this.userId is required when copying boards from an Rest-API call

[Gobliins]

I have expanded the API to copy boards.
For copying i use your code:

const sourceBoard = Boards.findOne(boardId);
let clonedBoardId=null;
if (sourceBoard) {
clonedBoardId = Boards.insert({
title: clonedBoardTitle,
slug: sourceBoard.slug,
archived: sourceBoard.archived,
labels: sourceBoard.labels,
permission: sourceBoard.permission,
color: sourceBoard.color,
description: sourceBoard.description,
});

In the 'copy.boards' method you do a user check:
if (!this.userId) {
throw new Meteor.Error('logged-out');
}

i did not include this check. But still i get an error:
User id is required

I login to the API to get a token and pass the token to each API call (as you described in the API docs)
Is there a way to bypass the required this.userId or to set it from an API call?

I already tried this.userId = req.userIdbut it didn't work.

[xet7]

@Gobliins

Does some of these help? #1296 #1241

[xet7]

Or this 06afa1a

[Gobliins]

It seems like the board itself needs a member (owner). I have added it and bypassed the check if (!this.userId) when doing an API call.

[Gobliins]

Also the lack of this.userId seems not only to be aproblem of the boards API, it is a general problem when doing API calls.
So each time in a before/after (insert, update, remove) hook a userId is required it is sent as undefined.

[xet7]

@Gobliins

Did you login to API before using it ?

[Gobliins]

Sure, or at least i login to get a token and use this token for my API calls
Something like this
curl http://127.0.0.1:24000/users/login -d "username=georg&password=123"

and then:

curl -X POST "http://127.0.0.1/api/boards/uRkK8yenZiDpWtvF5/members" -H "accept: application/json" -H "Authorization: Bearer FL4kG7u-HxYm9wZO7FPd6wlsK00CgJC1lHtDXV_taCj" -d "memberId=sAWoXL4Nhyi3bRxSa"

[Gobliins]

From https://github.com/matb33/meteor-collection-hooks

You can define a defaultUserId in case you want to pass an userId to the hooks but there is no context. For instance if you are executing and API endpoint where the userId is derived from a token. Just assign the userId to CollectionHooks.defaultUserId. It will be overriden by the userId of the context if it exists.

Have you done anything like this? To make the API work flawless?

[xet7]

@huneau @mayjs

You did add REST API at #1037 , is there a bug ?

[mayjs]

There was an issue caused by hooks not getting the correct userId at some point. The first time we noticed it while working on the API was at #1045, which was worked around by @zarnifoulette in #1116.

His workaround was to use direct insertion into the collection, so that the hooks would not be called. The hook actions are then executed manually.
If we created functions for all hooks, we could just use these functions from the REST-endpoints without having them run the hooks.

This solution is not very elegant, but if it is implemented carefully would solve this issue. I think the defaultUserId option might cause race conditions or similar issues, if for example two REST-API calls arrive and the hooks for the first call are executed after the second call was processed.

[Gobliins]

I think the defaultUserId option might cause race conditions or similar issues, if for example two REST-API calls arrive and the hooks for the first call are executed after the second call was processed.

Good hint

And yes the workaround is to avoid the hooks with direct.insert and call the code from the hooks in seperate functions with the userId as param from the request.

[Gobliins]

So i guess we take the workaround by calling direct.insert as a temporary solution and close this issue?

[mayjs]

Yes, I think this is currently the only really working solution.