{ "id": "159179", "key": "AC-3439", "fields": { "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false }, "project": { "id": "12217", "key": "AC", "name": "Appcelerator - INBOX", "projectCategory": { "id": "10000", "description": "", "name": "Customer Service" } }, "resolution": { "id": "8", "description": "", "name": "Needs more info" }, "resolutiondate": "2016-04-26T15:19:25.000+0000", "created": "2016-03-31T15:22:28.000+0000", "labels": [ "defect" ], "versions": [], "issuelinks": [], "assignee": { "name": "shossain", "key": "shossain", "displayName": "Shak Hossain", "active": false, "timeZone": "America/Los_Angeles" }, "updated": "2016-10-14T11:47:32.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "14558", "name": "Arrow Cloud" } ], "description": "1- Create an App with an ArrowDB project (add two Users user 1 & user 2 in Arrow web portal for simplicity).\r\n2- Create an Node.ACS which also calls the ArrowDB.\r\n3 - The Node.ACS project has a function that creates an ArrowDB Custom Object the User _called createObj_ by passing the session_id.\r\n4- Login as user 1 via the App created (gets session_id, a _direct-API to ArrowDB_)\r\n5- Create an Object owned by user 1 from the App (with the session_id via a Node.ACS call)\r\n6- User 2 logs in and creates another Object (via Node.acs with user 2 session_id)\r\n\r\nResult (the issue): User 2 creates an Object, however it creates it for User 1\r\n\r\nExpected Result: User 2 should create the Object for User 2 (since the session_id is for User 2).\r\n\r\nThis issue has been raised in appcelerator.force.com with Case #: 00007416\r\n\r\nAlso, the solution was found via Stackoverflow, in which other developers faced this issue as well: [http://stackoverflow.com/questions/27255102/appcelerator-acs-users-login-api-getting-error-code-400-with-message-invalid-r]\r\n\r\nThe solution was clarified here: \r\n{quote}for some reason acs-node v0.9.3 appears to be returning the same session ID, even for different users. Some side-effects I've seen include (1) the wrong user attempting to make a change to an object, and (2) objects created by one user are actually owned by the last person who logged in. Making sure acs-node is at v0.9.2 avoids this issue.{quote}\r\n\r\nCurrently, we cannot update our node-acs 0.9.2 to the latest version because of this issue.\r\n", "attachment": [], "flagged": false, "summary": "ArrowCloud: session_id mixes up with previous user logged in.", "creator": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "subtasks": [], "reporter": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "environment": "acs-node 0.9.2 works, but not on the latest versions on acs-node (all node-acs > 0.9.2 do not work)", "comment": { "comments": [ { "id": "381314", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello, \r\n\r\nI am having problem understanding your issue. Are you using acs-node or arrowDB? Can you please explain a little bit. Please provide a code sample which regenerates the issue in node-acs 0.9.3. Also please provide list of steps to follow for us to test it in our environment. Since ACS-node has been deprecated for a while, using our latest arrowDB module should not have this problem.\r\n\r\nRegards,\r\nSharif", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-04-01T19:04:43.000+0000", "updated": "2016-04-01T19:04:43.000+0000" }, { "id": "381315", "author": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "body": "Hello,\r\n\r\nI am using acs-node (a node project) And ArrowDB, the acs-node project calls ArrowDB regularly, so I am using both.\r\n\r\nThe issue described above, is found in all acs-node projects which are greater than 0.9.2.\r\n\r\nUPDATE: I've updated the description Steps to reproduce. If I update to the latest version of arrowdb from node-acs, the issue of the sessions gets buggy as described, so I am forced to stay in 0.9.2. This issue applies to the newer versions.", "updateAuthor": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "created": "2016-04-01T19:49:01.000+0000", "updated": "2016-04-01T20:26:50.000+0000" }, { "id": "383174", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello, \r\n\r\nPlease provide sample code for us to test. Please be specific about each steps you mentioned and provide the related sample code. For recap you needs to use https://www.npmjs.com/package/arrowdb instead of https://www.npmjs.com/package/acs-node\r\n\r\nRegards,\r\nThanks.", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-04-19T17:46:00.000+0000", "updated": "2016-04-19T17:46:00.000+0000" }, { "id": "398946", "author": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "body": "Attached here is a Sample ArrowCloud: https://www.dropbox.com/s/zotx4qlw63qzw66/ArrowCloudApp.zip?dl=0\r\n\r\nIn it you will find /controllers/services.js which explains in 1, 2, 3 how to reproduce.", "updateAuthor": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "created": "2016-10-14T00:17:26.000+0000", "updated": "2016-10-14T00:17:26.000+0000" }, { "id": "398948", "author": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "body": "Also, make sure to run the local Node.ACS server locally, and text the createEvent API with the session_id from Login (direct API to ArrowDB)\r\n", "updateAuthor": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "created": "2016-10-14T00:19:23.000+0000", "updated": "2016-10-14T00:19:23.000+0000" }, { "id": "398971", "author": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "body": "For all future developer who may stumble on this same issue, Wei has provided the solution.\r\n\r\nBefore Every ArrowDB API call from ArrowCloud, make sure to pass the session_id before making the arrowDB call from ArrowCloud.\r\n~~~\r\narrowDBApp.sessionCookieString = params.session_id;\r\narrowDBApp.eventsCreate({ .....\r\n~~~", "updateAuthor": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "created": "2016-10-14T11:47:11.000+0000", "updated": "2016-10-14T11:47:11.000+0000" }, { "id": "398972", "author": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "body": "You can close this issue.", "updateAuthor": { "name": "underlabs", "key": "underlabs", "displayName": "Joseph Sachs", "active": true, "timeZone": "America/Montreal" }, "created": "2016-10-14T11:47:32.000+0000", "updated": "2016-10-14T11:47:32.000+0000" } ], "maxResults": 9, "total": 9, "startAt": 0 } } }