Permission changes and server side changes causing app crash

hi,

we are having a particularly difficult time handling realm resets with the flutter SDK. Honestly, the documentation is really quite poor. It offers no examples of real world recovery strategies, leaving the engineer guessing.

We have tried implementing the client reset handler, but this doesn’t appear to actually do anything of any real use. We see a debug message get logged saying the permission set has changed, but it does not seem capable of recovering from this.

It is a similar affair if we make a change to the schema server side. Closing the app and re-opening it works, but we can’t seem to handle this gracefully.

Are there any working examples of a graceful app restart where such a restart is required due to server side changes, whether schema or permission?

The other major frustration is the rule set behaviour; we have a scenario where a rule set is based on 2 different values within custom user data.

Lets call these values user_id and permission_id.

We pass the user_id to the custom auth provider at auth, and this is attached as identity.id and is accessible. But because the auth process will only permit 1 string based value that must not change, we cannot pass the second value (permission_id) here.

So instead we trigger a post auth function, either that creates the custom data or updates it depending on whether this is first login or not, but this results in a permission change… you guessed it… crashing the app.

Surely, there is a better way?

I found several similar issues in these forums with responses from the developers st`ating they are planning improvements to this (a year ago) but I cannot see any update.

Can anyone shed any light here before I put a fist through my mac book?

Hi,

Sorry to hear about some of these troubles. First a quick note on the state of permissions changes. When you change the permissions of your application, it causes all clients to disconnect and reconnect to re-evaluate permissions.

Sync stores the hashes of the permissions used by each client to determine when its role or view of data has changes. The current behavior is to client reset when this changes. However, we do have a project that is soon to be released that will treat this the same as a change to the subscription and just remove any data from the device that should no longer be there and add any data to it that has moved into view.

In terms of what is happening to you, I would definitely suggest using the default client reset handler as its almost always the proper thing to do. The client should perform the client reset and resume syncing. If that is not happening, any logs or links to your application’s logs in the service.cloud.mongodb UI would be helpful and we can help debug the issue.

As for the issue around rules / roles and how it fits into your design. I think the solution is either to use Custom JWT auth (which allows you to pass a set of fields that immediately are set on the user object) or continue to use custom user data and we can help work through the issue around the app crashing.

Thanks,
Tyler

Thank you for such a quick reply Tyler.

We have previously investigated JWT, and although it is a better long term solution, right now it would mean a fairly significant change to existing infrastructure to support this, which would have an affect on the other applications that share authentication with our mobile app.

Long we do intend to separate the mobile app out entirely, but we are not there yet.

Is it possible to return more than a single value using the custom provider function, or to access the user / user id before that auth function completes?

If not, is it possible to pass multiple values to a subsequent function?

Beyond the unique client identifier for the provider, we only need to set one other value once at user creation. It can change long term, but if it were to change, it would involve that user (client) being removed from the system before being assigned to another external account (users can move between owner accounts).

We are using the default client reset and although it appears to recover and data can still be syncronised, we get a crash on hot reload (this could be emulator only behaviour, can you confirm?) stating the realm is already open with another user. This does not resolve until we kill the app and cold start again.

Is that expected?

Do you have any working examples of dart code here that we can refer to?

Do you have an example of alerting the user and closing the application? There is no native way to do this in flutter and could only find examples using third party packages which felt… hacky.