fix(core): drop undefined metadata values from permission requests#37679
Open
rvaccone wants to merge 1 commit into
Open
fix(core): drop undefined metadata values from permission requests#37679rvaccone wants to merge 1 commit into
rvaccone wants to merge 1 commit into
Conversation
Contributor
|
Thanks for your contribution! This PR doesn't have a linked issue. All PRs must reference an existing issue. Please:
See CONTRIBUTING.md for details. |
Author
|
The linked issue is #37650, referenced with |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue for this PR
Closes #37650
Type of change
What does this PR do?
Pending
globandgreppermissions store absent optional inputs asundefinedinside permission metadata (for examplemetadata: { path: input.path, limit: input.limit }). The metadata record isSchema.Record(Schema.String, Schema.Unknown)and the wire codec serializesUnknownas a JSON value, sosession.permission.listfails to encode its response withExpected JSON value, got undefined.This strips
undefinedvalues inrequest()inpackages/core/src/permission.ts, the one place every pending request is constructed for bothassertandask. That fixes both tools at once and protects the event publish path as well as the list and get endpoints. I audited everypermission.assertandpermission.askcall site: these two tools are the only ones producingundefinedvalues and all metadata is flat, so a shallow strip is sufficient. A deep JSON round trip was rejected because it would silently normalize values that should fail loudly.How did you verify your code works?
Added one regression test: ask for a permission whose metadata contains
undefinedvalues, then assert the pending request omits those keys. It fails without the fix and passes with it. I also reproduced the reported error (Expected JSON value, got undefined at ["path"]) against the JSON value codec using the old metadata shape and confirmed the stripped shape encodes cleanly. The permission and tool test suites inpackages/core(111 tests) andtsgo --noEmitall pass.Screenshots / recordings
Not a UI change.
Checklist