Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Etag verification fails if force_auth_field_projection=True #1452

Open
yuregir opened this issue May 6, 2021 · 1 comment
Open

[BUG] Etag verification fails if force_auth_field_projection=True #1452

yuregir opened this issue May 6, 2021 · 1 comment
Labels
stale

Comments

@yuregir
Copy link

yuregir commented May 6, 2021

On put requests to replace existing objects, I am getting “412 - Client and server etags don't match”, even if-match header is correctly set.
I tried to debug the root cause of the problem.
Wanted to explain my findings.

This happens only on endpoints which auth_field is enabled.

My findings:

On put.py line 138;

original = get_document(
        resource,
        concurrency_check,
        check_auth_value=False,
        force_auth_field_projection=True,
        **lookup
    )

When force_auth_field_projection=True -> get_document() function forces to add projection ={ ‘auth_field’ :1} to pymongo query (it is exact added at io/base.py line 511: if force_auth_field_projection: fields[auth_field] = 1). This causes pymongo to return original item, only with fields _id and auth_field.

On common.py line 120;

etag = document.get(
             config.ETAG, document_etag(document, ignore_fields=ignore_fields))

Object before document.get() in common.py line 120; (Original object has 10+ fields including _etag, but it contains only id and auth field because of force_auth_field_projection=True)

{
  '_id': ObjectId('6092e319f17d74634b081df2'), 
  ‘auth_field': ObjectId('5f401f37917546325003ba46’),
   '_updated': datetime.datetime(1970, 1, 1, 0, 0), 
  '_created': datetime.datetime(1970, 1, 1, 0, 0)
}

As I mentioned on top, returned item only have _id and auth_field and not _etag;
.get() cant find current _etag value in document item and tries to calculate it from document_etag() function, but document item doesnt have all fields, causes_etag value to be calculated incorrectly,
Then I get error 412 etag values doesnt match.

When debugging I manually override force_auth_field_projection=True to False, PUT request runs without any error.

Expected Behavior

PUT requests with auth_field enabled endpoints, should be successful, if _etag value is correctly set in IF-Match header.

Actual Behavior

Getting “412 - Client and server etags don't match” on endpoints which auth_field is enabled, even if-match header is correct.

Environment

  • Python version: 3.8
  • Eve version: 1.1.5
@stale
Copy link

stale bot commented Apr 16, 2022

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

@stale stale bot added the stale label Apr 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yuregir