In entity-database-adapter-knex, an error with code 23505 means a unique constraint was violated in postgres. It may be worth looking into translating this type of error into an EntityError subclass. Or maybe not.

To guarantee cache consistency (and dataloader consistency) across a set of machines or even across requests and keep the read-through caching strategy that we employ, we'll need to implement some sort of distributed reader-writer lock for entities by type and ID.

Another interesting way to mitigate this temporarily but not theoretically fix it is to defer all cache invalidation to the end of the write transaction so that it becomes less likely to have a read-through cache inconsistency (though not impossible still obviously).

This is a fairly broad task covering:

• Add ability to express relationships (associations, foreign keys, etc) in EntityFieldDefinition
• Add ability to query relationships easily. Put another way, add a way to nicely query the associationLoader for the relationships defined in EntityFieldDefinition.
• Add support for cascading deletes to the relationship definition, and update the delete mutator to start a transaction, topologically sort the relationship graph to delete and everything that depends on an entity, and delete from the leaves to the root in the transaction.

Currently this simulates ID creation by generating a UUID for the entity id field. Instead, we should check the type of field and appropriately generate either a random number, string, boolean(?), etc.

Thanks @quinlanj for the report!

The shared table example isn't possible to issue a loadMany on since if one is the wrong type the whole thing will fail. We should probably have a specific error type for constructor errors and send those in the result rather than throw them.

Context: https://github.com/expo/universe/pull/7641/files/90dc1071ada997f57c0b8d33b7b0e7d7e5fe2b15#r641291143

Looking at this PR, I wonder if EntitySecondaryCacheLoader should allow this method to return "sparse" maps that are missing some of the provided keys. A missing key would mean the object was missing from the database and be treated the same way as null or undefined. This way, implementers of fetchObjectsFromDatabaseAsync wouldn't need to pad maps with null entries like this.
EntitySecondaryCacheLoader would then fill in null for all of the missing keys so that the caller of the loader still gets a map with every single key in it, potentially with null values.

One common use case we're noticing is wanting to check if an ID exists. Currently the best way to accomplish that is by doing something like:

await TestEntity.load(vc).loadByFieldEqualing('id', id)

We should simplify this to something like:

await TestEntity.load(vc).loadByIDNullable(id);

or maybe even make loadByID nullable by default and add a enforceLoadByID or something.

There are instances where renaming or gracefully deleting a column in a database is useful. The entity framework should support something like "aliasing" where if it receives a column in either the old name or the new name it puts the data in the field.

Noticed this was missing in generated TS defs, which means it's missing in the code itself. Shouldn't be hard to add, can just copy the comment from another place that has it.

conventional-changelog/conventional-changelog#648

Angular parser is the correct one I think https://github.com/conventional-changelog/conventional-changelog/tree/0d7385543cbf14394206c2f739a82d1ccf118586/packages/conventional-changelog-angular

As described in https://www.conventionalcommits.org/en/v1.0.0/.

This is making the changelog incorrect for our project since I've been following that spec.

This is because field renames should be a safe, code-only change and not need a cache key bump.

Since all the docblocks in the code are JSDoc formatted, we can autogenerate a documentation site.

While deletes happen by entity ID, there's no way to guarantee at the framework level that the field specified in the entity definition is unique or an ID.

One way we could do this is by ensuring that updates and deletes only affect a single row in the database adapter, and throwing otherwise.

Documenting this for posterity, but after investigating it looks like we probably won't want to use it for general-purpose mutations in entity.

Background

Let's say we have an entity with one integer field, backed by a postgres DB with a unique constraint on the column. Batch inserting is something that isn't very well supported by entity as it would need to run N inserts to insert N items into the same table.

The following efficient query would be far less efficient expressed in entity code:

INSERT INTO blah_table (num) VALUES (1), (2), (3), (4) RETURNING *;

Entity equivalent:

const numsToInsert = [1..4];
const results = await Promise.all(numsToInsert.map(n => TEntity.creator(vc).setField('num', n).enforceCreateAsync()));

which translates to (in parallel):

INSERT INTO blah_table (num) VALUES (1) RETURNING *;
INSERT INTO blah_table (num) VALUES (2) RETURNING *;
INSERT INTO blah_table (num) VALUES (3) RETURNING *;
INSERT INTO blah_table (num) VALUES (4) RETURNING *;

Hypothesis

We can use https://www.npmjs.com/package/@expo/batcher to coalesce inserts into the DB. That way, the example above could translate into the first query automatically if all the entity writes are executed in a short enough period of time for batcher's batch.

Conclusion

Batcher's error handling doesn't quite work for our case. Let's say a row existed in the able with num = 3 and we tried to insert a batch: INSERT INTO blah_table (num) VALUES (1), (2), (3), (4) RETURNING *;. This whole query would fail, so all the batch items would fail. This could cause some unintended consequences in entity if we're inserting multiple entities of the same type from very code locations at the same time (same batch). It would mean that there could be a side-effect where a failure to insert one entity in codepath A could cause a failure to insert an entity for codepath B even if A and B are supposed to be independent.

