Skip to content

Obfuscated IDs do not work in atomic operations #1089

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bart-degreed opened this issue Sep 23, 2021 · 0 comments · Fixed by #1091
Closed

Obfuscated IDs do not work in atomic operations #1089

bart-degreed opened this issue Sep 23, 2021 · 0 comments · Fixed by #1091
Labels
bug

Comments

@bart-degreed
Copy link
Contributor

Obfuscated IDs cannot be used with an atomic:operations request, because the deserializer attempts to convert the incoming id JSON element value to TId, bypassing any custom obfuscation logic. Instead, it should assign IIdentifiable.StringId, without performing this validation upfront.

See usages of:

JsonApiDotNetCore/src/JsonApiDotNetCore/Serialization/RequestDeserializer.cs

Lines 266 to 279 in 4754049

private void AssertCompatibleId(IResourceIdentity resourceIdentity, Type idType)
{
if (resourceIdentity.Id != null)
{
try
{
RuntimeTypeConverter.ConvertType(resourceIdentity.Id, idType);
}
catch (FormatException exception)
{
throw new JsonApiSerializationException(null, exception.Message, null, AtomicOperationIndex);
}
}
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Redesign conversion between JSON objects and ASP.NET models json-api-dotnet/JsonApiDotNetCore
1 participant
@bart-degreed