search

zenstackhq / zenstack

Fullstack TypeScript toolkit that enhances Prisma ORM with flexible Authorization layer for RBAC/ABAC/PBAC/ReBAC, offering auto-generated type-safe APIs and frontend hooks.
https://zenstack.dev
MIT License
2.07k stars 88 forks source link

Error - Maximum call stack size exceeded #1451

Closed baenio closed 4 months ago

baenio commented 5 months ago

Description and expected behavior After trying to upgrade ZenStack to v2, I discovered a bug when trying to call /api/model/membership/findMany (see error message). Every other table was working fine, expect Membership.

After some digging I found out, that it was a field level access policy causing the issue: @deny("read, update", space.memberships?[auth() == user && !(role in [owner, admin, roleManager])]) After removing the read part, it was working just fine.

This policy was working just fine in v1 of ZenStack, but I tried every v2 release and in every version the error occured.

Error

Error calling enhanced Prisma method `membership.findMany`: Maximum call stack size exceeded
    at RequestHandler.<anonymous> (/<project-path>/node_modules/@zenstackhq/server/api/rpc/index.js:136:57),
    at Generator.next (<anonymous>),
    at fulfilled (/<project-path>/node_modules/@zenstackhq/server/api/rpc/index.js:5:58)

Environment:

Additional context

import "./enum"
import "./user"
import "./space"

model Membership {
  userId            String
  user              User       @relation(fields: [userId], references: [id], onDelete: Cascade)
  spaceId           String
  space             Space      @relation(fields: [spaceId], references: [id], onDelete: Cascade)

  role              MemberRole @deny("update", auth() == user)
  employeeReference String?    @deny("read, update", space.memberships?[auth() == user && !(role in [owner, admin])])

  createdAt         DateTime   @default(now())
  updatedAt         DateTime   @updatedAt

  @@id([userId, spaceId])
}
iamfj commented 5 months ago

@baenie our environment is

Environment:

ZenStack version: 2.1.0 Prisma version: 5.13.0 Database type: Postgresql

baenio commented 5 months ago

Prisma version: 5.13.0 Database type: Postgresql

But I tested all releases. The bug was introduced in v2.0.0.

ymc9 commented 5 months ago

Thanks for reporting this, guys. I'll try to reproduce and hopefully make a fix soon!

ymc9 commented 4 months ago

Hi @iamfj @baenie , could you try if the new 2.1.1 release fixed the issue?

baenio commented 4 months ago

Hi @iamfj @baenie , could you try if the new 2.1.1 release fixed the issue?

It seams to work now! Thank you for your fast response! ❤️

iamfj commented 4 months ago

Thanks! 🚀