Fix context sql #2344
Open
Fix context sql #2344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added a new constant `ORIGINAL_ROLE_CLAIM_TYPE` in `AuthenticationOptions.cs` to store the original roles claim type. Modified `AuthorizationResolver` to preserve the original 'roles' claim by adding it to the `resolvedClaims` dictionary under the new key. Changed `MsSqlQueryExecutor` to set session context parameters with `@read_only = 0` to allow modifications.
This reverts commit 08f741c.
…ilder into fix_context_sql
M4Al
requested review from
Aniruddh25,
seantleonard,
aaronburtle,
abhishekkumams,
RubenCerna2079,
ravishetye,
rohkhann,
neeraj-sharma2592 and
sourabh1007
as code owners
Aniruddh25
reviewed
Aug 30, 2024
Aniruddh25
reviewed
Aug 30, 2024
| // Append statement to set read only param value - can be set only once for a connection. | ||
| string statementToSetReadOnlyParam = "EXEC sp_set_session_context " + $"'{claimType}', " + paramName + ", @read_only = 1;"; | ||
| string statementToSetReadOnlyParam = "EXEC sp_set_session_context " + $"'{claimType}', " + paramName + ", @read_only = 0;"; |
There was a problem hiding this comment.
curious, did you experience - your mutation operations being blocked because of this setting?
There was a problem hiding this comment.
Yes, the SQL Endpoint did reject the second query as described in #2341
Aniruddh25
approved these changes
Aug 30, 2024
|
/azp run |
remove trailing space Co-authored-by: Aniruddh Munde <[email protected]>
…ilder into fix_context_sql
Updated the constant `FIRST_URL` in `RequestParser.cs` within the `Azure.DataApiBuilder.Core.Parsers` namespace to use the value `"$top"` instead of `"$first"`. This change aligns with naming conventions or standards used elsewhere in the codebase or API, ensuring consistency and improving clarity for developers.
Aniruddh25
reviewed
Sep 6, 2024
| @@ -30,7 +30,7 @@ public class RequestParser | |||
| /// <summary> | |||
| /// Prefix used for specifying limit in the query string of the URL. | |||
| /// </summary> | |||
| public const string FIRST_URL = "$first"; | |||
| public const string FIRST_URL = "$top"; | |||
There was a problem hiding this comment.
We will provide a synonym $top soon. Lets not make this change in this PR. Thank you for your patience.
Aniruddh25
requested changes
Sep 6, 2024
| @@ -51,6 +51,13 @@ public static OkObjectResult FormatFindResult( | |||
| ? DetermineExtraFieldsInResponse(findOperationResponse, context.FieldsToBeReturned) | |||
| : DetermineExtraFieldsInResponse(findOperationResponse.EnumerateArray().First(), context.FieldsToBeReturned); | |||
|
|
|||
| //Remove RecordCOunt from extraFieldsInResponse if present | |||
| /* | |||
There was a problem hiding this comment.
If this code is not used, please remove it out completely.
| @@ -20,7 +20,7 @@ | |||
| <PackageVersion Include="Microsoft.AspNetCore.Http" Version="2.2.2" /> | |||
| <PackageVersion Include="Microsoft.Azure.Cosmos" Version="3.38.1" /> | |||
| <!--When updating Microsoft.Data.SqlClient, update license URL in scripts/notice-generation.ps1--> | |||
| <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.2.0" /> | |||
| <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.1.4" /> | |||
There was a problem hiding this comment.
Please retain the updated 5.2.0 version
Aniruddh25
reviewed
Sep 9, 2024
| @@ -1,13 +1,13 @@ | |||
| # Version values referenced from https://hub.docker.com/_/microsoft-dotnet-aspnet | |||
|
|
|||
| FROM mcr.microsoft.com/dotnet/sdk:6.0-cbl-mariner2.0. AS build | |||
| FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build | |||
There was a problem hiding this comment.
we will soon update this to 8.0. Please refrain from doing so right now.
|
@M4Al , let us know if you would be able to address the comments... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Why make this change?
What is this change?
The changes itself are quite simple and should break nothing, see the diff :-)
How was this tested?
I have not created/adapted any tests yet. Just looking for comments before I go there.
Sample Request(s)
Sample of a JWT token (only the relevant part)
X-MS-API-ROLE: user
before my change the extra 'roles' that do not match the X-MS-API-ROLE header would never reach the database context.
With my change you can do things like this in SQL Predicates to filter out only subsets of the data: