I ran the resync operation on our database and it didn’t run the way I would expect it to. I have this code in my sync function for a certain type of document (the user specific channel code is not shown):
if (isTrainer()) {
//if trainer saving doc, make it publicly accessible
channel("all");
break;
} else if (!isAdmin()) {
<assign to user channel only>
}
isTrainer() and isAdmin() are just functions that return true if the requireRole function passes for those roles. When I create or update a new document of this type on its own then the channels are set correctly. If I run resync though the documents are always assigned to the ‘all’ channel. I’m using sync gateway v.1.0.3 enterprise. Is it normal that the resync operation is run as if the user had all roles?
Normally when a user updates a document via the REST API or a replication (port 4984), there is a user context attached to the update and the requireRole/requireUser functions use that context to make sure it matches the required user/role.
When using the _resync operation (on the Admin REST API), the admin user is the context and has all roles so requireRole and requireUser always return true.
One workaround could be to add the role name to the document and the sync function would become something like this:
if (isTrainer() && doc.userRole == "trainer") {
//if trainer saving doc, make it publicly accessible
channel("all");
break;
} else if (!isAdmin() || doc.userRole != "admin") {
<assign to user channel only>
}
line1: && to add an extra check when running resync since isTrainer() will always return true
line4: || to check the userRole property as well since !isAdmin() will always return false with resync
Would that help for your use case?
Thanks for the info, I thought resync was pretty safe to run but it makes sense that it wouldn’t have the user context to run with, so I’ll avoid using it in the future. I can’t rely on putting the user role in the document itself since someone could just hack it and add whatever role they want into the document.