From ba1acf55d6b5d1ab949022c8cb34477f8a12b101 Mon Sep 17 00:00:00 2001
From: fogelito <fogelshmuel@gmail.com>
Date: Tue, 11 Mar 2025 08:58:14 +0200
Subject: [PATCH 1/4] Array merge

---
 src/Database/Database.php | 75 ++++++++++++++++++++-------------------
 1 file changed, 38 insertions(+), 37 deletions(-)

diff --git a/src/Database/Database.php b/src/Database/Database.php
index 29d92228c..ec4be3930 100644
--- a/src/Database/Database.php
+++ b/src/Database/Database.php
@@ -4052,6 +4052,15 @@ public function updateDocuments(string $collection, Document $updates, array $qu
             throw new DatabaseException('Collection not found');
         }
 
+        $documentSecurity = $collection->getAttribute('documentSecurity', false);
+
+        $authorization = new Authorization(self::PERMISSION_UPDATE);
+        $skipAuth = $authorization->isValid($collection->getUpdate());
+
+        if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) {
+            throw new AuthorizationException($authorization->getDescription());
+        }
+
         $attributes = $collection->getAttribute('attributes', []);
         $indexes = $collection->getAttribute('indexes', []);
 
@@ -4098,18 +4107,8 @@ public function updateDocuments(string $collection, Document $updates, array $qu
             throw new StructureException($validator->getDescription());
         }
 
-        $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $updates, $limit, $cursor) {
+        $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $updates, $limit, $cursor, $authorization, $skipAuth) {
             $documents = [];
-
-            $documentSecurity = $collection->getAttribute('documentSecurity', false);
-
-            $authorization = new Authorization(self::PERMISSION_UPDATE);
-            $skipAuth = $authorization->isValid($collection->getUpdate());
-
-            if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) {
-                throw new AuthorizationException($authorization->getDescription());
-            }
-
             $originalLimit = $limit;
             $lastDocument = $cursor;
 
@@ -4121,15 +4120,16 @@ public function updateDocuments(string $collection, Document $updates, array $qu
                     $limit -= $batchSize;
                 }
 
-                $affectedDocuments = $this->silent(fn () => $this->find($collection->getId(), array_merge(
-                    $queries,
-                    empty($lastDocument) ? [
-                        Query::limit($batchSize),
-                    ] : [
-                        Query::limit($batchSize),
-                        Query::cursorAfter($lastDocument),
-                    ]
-                ), forPermission: Database::PERMISSION_UPDATE));
+                $array = empty($lastDocument) ?
+                    [Query::limit($batchSize)] :
+                    [Query::limit($batchSize), Query::cursorAfter($lastDocument)]
+                ;
+
+                $affectedDocuments = $this->silent(fn () => $this->find(
+                    $collection->getId(),
+                    array_merge($array, $queries),
+                    forPermission: Database::PERMISSION_UPDATE
+                ));
 
                 if (empty($affectedDocuments)) {
                     break;
@@ -5359,6 +5359,14 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
             throw new DatabaseException('Collection not found');
         }
 
+        $documentSecurity = $collection->getAttribute('documentSecurity', false);
+        $authorization = new Authorization(self::PERMISSION_DELETE);
+        $skipAuth = $authorization->isValid($collection->getDelete());
+
+        if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) {
+            throw new AuthorizationException($authorization->getDescription());
+        }
+
         $attributes = $collection->getAttribute('attributes', []);
         $indexes = $collection->getAttribute('indexes', []);
 
@@ -5385,15 +5393,7 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
         }
 
         $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $limit, $cursor) {
-            $documentSecurity = $collection->getAttribute('documentSecurity', false);
-            $authorization = new Authorization(self::PERMISSION_DELETE);
-            $skipAuth = $authorization->isValid($collection->getDelete());
             $documents = [];
-
-            if (!$skipAuth && !$documentSecurity && $collection->getId() !== self::METADATA) {
-                throw new AuthorizationException($authorization->getDescription());
-            }
-
             $originalLimit = $limit;
             $lastDocument = $cursor;
 
@@ -5404,15 +5404,16 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
                     $limit -= $batchSize;
                 }
 
-                $affectedDocuments = $this->silent(fn () => $this->find($collection->getId(), array_merge(
-                    $queries,
-                    empty($lastDocument) ? [
-                        Query::limit($batchSize),
-                    ] : [
-                        Query::limit($batchSize),
-                        Query::cursorAfter($lastDocument),
-                    ]
-                ), forPermission: Database::PERMISSION_DELETE));
+                $array = empty($lastDocument) ?
+                    [Query::limit($batchSize)] :
+                    [Query::limit($batchSize), Query::cursorAfter($lastDocument)]
+                ;
+
+                $affectedDocuments = $this->silent(fn () => $this->find(
+                    $collection->getId(),
+                    array_merge($array, $queries),
+                    forPermission: Database::PERMISSION_DELETE
+                ));
 
                 if (empty($affectedDocuments)) {
                     break;

From db4e8013fc06bfa0cda06c63b724f50317cbef36 Mon Sep 17 00:00:00 2001
From: fogelito <fogelshmuel@gmail.com>
Date: Tue, 11 Mar 2025 09:20:08 +0200
Subject: [PATCH 2/4] new Queries

---
 src/Database/Database.php | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/src/Database/Database.php b/src/Database/Database.php
index ec4be3930..34937e8b5 100644
--- a/src/Database/Database.php
+++ b/src/Database/Database.php
@@ -4120,14 +4120,17 @@ public function updateDocuments(string $collection, Document $updates, array $qu
                     $limit -= $batchSize;
                 }
 
-                $array = empty($lastDocument) ?
-                    [Query::limit($batchSize)] :
-                    [Query::limit($batchSize), Query::cursorAfter($lastDocument)]
-                ;
+                $new = [
+                    Query::limit($batchSize)
+                ];
+
+                if(! empty($lastDocument)){
+                    $new[] = Query::cursorAfter($lastDocument);
+                }
 
                 $affectedDocuments = $this->silent(fn () => $this->find(
                     $collection->getId(),
-                    array_merge($array, $queries),
+                    array_merge($new, $queries),
                     forPermission: Database::PERMISSION_UPDATE
                 ));
 
@@ -5404,14 +5407,17 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
                     $limit -= $batchSize;
                 }
 
-                $array = empty($lastDocument) ?
-                    [Query::limit($batchSize)] :
-                    [Query::limit($batchSize), Query::cursorAfter($lastDocument)]
-                ;
+                $new = [
+                    Query::limit($batchSize)
+                ];
+
+                if (! empty($lastDocument)) {
+                    $new[] = Query::cursorAfter($lastDocument);
+                }
 
                 $affectedDocuments = $this->silent(fn () => $this->find(
                     $collection->getId(),
-                    array_merge($array, $queries),
+                    array_merge($new, $queries),
                     forPermission: Database::PERMISSION_DELETE
                 ));
 
@@ -5455,7 +5461,7 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
             }
 
             foreach (\array_chunk($documents, $batchSize) as $chunk) {
-                $this->adapter->deleteDocuments(
+                $this->adapter->deleteDocuments( // Do we need to check $skipAuth like in updateDocuments?
                     $collection->getId(),
                     array_map(fn ($document) => $document->getId(), $chunk)
                 );

From 5ac075d1861733bedb2a6436a71ed6a67b06c2ee Mon Sep 17 00:00:00 2001
From: fogelito <fogelshmuel@gmail.com>
Date: Tue, 11 Mar 2025 09:23:41 +0200
Subject: [PATCH 3/4] lint

---
 src/Database/Database.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Database/Database.php b/src/Database/Database.php
index 34937e8b5..2950b4fea 100644
--- a/src/Database/Database.php
+++ b/src/Database/Database.php
@@ -4124,7 +4124,7 @@ public function updateDocuments(string $collection, Document $updates, array $qu
                     Query::limit($batchSize)
                 ];
 
-                if(! empty($lastDocument)){
+                if (! empty($lastDocument)) {
                     $new[] = Query::cursorAfter($lastDocument);
                 }
 

From 8353f1e2bb45e2415f06afdbefab8798b1aa2fa5 Mon Sep 17 00:00:00 2001
From: fogelito <fogelshmuel@gmail.com>
Date: Wed, 12 Mar 2025 09:56:48 +0200
Subject: [PATCH 4/4] deleteDocuments skip auth

---
 src/Database/Database.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/Database/Database.php b/src/Database/Database.php
index 2950b4fea..445afaa5c 100644
--- a/src/Database/Database.php
+++ b/src/Database/Database.php
@@ -5395,7 +5395,7 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
             throw new DatabaseException("Cursor document must be from the same Collection.");
         }
 
-        $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $limit, $cursor) {
+        $documents = $this->withTransaction(function () use ($collection, $queries, $batchSize, $limit, $cursor, $skipAuth, $authorization) {
             $documents = [];
             $originalLimit = $limit;
             $lastDocument = $cursor;
@@ -5461,10 +5461,12 @@ public function deleteDocuments(string $collection, array $queries = [], int $ba
             }
 
             foreach (\array_chunk($documents, $batchSize) as $chunk) {
-                $this->adapter->deleteDocuments( // Do we need to check $skipAuth like in updateDocuments?
+                $callback = fn () => $this->adapter->deleteDocuments(
                     $collection->getId(),
                     array_map(fn ($document) => $document->getId(), $chunk)
                 );
+
+                $skipAuth ? $authorization->skip($callback) : $callback();
             }
 
             return $documents;