New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix type errors in lib/auth.ts
when using a non-RBAC dbAuth
setup
#5856
Fix type errors in lib/auth.ts
when using a non-RBAC dbAuth
setup
#5856
Conversation
✅ Deploy Preview for redwoodjs-docs canceled.
|
lib/auth.ts
when using a non-RBAC setup
lib/auth.ts
when using a non-RBAC setuplib/auth.ts
when using a non-RBAC dbAuth
setup
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @Philzen again! I need to dig into this a little more, but from an initial glance, this looks like it will overwrite the "roles" type if you return it from your current user function.
So for example if you do this:
export const getCurrentUser = async (session) => {
return await db.user.findUnique({
where: { id: session.id },
select: { id: true, email: true, roles: true },
})
}
roles
will remain as "any"
I stand by my opinion on this:
❌ Making things green when they're not actually true
✅ Point out pieces of the code that you still need to fix/change after a generate, forcing you to look into the generated code.
Remember generators are not library code. They're boiler plate code we give you - but you own this code, not the framework.
The reason we don't want to include roles by default is:
a) Not everyone wants RBAC out of the box, and they may have a different way of implementing all together
b) Using a string[] is preferable for roles, but isn't supported by sqlite
On another note, #5491 should handle some of the non-strict errors here! |
@dac09 You're right... fixed it: 5e9b442
I'll see if i can also add some JSDOC hinting users that this will always be undefined unless they add it to the
BTW – when looking at |
Super cool 😍! Yes I'm also looking at the |
455822a
to
27182fb
Compare
27182fb now adds clear advice whenever accessing I'd be tempted to say this is an overall improvement... dbAuth on rails 😉 BTW as a non-native english speaker i'm not sure if everybody's happy with the exact working, hence i'm completely agnostic to any changes regarding that. Maybe @cannikin or others can to throw in some of the redwood-style gleeful cheekyness? 🧐 |
Nice! Though my gut feeling is that may require a larger type refactoring, but by any means i am happy if that happens 🚀
From my part i'd be really happy for the PR to go in as it is. I can offer to start an RFC where you could then tackle the overall type-harmonization. |
This will be much appreciated @Philzen - appreciate you taking such an interest in the "fun" parts of typescript in Redwood! |
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
packages/internal/src/generate/templates/all-currentUser.d.ts.template
Outdated
Show resolved
Hide resolved
838d740
to
7ca483d
Compare
Off-Topic but a real thing. I wish everybody on github would just stop doing that in feature branches. Rebasing is just so much cleaner – that's one thing where Gitlab still has an advantage, b/c they allow to rebase on main at the click of a button. Wish @github did that someday to show people that rebasing is no rocket science but actually the better practice to pull updates into your branch. Luckily, the update merge practice has no impact on the RedwoodJS repo commit history b/c all PR's are squashed anyway currently, so at least there's no drawback here – other than it's ugly to work with my feature branch on the CLI b/c i'm used to always see the commit's that i'm working on top, so i can easily identify them and craft I've rebased now, check out the history.
Oh i just discovered this: Guess i'll have to take back part of my rant 😇 – now @github should only made that the default selection in order to make the world a little bit better. 🌻 Until that happens, everybody, pleeeeease use it 🧐 |
5e31964
to
b4f5e23
Compare
In general I'm a huge rebase proponent. But, as you noted:
And because of that I think merging is the better choice. The reason being that it has a much greater probability of succeeding. When merging there's only one commit you need to care about, so only one commit that can have merge conflicts. When rebasing every single commit in the feature branch is a potential commit with a merge conflict. Now, if this was a closed-source project with a controlled set of contributors I'd advocate for not doing a squash-and-merge of feature branches, but rather just rebase them on top of the main branch. But that requires every contributor to manually clean up the commit history of their feature branches before they go in on main. For a company project that's just a matter of educating all employees. But since this is an open source project and we want to make it as easy as possible for people to contribute, even those who might not be as well versed with git, I think squash-and-merge is the better choice. I hope I don't come off as too condescending here. I know you wouldn't have an issue with keeping a tidy feature branch Philzen 🌷 |
7dd9a26
to
f44c619
Compare
... and guidance on how to change that.
f44c619
to
fb9109c
Compare
…#5856) Co-authored-by: Daniel Choudhury <dannychoudhury@gmail.com>
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
This was fixed via redwoodjs#5856 and shipped as part of Redwood 2.1
Closes #5038
No breaking change, no codemods or other updates needed to existing projects.
This fixes a typescript error that has been bugging me for some time. Whenever generating the
dbAuth
setup, but not implementing any role-based access control (RBAC), vscode goes full on red onauth.ts
:I know one may debate whether this is actually a problem or not (imho generated code should always pass 100 % of all rules in order maximize trust in the framework, i know e.g. @dac09 has a different stance on this), but this one is that severe that it comes up when running
yarn rw type-check
Don't know if this is the perfect solution and am open to better ones. But i feel it's just good enough, in my test the
rules
-type got properly overwritten (becoming mandatory) as soon as one changesgetCurrentUser
to also return it.