Analysis of Update Node Leaves

1 Problem statement
2 Proposed Solution

Use Discussion notes to capture meeting items, assign owners, and track actions and decisions.

Date	Item	Owner	Notes	Relevant Links

Date	Item	Owner	Notes	Relevant Links
Aug 9, 2024		@someone	Action

Problem statement

The inconsistency with the Update node leaves API can be boiled down to one major scenario, that is, the API performs partial updates when updating multiple data nodes via a single request.

This problem can then be split into 2 sub-problems, but in short, we will see that when an attempt to update a parent and child node in a single request is made then, either the parent or the child node will be updated but not both.

And once the request is executed, the user is provided with a 200-response code, but when the data is checked after the update operation, it is found that a partial update took place.

The problem here is that the user will have a false sense of security that the API executed their request successfully but in reality, only a partial update of data took place in the backend.

Some key points to consider before understanding the problem’s

The API is limited to updating only one data node at a time, but still the user can send a payload containing multiple updated data nodes.
In order to update a data node, the request accepts the xpath of the parent node. So, if the user wants to update a Node C nested under Nodes A and B, then the xpath in the request will be that of Node B, that is /A/B, because Node B is parent of Node C.

To update Node C the xpath in request will be of parent node B: "/A/B"
Node A
     └── Node B
              └── Node C

Scenario 1: API accepts incorrect payload

In order for an update operation to take place the following 2 key parameters are to be provided by the user as part of the request,

Data Node to be updated as JSON/XML payload
Parent node xpath of the Data Node being updated

Going by this approach, an inconsistency that is discovered is that the user can send modified/updated data of the parent node as part of the payload and even though sending data of parent node in payload is incorrect and a user error, the API would still accept the data and perform the update operation.

But when the data is verified then it is found out that the API performed a partial update while returning a 200-status code to the user. And in this partial update the changes to parent node are ignored and only the child node is updated.

A more detailed explanation with examples is as follows:

1: The following JSON is the data to be updated. Here we want to update the book titled “Matilda” under parent node categories with code “1”.

{
  "code": 1,
  "name": "Children",
  "books": [
    {
      "title": "Matilda",
      "lang": "English",
      "editions": [1988, 2000],
      "price": 20
    }
  ]
}

2: In order to Update any leaf associated to book titled “Matilda” the correct xpath and json payload in the request would be as follows:

parent node xpath: /bookstore/categories[@code=1]

JSON payload:

{
 "title": "Matilda",
 "editions":[1988, 2000, 2024],
 "price": 25
}

3. But if there is a user induced error where the payload contains the parent node data, then the JSON payload would look as follows:

xpath: /bookstore/categories[@code=1]

Incorrect JSON payload:

4. This would result in a partial update of original data as below. Here we can see even though name is updated from Children to Kids. The data when fetched from database after update operationdoes not reflect the change.

Scenario 2: API does not update child nodes

The update node API can only update one data node at a time. Hence if we have 3 nodes such that Node A is the parent node, Node B is child of Node A and Node C is grandchild of Node A.

Then in the following hierarchy if a user wants to update Node B then the correct request would contain the xpath /A with updated data of Node B. But an inconsistency that is found with this scenario is that the payload can contain updated data of Node C as well. The API would accept the payload and perform a successful update operation returning a 200-status code. But when the data in the database is verified after the update operation then it is seen that only the data under Node B is updated, whereas the data of Node C remains unchanged.

A more detailed explanation is as follows:

1. The following JSON is the data to be updated. Here we want to update the category `name` from “`Children`” to “`Kids`”.

2. In order to Update any leaf associated to category with code “1” the correct parent node xpath and json payload in the request would be as follows:

3. But there can be a user induced error where the payload can contain updated/modified data of grandchild nodes under category with code “1”. And the API would still accept the payload and execute the Update operation.

4. This would result in a partial update of original data as below. Here we can see only the name is updated from Children to Kids. Whereas leaves of grandchild, that is book titled `Matilda,` remain unchanged, for example `price` is not updated from `200` to `20`

Proposed Solution

WIP