Versions Compared

Version Old Version 1 New Version Current
Changes made by

Arpit Singh

Arpit Singh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Date

Item

Owner

Notes

Relevant Links

@someone

  •  Action

    Problem statement

    The inconsistency inconsistencies with the Update node leaves API can be boiled down to summarized as one major scenario, that is, the API performs partial updates update when updating multiple data nodes via a single request.

    This problem can then be split into 2 sub-problems, but in short, we will see that when an attempt is made to update a parent and child node in through a single request is made then, either the parent or the child node will be updated but not both.

    And once Once the request is executed, the user is provided with a 200-response code, but when the data is checked after the update operation, it is found that a partial update took takes place.

    The problem here is that the user will have a false sense of security that the API executed their request successfully but in reality, only a partial update of data took place in the backend.

    ...

    • The API is limited to updating only one data node at a time, but still the user can send a payload containing multiple updated data nodes.

    • In order to update a data node, the request accepts the xpath of the parent node. So, if the user wants to update a Node C nested under Nodes A and B, then the xpath in the request will be that of Node B, that is /A/B, because Node B is parent of Node C.

    Expand
    titleSimple diagram explaining the example above.
    Code Block
    To update Node C the xpath in request will be of parent node B: "/A/B"
Node A
     └── Node B
              └── Node C

    ...

    Going by this approach, an inconsistency that is was discovered is that the user can send modified/ updated data of the parent node as part of the payload and even though sending data of parent node in payload is incorrect and a user error, the API would still accept the data and perform the a partial update operation.

    But So, when the data is verified then it is found out that the API performed a partial update while returning a 200-status code to the user. And in this partial update the changes to parent node are ignored and only the child node is updated.

    ...

    Expand
    titlexpath with incorrect JSON payload

    xpath: /bookstore/categories[@code=1]

    Incorrect JSON payload:

    Code Block
    languagenone
    {
  "code": 1,                      //parent node data should not be in the payload
  "name": "Kids",                      
  "books": [
    {
      "title": "Matilda",
      "editions": [1988, 2000, 2024],
      "price": 25
    }
  ]
}

    ...

    Expand
    titleData fetched from DB after partial update
    Code Block
    {
    "code": "1",
    "name": "Children",                        //not updated
    "books": [
      {
	 	"title": "Matilda",
        "lang": "English",
        "editions": [1988, 2000, 2024],       //updated
		"price": 25							  //updated
       }
    ]
  }

    Proposed Solution for Scenario 1:

    • The proposed solution is to drop the support for using parent node xpath in the request and instead the exact xpath of the data node being updated should be provided in the request.

      • throw an exception when the parent node is provided in the payload

    • Apart from this based on the RESTful rules, an additional check should be put in place to first fetch the existing data from the database and verify that it exists and is valid before performing the PATCH operation.

    Scenario 2: API does not update child nodes

    ...

    Then in the following hierarchy if a user wants to update Node B then the correct request would contain the xpath /A with updated data of Node B. But an inconsistency that is was found with in this scenario is that the payload can contain updated data of Node C as well. The API would accept the payload and perform a successful update operation returning a 200-status code. But when the data in the database is verified after the update operation then it is seen that only the data under Node B is updated, whereas the data of Node C remains unchanged.

    ...

    A more detailed explanation is as follows:

    1. The following JSON is

    ...

    to be updated. Here we want to update the category name from “Children” to “Kids”.
    Expand
    titleOriginal Data
    Code Block
    languagejson
    {
  "categories": {
    "code": "1",
    "name": "Children",
    "books": [
      {
	 	"title": "Matilda",
        "lang": "English",
        "price": 200,
        "editions": [1988,2000]
      }
    ]
  }
}

    ...

    Expand
    titleData fetched from DB after partial update
    Code Block
    {
  "categories": {
    "code": "1",
    "name": "Kids",                 //updated
    "books": [
      {
        "title": "Matilda", 
     	"lang": "English",
        "price": 200,              //not updated
		"editions": [1988,2000]    //not updated    
		}
    ]
  }
}

    Proposed Solution for Scenario 2

    • Solution 1: Limit the update operation to one Data Node at a time

      • throw an exception if more than one data nodes are present in the payload

    • Solution 2: Add support to update multiple data nodes

    Proposed/Accepted Solution

    Info

    WIP