Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

馃悰 Bug Report: Realtime/Websocket stuck with previous user after new user has logined #24

Closed
2 tasks done
mcchin opened this issue Apr 19, 2022 · 2 comments
Closed
2 tasks done

馃悰 Bug Report: Realtime/Websocket stuck with previous user after new user has logined #24

mcchin opened this issue Apr 19, 2022 · 2 comments
Assignees
@TorstenDittmann
Labels
bug Something isn't working

Comments

@mcchin
Copy link

mcchin commented Apr 19, 2022
edited

馃憻 Reproduction steps

Config/Setup:

  • I am using Appwrite v:0.13.4.304, WebSDK 7.0.0, and node-appwrite 5.0.0
  • Database collection is setup as Document Level permission
  • Documents read permission are assigned appropriately like so, e.g. user:UserID
  • There is a collection with only couple of documents with read access for User A, but NOT User B

To reproduce:

  1. Login as User A , e.g. sdk.account.createSession(User A email, User A password)

  2. At a React page, using WebSDK to subscribe to a channel like so

  useEffect(() => {
    const unsubscribe = sdk.subscribe(`collections.COLLECTION_ID.documents`,
      res => {
        console.log('realtime response', res)
      }
    )

    return () => {
      unsubscribe()
    }
  }, [])

  1. Update any of the documents on the said collection from Appwrite Console, and I can noticed data is received, and channel/subscription callback is executed

  2. User A logout, unsubscribe() is fired, and then User A is logout like so sdk.account.deleteSession('current') / sdk.account.deleteSession(session_id)

  3. At the same browser tab, User B login, e.g. sdk.account.createSession(User B email, User B password), and visit the same page, so step 2 above is executed as well
    NOTE: Don't refresh browser page, if you have refreshed browser page you can't reproduce the issue

  4. Update any of the documents on the said collection from Appwrite Console, and I can noticed data is received, and channel/subscription callback is executed, which is not expected behaviour as only User A has read permission, not User B

馃憤 Expected behavior

I should not receive any channel/subscription callback when I login as User B

馃憥 Actual Behavior

I receive channel/subscription callback when I login as User B, but User B doesn't have any read permission on the subscribed data collection (Where the callback response data is for User A)

馃幉 Appwrite version

Different version (specify in environment)

馃捇 Operating system

Linux

馃П Your Environment

  • Frontend using React 17.x, and WebSDK 7.0.0
  • Backend using Node 14.x and Appwrite Node client 5.0.0

馃憖 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find similar issue

馃彚 Have you read the Code of Conduct?
@mcchin mcchin added the bug Something isn't working label Apr 19, 2022
@lohanidamodar
Copy link
Member

@mcchin Thank you for reporting the issue with such details. We will look into the issue and get back to you.

@mcchin mcchin mentioned this issue Apr 25, 2022
Closed
2 tasks
@TorstenDittmann
Copy link
Contributor

I'll be closing this in favour of #25

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@TorstenDittmann TorstenDittmann

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mcchin @TorstenDittmann @lohanidamodar