New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
.findOne(undefined) returns first item in the database instead of undefined #2500
Comments
Looks like an issue. Contributions are welcomed! |
Same problem with Mariadb This: User.findOne({ where: { id: null } }) works properly return |
Same here, why there is no fix? |
Is this real issue? I mean From jsdoc:
But there are no conditions ( Maybe change method signature and mark id or condition as required but it is really big change and it will be necessary sync at least all |
No, you except same behavior as SQL SELECT * FROM users WHERE id = null LIMIT 1 return empty row not first entity. |
But there is function overloading: findOne(id?: string|number|Date|ObjectID, options?: FindOneOptions<Entity>): Promise<Entity|undefined>;
findOne(options?: FindOneOptions<Entity>): Promise<Entity|undefined>;
findOne(conditions?: FindConditions<Entity>, options?: FindOneOptions<Entity>): Promise<Entity|undefined>;
findOne(optionsOrConditions?: string|number|Date|ObjectID|FindOneOptions<Entity>|FindConditions<Entity>, maybeOptions?: FindOneOptions<Entity>): Promise<Entity|undefined> {
return this.manager.findOne(this.metadata.target, optionsOrConditions as any, maybeOptions);
} You say Your example with |
typeorm/src/entity-manager/EntityManager.ts Lines 580 to 621 in efb6353
Probably need check async findOne<Entity>(entityClass: ObjectType<Entity>|EntitySchema<Entity>|string|undefined, idOrOptionsOrConditions?: string|string[]|number|number[]|Date|Date[]|ObjectID|ObjectID[]|FindOneOptions<Entity>|FindConditions<Entity>, maybeOptions?: FindOneOptions<Entity>): Promise<Entity|undefined> {
if (!idOrOptionsOrConditions) {
return undefined;
}
.... |
@rustamwin Did you mean async findOne<Entity>(entityClass: ObjectType<Entity>|EntitySchema<Entity>|string|undefined, idOrOptionsOrConditions?: string|string[]|number|number[]|Date|Date[]|ObjectID|ObjectID[]|FindOneOptions<Entity>|FindConditions<Entity>, maybeOptions?: FindOneOptions<Entity>): Promise<Entity|undefined> {
if (! idOrOptionsOrConditions) {
return undefined;
}
... This will cause that |
@vlapo Fixed, thnx 😄 |
From my point there is nothing to improve and |
It looks like we either need to left it as it is, either to enforce |
@pleerock I personally would add a check if any value was passed or not |
@havenchyk but current method signatures allow this case |
@vlapo why do you think it will throw an error? just naive code: of course, I see in code base it's much more complicated, but I don't the area for an error. Could you please explain, what I have missed? |
Sry I see you want to throw error in previous comment. My mistake :-) So you vote for |
Seems I wasn't clear enough. Let me try once again. If argument is passed and it's value is not undefined, handle this value. |
Understand now. I think it should work 👍 |
choose one. Return undefined or throw an exception?) |
Sorry for being little late for the party.
I completely disagree. Passing undefined shouldn't cause passing null to sql query. Null and undefined are completely different primitive values. Undefined should be ignored(optional parameters) or always return no records(without querying). I think if we want to change current behavior we should throw an exception. If someone is deliberately passing value of undefined we can safely assume that he doesn't really know what he is doing and there is a human error somewhere. Returning undefined will just populate logical error to later called functions(app logic). We can't search for something if we don't know what are we looking for - it means that there is a logical error while defining search criteria. |
I'm having the same issue with |
The same issue for findOne and findOneOrFail, it's complete dangerous if you passing undefined as a parameter, must not be return the first element. :( |
@Kononnable Well, the same behaviour happens when calling However, I agree that passing Having said that, sticking to what the translated SQL query would do is more intuitive for most people. |
I think this could be fixed just adding a special configuration. So any user could decide by its own if he/she wants the findOne method to return the first item when passing an undefined value or not |
This had me scratching my head for sooo long today! I wrongly assumed that edit: |
This caused several hours of debugging for me today as well. Specifically with the method I cannot find a scenario where a developer would expect to pass in undefined and receive the first row. While it's possible somebody is intentionally using the method this way, I would guess there are far more developers stumped by this. |
IMO this should be the default for edit: Worth mentioning though that if you wish to avoid this you could just do |
Even It should have been our responsibility to check and make sure null or undefined parameter never go though query in a first place, but it is disappointing to see that the ORM still can't handle a simple exception like this. |
con Equal(value) pude solucionar el error. |
doesn't this break other parts of an application? |
no |
TypeORM should be responsible to return the right data whenever there is a nullable or undefined value in In my case, it returned a random value and we made our data dirty. It took a whole day to fix the messy data caused by this bug. This is not fixed and should be reopened. |
jst use the equal option on typeorm, fixes the issue |
That does not make sense. If I'm finding one by |
v0.3.12 same issue (( |
fix this asap |
Spent a couple hours debugging this. The frontend was not sending the id on the body (as it was meant to), so .findOne was returning the first user, that was a super admin as @AbuOmar said. Thankfully we caught it on a development enviroment, otherwise it could've been a serious security issue. |
in my case, I will do this:
|
This works for me, but I don't think it should work this way |
yes, it works when you ensure that the field does not have any null value |
I did solve the issue by using the import { Equal } from "typeorm";
return await userRepo.findOne({
where: { phone: phone ? Equal(phone) : Equal(bodyPhone) },
relations: {
addresses: true,
favourites: true,
cart: true,
},
}); |
This has the same behaviour as returning the first record |
So what would be the best practice to use findOne? or should we use other method? |
Imo, using |
No way this must be a meme |
LMAO. When is this will be fixed???? |
Maybe in 2024 🤣 |
from 2018?.....no hope |
everyone just use Equal() |
wow. thats a dangerous bug! and yes, it is a bug! |
but wait there's more...apparently when you query findOne. It makes an sql query twice. turn logging on and see it in realtime. |
This is a huge security risk, and not the way it should work. Until PR #9487 is merged, I have created an eslint rule that warns about it.
|
Thank you a lot. To use it with nested object like the example, I modified as below.
|
just leave here
|
Issue type:
[ ] question
[x] bug report
[ ] feature request
[ ] documentation issue
Database system/driver:
[ ]
cordova
[ ]
mongodb
[ ]
mssql
[ ]
mysql
/mariadb
[ ]
oracle
[x ]
postgres
[ ]
sqlite
[ ]
sqljs
[ ]
react-native
[ ]
expo
TypeORM version:
[x]
latest
[ ]
@next
[ ]
0.x.x
(or put your version here)Steps to reproduce or a small repository showing the problem:
The text was updated successfully, but these errors were encountered: