Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
auth.Save() should be CAS safe #3414
From the looks of it,
The implication is that under certain scenarios changes to a user could be accidentally discarded. For example, if multiple SG's were trying to update the same user concurrently.
Noticed during development for #3389
The development for #3389 is adding the ability to inject test behavior into certain operations to simulate CAS failures, which would probably useful for reproducing this issue in a unit test.
Since we don't maintain a revision history on principals, and auth.Save doesn't have any merge behaviour, we'd need to review which auth.Save() usages are making additive changes to principals (and so would have the potential to lose data during concurrent updates). It's possible that we don't need a CAS-safe write in every scenario, and performing a CAS-safe write should be optional in some cases.