Quantcast
Channel: Mobile - Couchbase Forums
Viewing all articles
Browse latest Browse all 1117

Creating a user session is not assigning any channel

$
0
0

Hi, I’m creating a multi tenant app using sync gateway. The sync configuration function its like this:

"sync": `
        function sync(doc, oldDoc) {
          if (!doc.tenant_id) {
            throw({ forbidden: "Document missing tenant_id" });
          }
          
          // Channel per tenant
          channel("tenant_" + doc.tenant_id);
          
          // Access control
          requireAccess("role_tenant_" + doc.tenant_id);
        }
      `

I’ve created a role that will work as a tenant:

PUT http://x:4985/my_db/_role/role_tenant_IKkguk

The GET return this:


{
    "name": "role_tenant_UEyFlb",
    "admin_channels": [
        "tenant_UEyFlb"
    ],
    "all_channels": [
        "!",
        "tenant_UEyFlb"
    ]
}

Then I create a user called “test” for that tenant:

POST: http://x:4985/my_db/_user/tenant_IKkguk_test

The GET return this:

{
    "username": "tenant_IKkguk_test",
    "channels": [
        "!",
        "tenant_IKkguk"
    ],
    "admin_roles": [
        "role_tenant_IKkguk"
    ],
    "effective_roles": [
        "role_tenant_IKkguk"
    ]
}

But then when I login with that user:

POST http://x:4984/my_deb/_session

this is the response:

{
  "authentication_handlers": [
    "default",
    "cookie"
  ],
  "ok": true,
  "userCtx": {
    "channels": {
      "!": 1
    },
    "name": "tenant_IKkguk_test"
  }
}

The channels are not assigned to the user. When I use the session cookie with:

“SyncGatewaySession=xxxx; Path=/my_db; Expires=Wed, 28 May 2025 23:33:35 GMT”

to create any document I get the following response:

2025-05-27T23:35:58.064Z [INF] c:#063 db:my_db Sync fn rejected doc "<ud>customer_u0AlDS</ud>" / "<ud></ud>" --> 403 sg missing channel access
2025-05-27T23:35:58.064Z [DBG] c:#063 db:my_db     rejected doc "<ud>customer_u0AlDS</ud>" / "<ud></ud>" : new=<ud>map[_id:customer_u0AlDS _rev:1-baf15d33176831ff7bf72fa2a854723e name:test tenant_id:IKkguk type:customer]</ud>  old=<ud></ud>
2025-05-27T23:35:58.064Z [DBG] CRUD+: c:#063 db:my_db Did not update document "<ud>customer_u0AlDS</ud>" w/ xattr: 403 sg missing channel access
2025-05-27T23:35:58.064Z [INF] HTTP: c:#063 db:my_db #063:     --> 403 sg missing channel access  (2.9 ms)

This is the result I get when doing the GET _session:

{
    "authentication_handlers": [
        "default",
        "cookie"
    ],
    "ok": true,
    "userCtx": {
        "channels": {
            "!": 1
        },
        "name": "tenant_IKkguk_test"
    }
}

I dont understand why the channel is not assigned to the session after I logging. I’ve restarted SyncGateway without any result.

1 post - 1 participant

Read full topic


Viewing all articles
Browse latest Browse all 1117

Trending Articles