search

moleculerjs / database

Advanced Database Access Service for Moleculer microservices framework
MIT License
32 stars 15 forks source link

Secure field not working true in populate and in foreignkey fields. #36

Open saeedtabrizi opened 1 year ago

saeedtabrizi commented 1 year ago

Hi , When I change the primary key field to secure , all related foreign key fields persisted encoded ID in database which I can't run a query over database . although when create , update or populate a field , if we used secure foreign key in our schema , incorrect functionality happened in mean time . Also when we use secure ID in nested object there is no process and transform with nested data happened . I guess there are a lot of missed scenario implementation for secure field happened. Also I opened a new discussion that related to this issue that you can find it in #35

icebob commented 1 year ago

It depends on the use-case. In my projects, I use secure IDs, and I store the secure IDs as foreign keys.

By the way, Service A can't guarantee that it can encode the foreign key of IDs of Service B responses, because all services may use different encoding(e.g. hashids where the seed is based on service name).

If you don't want to return encoded IDs, use transform: false in options of action/method. But I'm looking forward your thoughts about how it can be improved to solve your use-case and the written use-cases as well.

saeedtabrizi commented 1 year ago

Thankyou @icebob . In my case I believe we must persist database Ids unsecure to separate database from app logic and operation, so we can query on database by aggregate or join operations with the same keys. this is benefit of my approach .
by the way . Currently , I decided to write special action for resolve entities by unsecure ids . and change the field secure property to true and also I write a get and set method for foreign key fields to handle this issue temporary (workaround) . 

...
labels: {
  type: "array",
  max: 100,
  secure:true,
  get:({value})=> value?.map((xx: string) => this.encodeID(xx)),
  set:({value})=> value?.map((xx: string) => this.decodeID(xx)),
  populate: "v1.labels.resolveUnSecureId"
}
app: {
   type: "string",
   columnName: "app_Id",
   immutable: true,
   optional: true ,
   secure: true,
  // eslint-disable-next-line object-shorthand
    set: function ({ value }) {return this.decodeID(value);},
        populate: "apps.resolveUnSecureId",
        },
...

In my case everything working good and OK .

But If we handle secure in foreign keys and have an option in resolveEntities method to enable/disable Id transformation , we can achieve a good experience and lower code writing.

icebob commented 1 year ago

It's not totally clear to me. Could you start a draft PR to see your suggestions? I'm open to solving this problem