Open benoitbzl opened 2 years ago
@benoitbzl Thanks for posting! We'll take a look as soon as possible.
In the mean time, there are a few ways you can help speed things along:
Please remember: never post in a public forum if you believe you've found a genuine security vulnerability. Instead, disclose it responsibly.
For help with questions about Sails, click here.
@benoitbzl This is the intended behavior today https://github.com/balderdashy/waterline/blob/98e4b7cf2f16611c56a2542ddb2b92a56928ad94/lib/waterline/utils/query/process-all-records.js#L131-L149
Have you seen this information in our documentation?
I discussed this with @mikermcneil and he recommends using schema: true
Hello. For different reasons we cannot use the schema: true
configuration in our case. We must disable the schema verification and result filtering. This works for the parent documents (attributes are not filtered), but it does not for the populated (child) documents (some attributes are filtered). If this is the intended behavior, it should be clearly stated in the documentation that the schema: true
configuration does only apply to parent documents.
@benoitbzl we agree that this should be documented, we'll update the documentation.
Hello, I set my model config file with
schema: false
to prevent attributes filtering of the documents retrieved from mongo DB (for different reasons, the models in sails are not always defining all attributes of a document). But the join document retrieved by a populate() query does not follow thatschema: false
configuration, and the attributes of the joined document are filtered according to the model.For example, in database there are the two documents in different collections:
collection user: { _id: "a user ID", tenant: "a tenant ID", theme: "a theme ID" } with a sails model like (this is not a real sails model but just an illustration): { id: { type: "string" }, tenant: { model: "Tenant" } }
collection tenant: { _id: "a tenant ID", lang: "fr", configuration: "A configuration" } with a sails model like (this is not a real sails model but just an illustration): { id: { type: "string" }, configuration: {type: "string"}}
a query like:
sails.models.user.findOne({ id: "a user ID" }).populate('tenant')
returns a user document like: { id: "a user ID", theme: "a theme ID", tenant: { id: "a tenant ID", configuration: "A configuration" }}The
lang
attribute of the tenant has been filtered out as it is not defined by the tenant model, but thetheme
attribute of the user has been preserved as expected.Node version: 14.18.3 Sails version (sails): 1.5.2 ORM hook version (sails-hook-orm): Sockets hook version (sails-hook-sockets): Organics hook version (sails-hook-organics): Grunt hook version (sails-hook-grunt): Uploads hook version (sails-hook-uploads): DB adapter & version (e.g. sails-mysql@5.55.5): sails-mongo Skipper adapter & version (e.g. skipper-s3@5.55.5):