payload icon indicating copy to clipboard operation
payload copied to clipboard

Published 20 hours ago verified publisher icon payloadcms

TypeError: Cannot read properties of undefined (reading 'endSession')

Open LorenzoInvernizzi opened this issue 1 year ago • 6 comments

Link to reproduction

https://github.com/LorenzoInvernizzi/issue-endsession-undefined-update-access

Describe the Bug

Hi Devs,

I encountered the error in the following situation: edit of a collection item (Timecards collection) with the following access function for create & edit: image

image

Basically i have the following collections:

  • users: admin or developers, developers must be able to login and create/view/edit their own timecards
  • clients
  • projects
  • timecard: submitted by devs, here i am using the access function and this is the place where i get the error when i try to edit an existing timecard. Actually i am not able to edit the timecard at all, i think it is related to the issue.
  • i also created another access function (isAdminOrDeveloper) where i was able to implement a workaround but it involves querying the db with the local api

To Reproduce

  1. clone repo, setup .env file with mongodbatlas db or a local mongodb
  2. yarn dev and create admin
  3. create developer user from admin panel
  4. create a client and a project from the admin panel
  5. logout and login with dev account
  6. create timecard with dev account
  7. try to edit timecard with dev account -> get error

Payload Version

^2.1.1

Adapters and Plugins

bundler-vite, db-mongodb

LorenzoInvernizzi avatar Nov 14 '23 08:11 LorenzoInvernizzi

I am running into the same error message for similar cases in several of my collections. After some testing, it seems like it triggers on field access functions if one field has more than a single access function, or if two or more fields have one or more access functions. I'm using the MongoDB adapter. It looks like the transaction is being shut down prematurely.

Here is example code to explain when the error triggers in my app:

const isSuperuser = (args) => args.req.user.superuser;

// No error
{
  fields: [
    { name: 'fieldOne', type: 'text', access: { create: isSuperuser, } },
    { name: 'fieldTwo', type: 'text' }
  ]
}

// Error
{
  fields: [
    { name: 'fieldOne', type: 'text', access: { create: isSuperuser, update: isSuperuser } },
    { name: 'fieldTwo', type: 'text' }
  ]
}

// Error
{
  fields: [
    { name: 'fieldOne', type: 'text', access: { create: isSuperuser } },
    { name: 'fieldTwo', type: 'text', access: { create: isSuperuser } }
  ]
}

peterskeide avatar Nov 15 '23 11:11 peterskeide

Getting this same error with v2.1.1. Reverting to v2.1.0 fixes the issue.

revnelson avatar Nov 15 '23 22:11 revnelson

Getting this same error with v2.1.1. Reverting to v2.1.0 fixes the issue.

2.1.0 fixes it thanks!

@peterskeide explains it perfectly. With one field access it works, with more than one I get this error: image and all the fields of the collections become readonly / uneditable.

billyhawkes avatar Nov 16 '23 19:11 billyhawkes

Commenting again to add that I don't have any field-level access checks, but I do have multiple (create, read, update, delete) collection-level access checks.

revnelson avatar Nov 17 '23 16:11 revnelson

Same issue here. This only happens when there are field level access control checks on the collection.

jasperverbeet avatar Nov 20 '23 12:11 jasperverbeet

Can confirm, I'm still having unauthorized issues with 2.2.2. Staying at 2.1.0 is the only solution so far that I'm aware of.

revnelson avatar Nov 30 '23 15:11 revnelson

I'm closing this as it has become stale. Tag me if this is still an issue and we can re-open it.

DanRibbens avatar Jul 22 '24 14:07 DanRibbens