Method DELETE doesn't consider item_sensitive access strategies

[arkadiusz-wieczorek]

When calling method DELETE on ResourceType with defined access strategy item_sensitive: true, This method doesn't use item_sensitive .

[arkadiusz-wieczorek]

Is issue resolved?

[arkadiusz-wieczorek]

Tests in https://github.com/Sealious/Sealious/issues/175

[arkadiusz-wieczorek]

It is up to date?

[kuba-orlik]

I've just tested it and the issue is still there. checker_function of an item-sensitive access_strategy is provided just with context, not with the item body

[arkadiusz-wieczorek]

Access strategy just_owner doesn't work with DELETE, i've tested this:

12:59:00.348 - error:   DELETE /api/v1/places/d45hu81v8e
            from: 127.0.0.1, mime: application/json
            result: 
12:59:00.348 - error:  TypeError: Cannot read property 'created_context' of undefined
    at Sealious.ChipTypes.AccessStrategy.checker_function (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/base-chips/access_strategy.just_owner.js:7:38)
    at check (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/chip-types/access-strategy.js:52:32)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/core-services/resource-manager.js:79:27
    at tryCatcher (/home/arkadiusz/Projects/Placetag/node_modules/sealious/node_modules/bluebird/js/main/util.js:26:23)
    at new Promise.attempt.Promise.try (/home/arkadiusz/Projects/Placetag/node_modules/sealious/node_modules/bluebird/js/main/method.js:31:24)
    at delete (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/core-services/resource-manager.js:76:10)
    at www_server.route.handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-channel-rest/define/channel.rest.js:78:52)
    at new_handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/define/channel.www_server.js:151:13)
    at Object.internals.handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:93:36)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:28:23
    at internals.Protect.run (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/protect.js:56:5)
    at exports.execute (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:22:22)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/request.js:370:13
    at iterate (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/items/lib/index.js:35:13)
    at done (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/items/lib/index.js:27:25)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/hoek/lib/index.js:841:22
    at doNTCallback0 (node.js:407:9)
    at process._tickDomainCallback (node.js:377:13)
TypeError: Cannot read property 'created_context' of undefined
    at Sealious.ChipTypes.AccessStrategy.checker_function (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/base-chips/access_strategy.just_owner.js:7:38)
    at check (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/chip-types/access-strategy.js:52:32)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/core-services/resource-manager.js:79:27
    at tryCatcher (/home/arkadiusz/Projects/Placetag/node_modules/sealious/node_modules/bluebird/js/main/util.js:26:23)
    at new Promise.attempt.Promise.try (/home/arkadiusz/Projects/Placetag/node_modules/sealious/node_modules/bluebird/js/main/method.js:31:24)
    at delete (/home/arkadiusz/Projects/Placetag/node_modules/sealious/lib/core-services/resource-manager.js:76:10)
    at www_server.route.handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-channel-rest/define/channel.rest.js:78:52)
    at new_handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/define/channel.www_server.js:151:13)
    at Object.internals.handler (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:93:36)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:28:23
    at internals.Protect.run (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/protect.js:56:5)
    at exports.execute (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/handler.js:22:22)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/lib/request.js:370:13
    at iterate (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/items/lib/index.js:35:13)
    at done (/home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/items/lib/index.js:27:25)
    at /home/arkadiusz/Projects/Placetag/node_modules/sealious-www-server/node_modules/hapi/node_modules/hoek/lib/index.js:841:22
    at doNTCallback0 (node.js:407:9)
    at process._tickDomainCallback (node.js:377:13)

Tell me is item_sensitive is connected with this problem?

[kuba-orlik]

Nope, it's an issue with ResourceManager. Fixing it asap

[kuba-orlik]

Ok, I've reproduced this in tests and fixed it. Changes should be live in 0.6.20. Let me know if everything's OK now and close this issue if so

[arkadiusz-wieczorek]

Ok, already I'm checking.

[arkadiusz-wieczorek]

Ok, it works! But you left console logs in code:

item: { id: 'q8uxngq9di',
  type: 'person',
  body: { name: 'test', age: 21 },
  created_context: 
   { timestamp: 1451402529950,
     ip: '127.0.0.1',
     user_id: '41bw8lvmip' },
  last_modified_context: undefined }
16:22:50.886 - info:    GET /api/v1/person
            from: 127.0.0.1, mime: null
            result: success!
item: { id: 'q8uxngq9di',
  type: 'person',
  body: { name: 'test', age: 21 },
  created_context: 
   { timestamp: 1451402529950,
     ip: '127.0.0.1',
     user_id: '41bw8lvmip' },
  last_modified_context: undefined }
16:22:53.948 - error:   GET /api/v1/person/q8uxngq9di
            from: 127.0.0.1, mime: null
            result: failed - Only the owner of this resource can perform this operation on this item.
Error: Only the owner of this resource can perform this operation on this item.
    at new SealiousErrors.Error (/home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/response/error.js:6:12)
    at new SealiousErrors.BadContext (/home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/response/error.js:94:12)
    at /home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/chip-types/access-strategy.js:57:27
    at bound (domain.js:250:14)
    at runBound (domain.js:263:12)
    at tryCatcher (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/util.js:26:23)
    at Promise._settlePromiseFromHandler (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:503:31)
    at Promise._settlePromiseAt (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:577:18)
    at Promise._settlePromises (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:693:14)
    at Async._drainQueue (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:123:16)
    at Async._drainQueues (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:133:10)
    at Immediate.Async.drainQueues [as _onImmediate] (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:15:14)
    at processImmediate [as _immediateCallback] (timers.js:371:17)
item: { id: 'q8uxngq9di',
  type: 'person',
  body: { name: 'test', age: 21 },
  created_context: 
   { timestamp: 1451402529950,
     ip: '127.0.0.1',
     user_id: '41bw8lvmip' },
  last_modified_context: undefined }
16:22:59.176 - error:   DELETE /api/v1/person/q8uxngq9di
            from: 127.0.0.1, mime: multipart/form-data
            result: failed - Only the owner of this resource can perform this operation on this item.
Error: Only the owner of this resource can perform this operation on this item.
    at new SealiousErrors.Error (/home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/response/error.js:6:12)
    at new SealiousErrors.BadContext (/home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/response/error.js:94:12)
    at /home/arkadiusz/Projects/hello-world/node_modules/sealious/lib/chip-types/access-strategy.js:57:27
    at bound (domain.js:250:14)
    at runBound (domain.js:263:12)
    at tryCatcher (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/util.js:26:23)
    at Promise._settlePromiseFromHandler (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:503:31)
    at Promise._settlePromiseAt (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:577:18)
    at Promise._settlePromises (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/promise.js:693:14)
    at Async._drainQueue (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:123:16)
    at Async._drainQueues (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:133:10)
    at Immediate.Async.drainQueues [as _onImmediate] (/home/arkadiusz/Projects/hello-world/node_modules/sealious/node_modules/bluebird/js/main/async.js:15:14)
    at processImmediate [as _immediateCallback] (timers.js:371:17)

[kuba-orlik]

Woah, I was in such a hurry that I forgot my manners. Fixing asap :)

[kuba-orlik]

Ok, console output cleaned. Changes are live on 0.6.21. Please reopen this issue if you find any further issues with this :)

[arkadiusz-wieczorek]

Ok, no problem. Thanks for feedback! :)