/__testfixtures__/StubCacheAdapter.ts

@@ -17,8 +17,7 @@ export class NoCacheStubCacheAdapterProvider implements IEntityCacheAdapterProvi
 export class NoCacheStubCacheAdapter<
   TFields extends Record<string, any>,
   TIDField extends keyof TFields,
-> implements IEntityCacheAdapter<TFields, TIDField>
-{
+> implements IEntityCacheAdapter<TFields, TIDField> {
   public async loadManyAsync<
     TLoadKey extends IEntityLoadKey<TFields, TIDField, TSerializedLoadValue, TLoadValue>,
     TSerializedLoadValue,
@@ -74,8 +73,7 @@ export class InMemoryFullCacheStubCacheAdapterProvider implements IEntityCacheAd
 export class InMemoryFullCacheStubCacheAdapter<
   TFields extends Record<string, any>,
   TIDField extends keyof TFields,
-> implements IEntityCacheAdapter<TFields, TIDField>
-{
+> implements IEntityCacheAdapter<TFields, TIDField> {
   constructor(
     private readonly entityConfiguration: EntityConfiguration<TFields, TIDField>,
     private readonly cache: Map<string, Readonly<TFields> | typeof DOES_NOT_EXIST>,

package/src/utils/__testfixtures__/StubDatabaseAdapter.ts

@@ -1,5 +1,5 @@
 import invariant from 'invariant';
-import { uuidv7 } from 'uuidv7';
+import { v7 as uuidv7 } from 'uuid';
 
 import { EntityConfiguration } from '../../EntityConfiguration';
 import {

package/src/utils/__tests__/EntityPrivacyUtils-test.ts

@@ -268,6 +268,47 @@ describe(canViewerDeleteAsync, () => {
     );
     expect(canViewerDeleteResult.allowed).toBe(true);
   });
+
+  it('evaluates privacy policy with synthetically nullified field for SET_NULL', async () => {
+    const companionProvider = createUnitTestEntityCompanionProvider();
+    const viewerContext = new ViewerContext(companionProvider);
+    const testEntity = await ParentEntity.creator(viewerContext).createAsync();
+
+    // Create a leaf entity that references the parent. This leaf entity's privacy policy
+    // allows updates only when its reference field is being set to null. This tests that canViewerDeleteAsync
+    // creates a synthetic entity with the field set to null when evaluating the SET_NULL case.
+    await LeafConditionalUpdateEntity.creator(viewerContext)
+      .setField('parent_id', testEntity.getID())
+      .createAsync();
+
+    const canViewerDelete = await canViewerDeleteAsync(ParentEntity, testEntity);
+    expect(canViewerDelete).toBe(true);
+
+    const canViewerDeleteResult = await getCanViewerDeleteResultAsync(ParentEntity, testEntity);
+    expect(canViewerDeleteResult.allowed).toBe(true);
+  });
+
+  it('denies deletion when privacy policy fails with synthetically nullified field for SET_NULL', async () => {
+    const companionProvider = createUnitTestEntityCompanionProvider();
+    const viewerContext = new ViewerContext(companionProvider);
+    const testEntity = await ParentEntity.creator(viewerContext).createAsync();
+
+    // Create a leaf entity that references the parent. This leaf entity's privacy policy
+    // denies updates when its reference field is being set to null. This tests that canViewerDeleteAsync
+    // properly evaluates the synthetic entity and denies when the policy fails.
+    const leafEntity = await LeafDenyUpdateWhenNullEntity.creator(viewerContext)
+      .setField('parent_id', testEntity.getID())
+      .createAsync();
+
+    const canViewerDelete = await canViewerDeleteAsync(ParentEntity, testEntity);
+    expect(canViewerDelete).toBe(false);
+
+    const canViewerDeleteResult = await getCanViewerDeleteResultAsync(ParentEntity, testEntity);
+    expectAuthorizationError(canViewerDeleteResult, {
+      entityId: leafEntity.getID(),
+      action: EntityAuthorizationAction.UPDATE,
+    });
+  });
 });
 
 type TestEntityFields = {
@@ -297,6 +338,20 @@ type TestEntityThrowOtherErrorFields = {
   simple_test_id: string | null;
 };
 
+type ParentEntityFields = {
+  id: string;
+};
+
+type LeafConditionalUpdateEntityFields = {
+  id: string;
+  parent_id: string | null;
+};
+
+type LeafDenyUpdateWhenNullEntityFields = {
+  id: string;
+  parent_id: string | null;
+};
+
 class DenyUpdateEntityPrivacyPolicy<
   TFields extends Record<'id', any>,
   TIDField extends keyof NonNullable<Pick<TFields, TSelectedFields>>,
@@ -678,3 +733,243 @@ class SimpleTestThrowOtherErrorEntity extends Entity<
     };
   }
 }
+
+class ConditionalUpdateEntityPrivacyPolicy extends EntityPrivacyPolicy<
+  LeafConditionalUpdateEntityFields,
+  'id',
+  ViewerContext,
+  LeafConditionalUpdateEntity
+> {
+  protected override readonly readRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+  protected override readonly createRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+  protected override readonly updateRules = [
+    {
+      async evaluateAsync(
+        _viewerContext: ViewerContext,
+        _queryContext: EntityQueryContext,
+        evaluationContext: EntityPrivacyPolicyEvaluationContext<
+          LeafConditionalUpdateEntityFields,
+          'id',
+          ViewerContext,
+          LeafConditionalUpdateEntity
+        >,
+        entity: LeafConditionalUpdateEntity,
+      ): Promise<RuleEvaluationResult> {
+        // Only allow updates when parent_id is being set to null
+        // and parent_id was previously non-null and was the cascading delete cause
+
+        const { previousValue, cascadingDeleteCause } = evaluationContext;
+        if (!previousValue || !cascadingDeleteCause) {
+          return RuleEvaluationResult.SKIP;
+        }
+
+        const parentId = entity.getField('parent_id');
+        const previousParentId = previousValue.getField('parent_id');
+
+        if (parentId !== null) {
+          return RuleEvaluationResult.SKIP;
+        }
+
+        if (!previousParentId) {
+          return RuleEvaluationResult.SKIP;
+        }
+
+        if (cascadingDeleteCause.entity.getID() !== previousParentId) {
+          return RuleEvaluationResult.SKIP;
+        }
+
+        return RuleEvaluationResult.ALLOW;
+      },
+    },
+  ];
+  protected override readonly deleteRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+}
+
+// Privacy policy that denies updates when parent_id is null
+class DenyUpdateWhenNullEntityPrivacyPolicy extends EntityPrivacyPolicy<
+  LeafConditionalUpdateEntityFields,
+  'id',
+  ViewerContext,
+  LeafConditionalUpdateEntity
+> {
+  protected override readonly readRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+  protected override readonly createRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+  protected override readonly updateRules = [
+    {
+      async evaluateAsync(
+        _viewerContext: ViewerContext,
+        _queryContext: EntityQueryContext,
+        evaluationContext: EntityPrivacyPolicyEvaluationContext<
+          LeafConditionalUpdateEntityFields,
+          'id',
+          ViewerContext,
+          LeafConditionalUpdateEntity
+        >,
+        entity: LeafConditionalUpdateEntity,
+      ): Promise<RuleEvaluationResult> {
+        // Deny updates when parent_id is being set to null
+
+        const { previousValue } = evaluationContext;
+        if (!previousValue) {
+          return RuleEvaluationResult.SKIP;
+        }
+
+        const parentId = entity.getField('parent_id');
+        const previousParentId = previousValue.getField('parent_id');
+
+        if (!parentId && previousParentId) {
+          return RuleEvaluationResult.DENY;
+        }
+
+        return RuleEvaluationResult.SKIP;
+      },
+    },
+  ];
+  protected override readonly deleteRules = [
+    new AlwaysAllowPrivacyPolicyRule<
+      LeafConditionalUpdateEntityFields,
+      'id',
+      ViewerContext,
+      LeafConditionalUpdateEntity
+    >(),
+  ];
+}
+
+class ParentEntity extends Entity<ParentEntityFields, 'id', ViewerContext> {
+  static defineCompanionDefinition(): EntityCompanionDefinition<
+    ParentEntityFields,
+    'id',
+    ViewerContext,
+    ParentEntity,
+    DenyUpdateEntityPrivacyPolicy<ParentEntityFields, 'id', ViewerContext, ParentEntity>
+  > {
+    return {
+      entityClass: ParentEntity,
+      entityConfiguration: new EntityConfiguration<ParentEntityFields, 'id'>({
+        idField: 'id',
+        tableName: 'parent_entity',
+        inboundEdges: [LeafConditionalUpdateEntity, LeafDenyUpdateWhenNullEntity],
+        schema: {
+          id: new UUIDField({
+            columnName: 'id',
+            cache: false,
+          }),
+        },
+        databaseAdapterFlavor: 'postgres',
+        cacheAdapterFlavor: 'redis',
+      }),
+      privacyPolicyClass: DenyUpdateEntityPrivacyPolicy,
+    };
+  }
+}
+
+class LeafConditionalUpdateEntity extends Entity<
+  LeafConditionalUpdateEntityFields,
+  'id',
+  ViewerContext
+> {
+  static defineCompanionDefinition(): EntityCompanionDefinition<
+    LeafConditionalUpdateEntityFields,
+    'id',
+    ViewerContext,
+    LeafConditionalUpdateEntity,
+    ConditionalUpdateEntityPrivacyPolicy
+  > {
+    return {
+      entityClass: LeafConditionalUpdateEntity,
+      entityConfiguration: new EntityConfiguration<LeafConditionalUpdateEntityFields, 'id'>({
+        idField: 'id',
+        tableName: 'leaf_conditional_update',
+        schema: {
+          id: new UUIDField({
+            columnName: 'id',
+            cache: false,
+          }),
+          parent_id: new UUIDField({
+            columnName: 'parent_id',
+            association: {
+              associatedEntityClass: ParentEntity,
+              edgeDeletionBehavior: EntityEdgeDeletionBehavior.SET_NULL,
+            },
+          }),
+        },
+        databaseAdapterFlavor: 'postgres',
+        cacheAdapterFlavor: 'redis',
+      }),
+      privacyPolicyClass: ConditionalUpdateEntityPrivacyPolicy,
+    };
+  }
+}
+
+class LeafDenyUpdateWhenNullEntity extends Entity<
+  LeafDenyUpdateWhenNullEntityFields,
+  'id',
+  ViewerContext
+> {
+  static defineCompanionDefinition(): EntityCompanionDefinition<
+    LeafDenyUpdateWhenNullEntityFields,
+    'id',
+    ViewerContext,
+    LeafDenyUpdateWhenNullEntity,
+    DenyUpdateWhenNullEntityPrivacyPolicy
+  > {
+    return {
+      entityClass: LeafDenyUpdateWhenNullEntity,
+      entityConfiguration: new EntityConfiguration<LeafDenyUpdateWhenNullEntityFields, 'id'>({
+        idField: 'id',
+        tableName: 'leaf_deny_update_when_null',
+        schema: {
+          id: new UUIDField({
+            columnName: 'id',
+            cache: false,
+          }),
+          parent_id: new UUIDField({
+            columnName: 'parent_id',
+            association: {
+              associatedEntityClass: ParentEntity,
+              edgeDeletionBehavior: EntityEdgeDeletionBehavior.SET_NULL,
+            },
+          }),
+        },
+        databaseAdapterFlavor: 'postgres',
+        cacheAdapterFlavor: 'redis',
+      }),
+      privacyPolicyClass: DenyUpdateWhenNullEntityPrivacyPolicy,
+    };
+  }
+}