diff --git a/src/Database/Database.php b/src/Database/Database.php index 29d92228c..445afaa5c 100644 --- a/src/Database/Database.php +++ b/src/Database/Database.php @@ -4052,6 +4052,15 @@ public function updateDocuments(string $collection, Document $updates, array $qu throw new DatabaseException('Collection not found'); } + $documentSecurity = $collection->getAttribute('documentSecurity', false); + + $authorization = new Authorization(self::PERMISSION_UPDATE); + $skipAuth = $authorization->isValid($collection->getUpdate()); + + if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) { + throw new AuthorizationException($authorization->getDescription()); + } + $attributes = $collection->getAttribute('attributes', []); $indexes = $collection->getAttribute('indexes', []); @@ -4098,18 +4107,8 @@ public function updateDocuments(string $collection, Document $updates, array $qu throw new StructureException($validator->getDescription()); } - $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $updates, $limit, $cursor) { + $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $updates, $limit, $cursor, $authorization, $skipAuth) { $documents = []; - - $documentSecurity = $collection->getAttribute('documentSecurity', false); - - $authorization = new Authorization(self::PERMISSION_UPDATE); - $skipAuth = $authorization->isValid($collection->getUpdate()); - - if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) { - throw new AuthorizationException($authorization->getDescription()); - } - $originalLimit = $limit; $lastDocument = $cursor; @@ -4121,15 +4120,19 @@ public function updateDocuments(string $collection, Document $updates, array $qu $limit -= $batchSize; } - $affectedDocuments = $this->silent(fn () => $this->find($collection->getId(), array_merge( - $queries, - empty($lastDocument) ? [ - Query::limit($batchSize), - ] : [ - Query::limit($batchSize), - Query::cursorAfter($lastDocument), - ] - ), forPermission: Database::PERMISSION_UPDATE)); + $new = [ + Query::limit($batchSize) + ]; + + if (! empty($lastDocument)) { + $new[] = Query::cursorAfter($lastDocument); + } + + $affectedDocuments = $this->silent(fn () => $this->find( + $collection->getId(), + array_merge($new, $queries), + forPermission: Database::PERMISSION_UPDATE + )); if (empty($affectedDocuments)) { break; @@ -5359,6 +5362,14 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba throw new DatabaseException('Collection not found'); } + $documentSecurity = $collection->getAttribute('documentSecurity', false); + $authorization = new Authorization(self::PERMISSION_DELETE); + $skipAuth = $authorization->isValid($collection->getDelete()); + + if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) { + throw new AuthorizationException($authorization->getDescription()); + } + $attributes = $collection->getAttribute('attributes', []); $indexes = $collection->getAttribute('indexes', []); @@ -5384,16 +5395,8 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba throw new DatabaseException("Cursor document must be from the same Collection."); } - $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $limit, $cursor) { - $documentSecurity = $collection->getAttribute('documentSecurity', false); - $authorization = new Authorization(self::PERMISSION_DELETE); - $skipAuth = $authorization->isValid($collection->getDelete()); + $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $limit, $cursor, $skipAuth, $authorization) { $documents = []; - - if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) { - throw new AuthorizationException($authorization->getDescription()); - } - $originalLimit = $limit; $lastDocument = $cursor; @@ -5404,15 +5407,19 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba $limit -= $batchSize; } - $affectedDocuments = $this->silent(fn () => $this->find($collection->getId(), array_merge( - $queries, - empty($lastDocument) ? [ - Query::limit($batchSize), - ] : [ - Query::limit($batchSize), - Query::cursorAfter($lastDocument), - ] - ), forPermission: Database::PERMISSION_DELETE)); + $new = [ + Query::limit($batchSize) + ]; + + if (! empty($lastDocument)) { + $new[] = Query::cursorAfter($lastDocument); + } + + $affectedDocuments = $this->silent(fn () => $this->find( + $collection->getId(), + array_merge($new, $queries), + forPermission: Database::PERMISSION_DELETE + )); if (empty($affectedDocuments)) { break; @@ -5454,10 +5461,12 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba } foreach (\array_chunk($documents, $batchSize) as $chunk) { - $this->adapter->deleteDocuments( + $callback = fn () => $this->adapter->deleteDocuments( $collection->getId(), array_map(fn ($document) => $document->getId(), $chunk) ); + + $skipAuth ? $authorization->skip($callback) : $callback(); } return $documents;