Sync order, channels and document access

paulr · March 11, 2019, 2:56am

All,
I know that document order during sync is uncertain (that’s been commented on in this forum before). So I am wondering how people get around the following problem.

I have a container document that may be shared by multiple users. I do this by having a channel with the same ID as the container. Users have a list of channels they can access (containers), and whenever the user document is saved, the channels that user can access are updated. Here is the code from the sync function:

// update the user's channels from the list of containers they have access to
if (!isDelete() && doc.type == "User") {
    var container_ids = Object.keys(doc.containers);
    access(doc._id, container_ids);
}

The container/channel ID’s are cryptographically strong, so its hard for someone to guess a channel and give themselves access.

When a user is offline, they may create some containers and some documents that are members of the container (those docs have the same channel id as the container). The user document is updated with this new channel/container.

When the device reconnects to the internet, the various documents are synced (user, container, documents). Problem is that the user wont have access to the container/documents until the user record is saved causing the user’s channels to be updated, and that may be after the container/documents sync. So initially the user fails to sync those documents/containers. And it seems that even if the channels are changed later, the documents that were skipped before never resync, unless they get changed.

One way is to turn off my check for the channel:

if (doc.type == "Container" || doc.type == "Document") {
     requireAccess(doc.channels);
}

I’m guessing that perhaps I don’t need this because the sync engine wont sync docs that dont belong to your allowed channels. However, to stop anyone attempting to insert docs via non-sync means - I thought it was safest.

Perhaps another way could be to force the sync engine to reassess the sync status of all documents? I can’t see a way to do that.

Just wondering if there is a strategy that others use here to manage being offline, and needing to make changes to channels at the same time as their documents?

Many thanks for any ideas you can provide.

hod.greeley · March 12, 2019, 6:22pm

Something doesn’t seem right here. If you’re syncing documents, the endpoint should get anything replicated it has access to, whether changes happened before access was granted or not.

Are you saying a user is not seeing the changes on a different device? If they wrote the docs and synced them, there’s no reason to replicate them back to the originating device.

paulr · March 12, 2019, 8:25pm

Hi @hod.greeley,

Thanks for taking the time to think about this.

I have a set of new data that needs to be synced belonging to a number of new channels. One of those documents is your user record, and that contains the new channels. Until the user record is synced (and the sync function above runs), you dont have access to those new channels, and so my sync function rejects various new data records. Once that data is rejected, it never seems to be synced again, even once you do have access to those channels.

In other words, changing your list of channels does not cause a re-examination of what can be synced at the client.

I’m not sure if I’m explaining this well, but I think I am correct because I have (for the moment) turned off the channel check above (requireAccess), and everything works perfectly. This might have opened up a small security hole.

Ideally what I need is the ability to say to the local sync library - please reexamine these documents for syncing. Alternatively, I can change them slightly as that seems to work.