Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Copy list of scopes before removing them from the EF context #10275

Merged
merged 1 commit into from
Nov 19, 2024
Merged

Copy list of scopes before removing them from the EF context #10275

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions src/NuGetGallery.Services/Authentication/AuthenticationService.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

using System;
Expand Down Expand Up @@ -714,7 +714,7 @@ public virtual async Task RemoveCredential(User user, Credential cred, bool comm

public virtual async Task EditCredentialScopes(User user, Credential cred, ICollection<Scope> newScopes)
{
foreach (var oldScope in cred.Scopes)
foreach (var oldScope in cred.Scopes.ToList())
{
Entities.Scopes.Remove(oldScope);
}
Expand Down Expand Up @@ -1053,4 +1053,4 @@ private async Task MigrateCredentials(User user, List<Credential> creds, string
}
}
}
}
}
39 changes: 39 additions & 0 deletions tests/NuGetGallery.Facts/Authentication/AuthenticationServiceFacts.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

using System;
using System.Collections.Generic;
using System.Data.Entity;
using System.Globalization;
using System.Linq;
using System.Security.Claims;
Expand Down Expand Up @@ -2382,6 +2383,44 @@ public async Task SavesChangesInTheDataStore()
authService.Entities.VerifyCommitChanges();
}

/// <summary>
/// Needed to avoid collection modified exception caused by the entity context.
/// </summary>
[Fact]
public async Task CopiesScopeCollectionForDeletion()
{
// Arrange
var credentialBuilder = new CredentialBuilder();

var credScopes =
Enumerable.Range(0, 5)
.Select(
i => new Scope { AllowedAction = NuGetScopes.PackagePush, Key = i, Subject = "package" + i }).ToList();

var mockScopes = new Mock<DbSet<Scope>>();
var dbContext = GetMock<IEntitiesContext>();
dbContext.Setup(x => x.Scopes).Returns(mockScopes.Object);
mockScopes.Setup(x => x.Remove(It.IsAny<Scope>())).Callback<Scope>(x => credScopes.Remove(x));

var fakes = Get<Fakes>();
var cred = credentialBuilder.CreateApiKey(null, out string plaintextApiKey);
var user = fakes.CreateUser("test", credentialBuilder.CreatePasswordCredential(Fakes.Password), cred);
var authService = Get<AuthenticationService>();

var newScopes =
Enumerable.Range(1, 2)
.Select(
i => new Scope { AllowedAction = NuGetScopes.PackageUnlist, Key = i * 10, Subject = "otherpackage" + i }).ToList();

cred.Scopes = credScopes;

// Act
await authService.EditCredentialScopes(user, cred, newScopes);

// Act
Assert.Empty(credScopes);
}

[Fact]
public async Task WritesAuditRecordForTheEditedCredential()
{
Expand Down