From 6bc186512e22c14cff41959df5cc8cda46eb6354 Mon Sep 17 00:00:00 2001 From: Torsten Dittmann Date: Mon, 30 May 2022 14:01:39 +0200 Subject: [PATCH 1/2] fix: increase subquery limit --- app/init.php | 79 ++++++++++++++++++++++++++++------------------------ 1 file changed, 42 insertions(+), 37 deletions(-) diff --git a/app/init.php b/app/init.php index 7e501b84a6..7f2ecc2ac2 100644 --- a/app/init.php +++ b/app/init.php @@ -77,6 +77,7 @@ const APP_LIMIT_ANTIVIRUS = 20000000; //20MB const APP_LIMIT_ENCRYPTION = 20000000; //20MB const APP_LIMIT_COMPRESSION = 20000000; //20MB const APP_LIMIT_ARRAY_PARAMS_SIZE = 100; // Default maximum of how many elements can there be in API parameter that expects array value +const APP_LIMIT_SUBQUERY = 1000; const APP_CACHE_BUSTER = 305; const APP_VERSION_STABLE = '0.14.2'; const APP_DATABASE_ATTRIBUTE_EMAIL = 'email'; @@ -189,44 +190,48 @@ if(!empty($user) || !empty($pass)) { * New DB Filters */ Database::addFilter('casting', - function($value) { + function(mixed $value) { return json_encode(['value' => $value], JSON_PRESERVE_ZERO_FRACTION); }, - function($value) { + function(mixed $value) { if (is_null($value)) { return null; } + return json_decode($value, true)['value']; } ); Database::addFilter('enum', - function($value, Document $attribute) { + function(mixed $value, Document $attribute) { if ($attribute->isSet('elements')) { $attribute->removeAttribute('elements'); } + return $value; }, - function($value, Document $attribute) { + function(mixed $value, Document $attribute) { $formatOptions = json_decode($attribute->getAttribute('formatOptions', '[]'), true); if (isset($formatOptions['elements'])) { $attribute->setAttribute('elements', $formatOptions['elements']); } + return $value; } ); Database::addFilter('range', - function($value, Document $attribute) { + function(mixed $value, Document $attribute) { if ($attribute->isSet('min')) { $attribute->removeAttribute('min'); } if ($attribute->isSet('max')) { $attribute->removeAttribute('max'); } + return $value; }, - function($value, Document $attribute) { + function(mixed $value, Document $attribute) { $formatOptions = json_decode($attribute->getAttribute('formatOptions', '[]'), true); if (isset($formatOptions['min']) || isset($formatOptions['max'])) { $attribute @@ -234,15 +239,16 @@ Database::addFilter('range', ->setAttribute('max', $formatOptions['max']) ; } + return $value; } ); Database::addFilter('subQueryAttributes', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('attributes', [ new Query('collectionId', Query::TYPE_EQUAL, [$document->getId()]) @@ -251,10 +257,10 @@ Database::addFilter('subQueryAttributes', ); Database::addFilter('subQueryIndexes', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('indexes', [ new Query('collectionId', Query::TYPE_EQUAL, [$document->getId()]) @@ -263,95 +269,94 @@ Database::addFilter('subQueryIndexes', ); Database::addFilter('subQueryPlatforms', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('platforms', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, []); + ], APP_LIMIT_SUBQUERY, 0, []); } ); Database::addFilter('subQueryDomains', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('domains', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, []); + ], APP_LIMIT_SUBQUERY, 0, []); } ); Database::addFilter('subQueryKeys', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('keys', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, []); + ], APP_LIMIT_SUBQUERY, 0, []); } ); Database::addFilter('subQueryWebhooks', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return $database ->find('webhooks', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, []); + ], APP_LIMIT_SUBQUERY, 0, []); } ); Database::addFilter('subQuerySessions', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { - $sessions = Authorization::skip(fn () => $database->find('sessions', [ + function(mixed $value, Document $document, Database $database) { + return Authorization::skip(fn () => $database->find('sessions', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, [])); - - return $sessions; + ], APP_LIMIT_SUBQUERY, 0, [])); } ); Database::addFilter('subQueryTokens', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return Authorization::skip(fn() => $database ->find('tokens', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, [])); + ], APP_LIMIT_SUBQUERY, 0, [])); } ); - + Database::addFilter('subQueryMemberships', - function($value) { + function(mixed $value) { return null; }, - function($value, Document $document, Database $database) { + function(mixed $value, Document $document, Database $database) { return Authorization::skip(fn() => $database ->find('memberships', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getIndexLimit(), 0, [])); + ], APP_LIMIT_SUBQUERY, 0, [])); } ); Database::addFilter('encrypt', - function($value) { + function(mixed $value) { $key = App::getEnv('_APP_OPENSSL_KEY_V1'); $iv = OpenSSL::randomPseudoBytes(OpenSSL::cipherIVLength(OpenSSL::CIPHER_AES_128_GCM)); $tag = null; + return json_encode([ 'data' => OpenSSL::encrypt($value, OpenSSL::CIPHER_AES_128_GCM, $key, 0, $iv, $tag), 'method' => OpenSSL::CIPHER_AES_128_GCM, @@ -360,7 +365,7 @@ Database::addFilter('encrypt', 'version' => '1', ]); }, - function($value) { + function(mixed $value) { if(is_null($value)) { return null; } From 2255c789dff40d58286f1647434e6f445d7a4208 Mon Sep 17 00:00:00 2001 From: Torsten Dittmann Date: Wed, 1 Jun 2022 19:13:15 +0200 Subject: [PATCH 2/2] fix: subquery return for sessions --- app/init.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/app/init.php b/app/init.php index 7e03ed1922..0e1848b2c3 100644 --- a/app/init.php +++ b/app/init.php @@ -257,7 +257,7 @@ Database::addFilter( return $database ->find('attributes', [ new Query('collectionId', Query::TYPE_EQUAL, [$document->getId()]) - ], $database->getAttributeLimit(), 0, []); + ], $database->getAttributeLimit()); } ); @@ -270,7 +270,7 @@ Database::addFilter( return $database ->find('indexes', [ new Query('collectionId', Query::TYPE_EQUAL, [$document->getId()]) - ], 64, 0, []); + ], 64); } ); @@ -283,7 +283,7 @@ Database::addFilter( return $database ->find('platforms', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, []); + ], APP_LIMIT_SUBQUERY); } ); @@ -296,7 +296,7 @@ Database::addFilter( return $database ->find('domains', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, []); + ], APP_LIMIT_SUBQUERY); } ); @@ -309,7 +309,7 @@ Database::addFilter( return $database ->find('keys', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, []); + ], APP_LIMIT_SUBQUERY); } ); @@ -322,7 +322,7 @@ Database::addFilter( return $database ->find('webhooks', [ new Query('projectId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, []); + ], APP_LIMIT_SUBQUERY); } ); @@ -332,9 +332,9 @@ Database::addFilter( return null; }, function (mixed $value, Document $document, Database $database) { - $sessions = Authorization::skip(fn () => $database->find('sessions', [ + return Authorization::skip(fn () => $database->find('sessions', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, [])); + ], APP_LIMIT_SUBQUERY)); } ); @@ -347,7 +347,7 @@ Database::addFilter( return Authorization::skip(fn() => $database ->find('tokens', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, [])); + ], APP_LIMIT_SUBQUERY)); } ); @@ -360,7 +360,7 @@ Database::addFilter( return Authorization::skip(fn() => $database ->find('memberships', [ new Query('userId', Query::TYPE_EQUAL, [$document->getId()]) - ], APP_LIMIT_SUBQUERY, 0, [])); + ], APP_LIMIT_SUBQUERY)); } );