Skip to content

Commit

Permalink
[ODS-6189] Possible bug with 64 bit Education Organization ID look up (
Browse files Browse the repository at this point in the history
…#961)

Co-authored-by: semalaiappan <[email protected]>
  • Loading branch information
axelmarquezh and semalaiappan authored Feb 17, 2024
1 parent 535229a commit cdd9786
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,43 @@
using Microsoft.Data.SqlClient;
using EdFi.Ods.Common.Security.Authorization;
using EdFi.Ods.Common.Security.Claims;
using EdFi.Ods.Common.Models;
using EdFi.Common;
using EdFi.Common.Extensions;
using EdFi.Ods.Common.Conventions;
using System;
using System.Collections.Generic;

namespace EdFi.Ods.Api.Security.AuthorizationStrategies.Relationships.Filters;

public class SqlServerViewBasedSingleItemAuthorizationQuerySupport : IViewBasedSingleItemAuthorizationQuerySupport
{
private const int SqlServerParameterCountThreshold = 2000;

private readonly Type _edOrgSystemType;
private readonly Dictionary<Type, string> _structuredTypeBySystemType = new()
{
{typeof(int), "dbo.IntTable"},
{typeof(long), "dbo.BigIntTable"}
};

public SqlServerViewBasedSingleItemAuthorizationQuerySupport(IDomainModelProvider domainModelProvider)
{
Preconditions.ThrowIfNull(domainModelProvider, nameof(domainModelProvider));

var standardModelVersion = Version.Parse(
domainModelProvider
.GetDomainModel()
.Schemas
.Single(x => x.LogicalName.EqualsIgnoreCase(EdFiConventions.LogicalName))
.Version
);

_edOrgSystemType = standardModelVersion.Major < 5
? typeof(int)
: typeof(long);
}

public string GetItemExistenceCheckSql(ViewBasedAuthorizationFilterDefinition filterDefinition, AuthorizationFilterContext filterContext)
{
if (filterContext.ClaimEndpointValues.Length < SqlServerParameterCountThreshold)
Expand Down Expand Up @@ -47,16 +77,16 @@ public void ApplyClaimsParametersToCommand(DbCommand cmd, EdFiAuthorizationConte
var sqlParameter = cmd.CreateParameter() as SqlParameter;

DataTable dt = new();
dt.Columns.Add("Id", typeof(int));
dt.Columns.Add("Id", _edOrgSystemType);

foreach (int claimEdOrgId in claimEdOrgIds)
foreach (var claimEdOrgId in claimEdOrgIds)
{
dt.Rows.Add(claimEdOrgId);
}

sqlParameter!.ParameterName = "ClaimEducationOrganizationIds";
sqlParameter.SqlDbType = SqlDbType.Structured;
sqlParameter.TypeName = "dbo.IntTable";
sqlParameter.TypeName = _structuredTypeBySystemType[_edOrgSystemType];
sqlParameter.Value = dt;

cmd.Parameters.Add(sqlParameter);
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
-- SPDX-License-Identifier: Apache-2.0
-- Licensed to the Ed-Fi Alliance under one or more agreements.
-- The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0.
-- See the LICENSE and NOTICES files in the project root for more information.

CREATE TYPE dbo.BigIntTable AS TABLE
(
Id BIGINT
)

0 comments on commit cdd9786

Please sign in to comment.