Add inline docblocks to entityUtils. One of the few places where documentation is missing.

https://github.com/expo/universe/pull/10903#pullrequestreview-1192479168

Entity fields should do basic validation.

• UUIDField should validate that it's a UUID
• Primitive fields should validate their types
• EnumField should validate value being a member of a specified enum
• Custom validation functions should be possible as well.

https://github.com/expo/universe/pull/10823/files#r1020707597

Once repo is made public, add codecov. This is so that we don't need private repo token.

So that this method can be run transactionally.

Should only be able to load by fields in field selection

https://www.conventionalcommits.org/en/v1.0.0/

Then, in lerna use them to automatically generate CHANGELOGs and version bump.

There will probably be times that a manual update or delete raw SQL query is needed, and the entity framework should provide a mechanism to invalidate something manually that is now known to be invalid.

Entity works on full rows of data (the projection of all queries is *). This is because the privacy logic of a privacy policy is allowed to use the entire entity rather than just a subset of fields, which makes for a very expressive potential of authorization logic.

Joins are extremely powerful in the sense that they allow combining two or more tables in order to create a third intermediate/temporary "table". The issue is that in the general case, this third table isn't possible to express using an entity (since it's dynamic) and therefore creates an issue with how to authorize access to a row of that "table".

So, the tradeoff that entity makes is to not allow joins and to require doing them in the application in exchange for authorization correctness. While this does incur potentially higher memory and an extra round trip to the DB, the tradeoff is most often worth it since we can now guarantee that all data access is authorized and the authorization is sound.

Now, there is a very narrow join case that could work with entities, and that's the case of doing a fan-out load with the projection limited to the * of the resulting object. For example:

select b.*
from apps ap
join builds b on b.app_id = ap.id
where ap.account_id = 'aaa-bbb-ccc-123'

This seems like an interesting case to investigate since it is theoretically possible to authorize the returned objects since they have entity type "build". The association loader could make use of it as well. Association loader is currently just a set of convenience methods that load the chain of entities specified and currently only supports 1:1 foreign keys but it's definitely possible to extend it to 1:n for fan-outs. We could also potentially change it to construct these join queries, but we'd have to be fairly careful to ensure that it's built in a way that is general enough that both RDBMS and nosql could theoretically implement the "join" logic since entity is built to be database-independent.

This is useful for situations where putting a sequence of mutations in a transaction isn't possible, and thus a reasonable effort must be made ahead of time of the mutations to guess as to whether they would fail.

For example:

runInTransaction(() => {
  const someThirdPartyServiceID = await StripedZebra.makePaymentAsync(info);
  await PurchaseEntity.creator(viewerContext).setField('zebra_id', someThirdPartyServiceID).createAsync(); // this could fail due to privacy policy
});

In this case, there's no way to undo the third party API call when the entity creation privacy policy fails.

Something like the following seems to work. Would be useful to clean up and formalize into a sensible API.

static async canViewerUpdate<
    TMFields,
    TMID,
    TMViewerContext extends ViewerContext,
    TMEntity extends Entity<TMFields, TMID, TMViewerContext>,
    TMPrivacyPolicy extends EntityPrivacyPolicy<TMFields, TMID, TMViewerContext, TMEntity>
  >(
    this: IEntityClass<TMFields, TMID, TMViewerContext, TMEntity, TMPrivacyPolicy>,
    existingEntity: TMEntity,
    queryContext: EntityQueryContext = existingEntity
      .getViewerContext()
      .getViewerScopedEntityCompanionForClass(this)
      .getQueryContextProvider()
      .getRegularEntityQueryContext()
  ): Promise<boolean> {
    const privacyPolicy = new (this.getCompanionDefinition().privacyPolicyClass)();
    const evaluationResult = await asyncResult(
      privacyPolicy.authorizeUpdateAsync(
        existingEntity.getViewerContext(),
        queryContext,
        existingEntity
      )
    );
    return evaluationResult.ok;
  }

While debugging, it would be useful to be able to get information about entity loads/mutations/etc to see things like:

• If it hit the DB, what was the query run
• If it hit or wrote to the cache, what were the cache keys used
• If it only went to the dataloader, indicate as such
• etc...

An API for this could look something like:

const [queryContextAuditResult, entityResultFromInnerBlock] = await withIsolatedQueryContext(async (queryContext) => {
  return await BlahEntity.loader(viewerContext, queryContext).load(...);
});
console.log(queryContextAuditResult);

Currently, only unit tests are run. Integration tests run on a docker compose setup.

Mistakenly forgot to rename this when renaming the file and the class.