Merge pull request #6144 from marmelab/fix-multiple-notifications-on-checkError

djhi · web-flow · commit 8cba99413e24 · 2021-04-10T09:01:30.000+02:00
Fix useLogoutIfAccessDenied may notify more than once
diff --git a/examples/simple/src/dataProvider.tsx b/examples/simple/src/dataProvider.tsx
@@ -8,6 +8,12 @@ const dataProvider = fakeRestProvider(data, true);
 const uploadCapableDataProvider = addUploadFeature(dataProvider);
 const sometimesFailsDataProvider = new Proxy(uploadCapableDataProvider, {
     get: (target, name) => (resource, params) => {
+        // set session_ended=true in localStorage to trigger an API auth error
+        if (localStorage.getItem('session_ended')) {
+            const error = new Error('Session ended') as ResponseError;
+            error.status = 403;
+            return Promise.reject(error);
+        }
         // add rejection by type or resource here for tests, e.g.
         // if (name === 'delete' && resource === 'posts') {
         //     return Promise.reject(new Error('deletion error'));
@@ -33,4 +39,8 @@ const delayedDataProvider = new Proxy(sometimesFailsDataProvider, {
         ),
 });
 
+interface ResponseError extends Error {
+    status?: number;
+}
+
 export default cacheDataProviderProxy(delayedDataProvider);
diff --git a/packages/ra-core/src/auth/useLogoutIfAccessDenied.spec.tsx b/packages/ra-core/src/auth/useLogoutIfAccessDenied.spec.tsx
@@ -9,13 +9,27 @@ import useLogout from './useLogout';
 import useNotify from '../sideEffect/useNotify';
 import { AuthProvider } from '../types';
 
-jest.mock('./useLogout');
-jest.mock('../sideEffect/useNotify');
+let loggedIn = true;
 
-const logout = jest.fn();
-useLogout.mockImplementation(() => logout);
-const notify = jest.fn();
-useNotify.mockImplementation(() => notify);
+const authProvider: AuthProvider = {
+    login: () => {
+        loggedIn = true;
+        return Promise.resolve();
+    },
+    logout: jest.fn(() => {
+        loggedIn = false;
+        return Promise.resolve();
+    }),
+    checkAuth: () =>
+        loggedIn ? Promise.resolve() : Promise.reject('bad method'),
+    checkError: params => {
+        if (params instanceof Error && params.message === 'denied') {
+            return Promise.reject(new Error('logout'));
+        }
+        return Promise.resolve();
+    },
+    getPermissions: () => Promise.reject('bad method'),
+};
 
 const TestComponent = ({
     error,
@@ -32,29 +46,24 @@ const TestComponent = ({
     return <div>{loggedOut ? '' : 'logged in'}</div>;
 };
 
-let loggedIn = true;
+jest.mock('./useLogout');
+jest.mock('../sideEffect/useNotify');
 
-const authProvider: AuthProvider = {
-    login: () => Promise.reject('bad method'),
-    logout: () => {
-        loggedIn = false;
-        return Promise.resolve();
-    },
-    checkAuth: () =>
-        loggedIn ? Promise.resolve() : Promise.reject('bad method'),
-    checkError: params => {
-        if (params instanceof Error && params.message === 'denied') {
-            return Promise.reject(new Error('logout'));
-        }
-        return Promise.resolve();
-    },
-    getPermissions: () => Promise.reject('bad method'),
-};
+//@ts-expect-error
+useLogout.mockImplementation(() => {
+    const logout = () => authProvider.logout(null);
+    return logout;
+});
+const notify = jest.fn();
+//@ts-expect-error
+useNotify.mockImplementation(() => notify);
 
 describe('useLogoutIfAccessDenied', () => {
     afterEach(() => {
-        logout.mockClear();
+        //@ts-expect-error
+        authProvider.logout.mockClear();
         notify.mockClear();
+        authProvider.login('');
     });
 
     it('should not logout if passed no error', async () => {
@@ -64,7 +73,7 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(0);
+            expect(authProvider.logout).toHaveBeenCalledTimes(0);
             expect(notify).toHaveBeenCalledTimes(0);
             expect(queryByText('logged in')).not.toBeNull();
         });
@@ -77,7 +86,7 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(0);
+            expect(authProvider.logout).toHaveBeenCalledTimes(0);
             expect(notify).toHaveBeenCalledTimes(0);
             expect(queryByText('logged in')).not.toBeNull();
         });
@@ -90,7 +99,7 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(1);
+            expect(authProvider.logout).toHaveBeenCalledTimes(1);
             expect(notify).toHaveBeenCalledTimes(1);
             expect(queryByText('logged in')).toBeNull();
         });
@@ -104,7 +113,30 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(1);
+            expect(authProvider.logout).toHaveBeenCalledTimes(1);
+            expect(notify).toHaveBeenCalledTimes(1);
+            expect(queryByText('logged in')).toBeNull();
+        });
+    });
+
+    it('should not send multiple notifications if the errors arrive with a delay', async () => {
+        let index = 0;
+        const delayedAuthProvider = {
+            ...authProvider,
+            checkError: () =>
+                new Promise<void>((resolve, reject) => {
+                    setTimeout(() => reject(new Error('foo')), index * 100);
+                    index++; // answers immediately first, then after 100ms the second time
+                }),
+        };
+        const { queryByText } = render(
+            <AuthContext.Provider value={delayedAuthProvider}>
+                <TestComponent />
+                <TestComponent />
+            </AuthContext.Provider>
+        );
+        await waitFor(() => {
+            expect(authProvider.logout).toHaveBeenCalledTimes(2); /// two logouts, but only one notification
             expect(notify).toHaveBeenCalledTimes(1);
             expect(queryByText('logged in')).toBeNull();
         });
@@ -120,7 +152,7 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(1);
+            expect(authProvider.logout).toHaveBeenCalledTimes(1);
             expect(notify).toHaveBeenCalledTimes(0);
             expect(queryByText('logged in')).toBeNull();
         });
@@ -140,7 +172,7 @@ describe('useLogoutIfAccessDenied', () => {
             </AuthContext.Provider>
         );
         await waitFor(() => {
-            expect(logout).toHaveBeenCalledTimes(1);
+            expect(authProvider.logout).toHaveBeenCalledTimes(1);
             expect(notify).toHaveBeenCalledTimes(0);
             expect(queryByText('logged in')).toBeNull();
         });
diff --git a/packages/ra-core/src/auth/useLogoutIfAccessDenied.ts b/packages/ra-core/src/auth/useLogoutIfAccessDenied.ts
@@ -4,7 +4,7 @@ import useAuthProvider from './useAuthProvider';
 import useLogout from './useLogout';
 import { useNotify } from '../sideEffect';
 
-let authCheckPromise;
+let timer;
 
 /**
  * Returns a callback used to call the authProvider.checkError() method
@@ -42,37 +42,44 @@ const useLogoutIfAccessDenied = (): LogoutIfAccessDenied => {
     const logout = useLogout();
     const notify = useNotify();
     const logoutIfAccessDenied = useCallback(
-        (error?: any, disableNotification?: boolean) => {
-            // Sometimes, a component might trigger multiple simultaneous
-            // dataProvider calls which all fail and call this function.
-            // To avoid having multiple notifications, we first verify if
-            // a checkError promise is already ongoing
-            if (!authCheckPromise) {
-                authCheckPromise = authProvider
-                    .checkError(error)
-                    .then(() => false)
-                    .catch(async e => {
-                        const redirectTo =
-                            e && e.redirectTo
-                                ? e.redirectTo
-                                : error && error.redirectTo
-                                ? error.redirectTo
-                                : undefined;
-                        logout({}, redirectTo);
-                        const shouldSkipNotify =
-                            disableNotification ||
-                            (e && e.message === false) ||
-                            (error && error.message === false);
-                        !shouldSkipNotify &&
-                            notify('ra.notification.logged_out', 'warning');
+        (error?: any, disableNotification?: boolean) =>
+            authProvider
+                .checkError(error)
+                .then(() => false)
+                .catch(async e => {
+                    //manual debounce
+                    if (timer) {
+                        // side effects already triggered in this tick, exit
                         return true;
-                    })
-                    .finally(() => {
-                        authCheckPromise = undefined;
-                    });
-            }
-            return authCheckPromise;
-        },
+                    }
+                    timer = setTimeout(() => {
+                        timer = undefined;
+                    }, 0);
+
+                    const shouldNotify = !(
+                        disableNotification ||
+                        (e && e.message === false) ||
+                        (error && error.message === false)
+                    );
+                    if (shouldNotify) {
+                        // notify only if not yet logged out
+                        authProvider
+                            .checkAuth({})
+                            .then(() => {
+                                notify('ra.notification.logged_out', 'warning');
+                            })
+                            .catch(() => {});
+                    }
+                    const redirectTo =
+                        e && e.redirectTo
+                            ? e.redirectTo
+                            : error && error.redirectTo
+                            ? error.redirectTo
+                            : undefined;
+                    logout({}, redirectTo);
+
+                    return true;
+                }),
         [authProvider, logout, notify]
     );
     return authProvider
