Fix auth service fetching wrong projects if externalid and id is the …

…same (#1322)
equinor · Oct 22, 2024 · 331e642 · 331e642
1 parent 8ebebad
commit 331e642
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 5 deletions.
diff --git a/backend/api/Authorization/ApplicationRoleAuthorizationHandler.cs b/backend/api/Authorization/ApplicationRoleAuthorizationHandler.cs
@@ -15,22 +15,22 @@ namespace api.Authorization;
 public class ApplicationRoleAuthorizationHandler : AuthorizationHandler<ApplicationRoleRequirement>
 {
     private readonly IHttpContextAccessor _httpContextAccessor;
-    private readonly IProjectRepository _projectRepository;
+    private readonly IProjectAccessRepository _projectAccessRepository;
     private readonly IMemoryCache _cache;
     private readonly ILogger<ApplicationRoleAuthorizationHandler> _logger;
 
 
 
     public ApplicationRoleAuthorizationHandler(
-        IProjectRepository projectRepository,
+        IProjectAccessRepository projectAccessRepository,
         IHttpContextAccessor httpContextAccessor,
         ILogger<ApplicationRoleAuthorizationHandler> logger,
         IMemoryCache cache
         )
     {
         _httpContextAccessor = httpContextAccessor;
         _logger = logger;
-        _projectRepository = projectRepository;
+        _projectAccessRepository = projectAccessRepository;
         _cache = cache;
     }
     protected override async Task<Task> HandleRequirementAsync(
@@ -137,7 +137,19 @@ private async Task<bool> IsAuthorized(AuthorizationHandlerContext context, Appli
         if (!_cache.TryGetValue(projectIdGuid, out Project? project))
         {
             // Get the project from the database
-            project = await _projectRepository.GetProjectByIdOrExternalId(projectIdGuid);
+            project = await _projectAccessRepository.GetProjectById(projectIdGuid);
+
+            /*
+            Some projects have the external id set as the id.
+            This may cause updates to projects where the external id is the same as the project id
+            to return a revision with the same external id instead.
+            Updates to revsions are not allowed and an error is thrown.
+            Therefore, we split the database call into two separate calls, first looking for the project by project id.
+            */
+            if (project == null)
+            {
+                project = await _projectAccessRepository.GetProjectByExternalId(projectIdGuid);
+            }
 
             // Store the project in the cache
             var cacheEntryOptions = new MemoryCacheEntryOptions()

diff --git a/backend/api/Repositories/IProjectAccessRepository.cs b/backend/api/Repositories/IProjectAccessRepository.cs
@@ -6,5 +6,6 @@ public interface IProjectAccessRepository
     {
         Task<T?> Get<T>(Guid id) where T : class;
         Task<Project?> GetProjectByExternalId(Guid externalId);
+        Task<Project?> GetProjectById(Guid id);
     }
 }
diff --git a/backend/api/Repositories/ProjectAccessRepository.cs b/backend/api/Repositories/ProjectAccessRepository.cs
@@ -23,6 +23,11 @@ DcdDbContext context
 
     public async Task<Project?> GetProjectByExternalId(Guid externalId)
     {
-        return await _context.Projects.FirstOrDefaultAsync(p => p.FusionProjectId == externalId);
+        return await _context.Projects.AsNoTracking().FirstOrDefaultAsync(p => p.FusionProjectId == externalId);
+    }
+
+    public async Task<Project?> GetProjectById(Guid id)
+    {
+        return await _context.Projects.AsNoTracking().FirstOrDefaultAsync(p => p.Id == id);
     }
 }