All of our datomic entities have an :foo/id uuid that is :db/unique :db.unique/identity.
This means that if you try to create an entry with an existing :id, it will upsert, whereas, in many places, we probably want to raise an exception (for trying to create something with a duplicate id).
This can likely be taken-advantage-of to do malicious things, and we should have checks in our db functions.
Tests should be written for db functions that should error on duplicate ids, and pre-conditions added to those that act improperly.
All of our datomic entities have an
:foo/iduuid that is:db/unique :db.unique/identity.This means that if you try to create an entry with an existing
:id, it will upsert, whereas, in many places, we probably want to raise an exception (for trying to create something with a duplicate id).This can likely be taken-advantage-of to do malicious things, and we should have checks in our db functions.
Tests should be written for db functions that should error on duplicate ids, and pre-conditions added to those that act improperly.