fix: cassandra + mongo + arangodb issues with webhook

server/db/models/user.go

@@ -38,8 +38,13 @@ func (user *User) AsAPIUser() *model.User {
 	email := user.Email
 	createdAt := user.CreatedAt
 	updatedAt := user.UpdatedAt
+
+	id := user.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.User{
-		ID:                  user.ID,
+		ID:                  id,
 		Email:               user.Email,
 		EmailVerified:       isEmailVerified,
 		SignupMethods:       user.SignupMethods,

server/db/models/verification_requests.go

@@ -1,6 +1,10 @@
 package models
 
-import "github.com/authorizerdev/authorizer/server/graph/model"
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+)
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
 
@@ -27,8 +31,13 @@ func (v *VerificationRequest) AsAPIVerificationRequest() *model.VerificationRequ
 	redirectURI := v.RedirectURI
 	expires := v.ExpiresAt
 	identifier := v.Identifier
+
+	id := v.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.VerificationRequest{
-		ID:          v.ID,
+		ID:          id,
 		Token:       &token,
 		Identifier:  &identifier,
 		Expires:     &expires,

server/db/models/webhook.go

@@ -2,6 +2,7 @@ package models
 
 import (
 	"encoding/json"
+	"strings"
 
 	"github.com/authorizerdev/authorizer/server/graph/model"
 )
@@ -23,8 +24,13 @@ type Webhook struct {
 func (w *Webhook) AsAPIWebhook() *model.Webhook {
 	headersMap := make(map[string]interface{})
 	json.Unmarshal([]byte(w.Headers), &headersMap)
+
+	id := w.ID
+	if strings.Contains(id, Collections.Webhook+"/") {
+		id = strings.TrimPrefix(id, Collections.Webhook+"/")
+	}
 	return &model.Webhook{
-		ID:        w.ID,
+		ID:        id,
 		EventName: &w.EventName,
 		Endpoint:  &w.EndPoint,
 		Headers:   headersMap,

server/db/models/webhook_log.go

@@ -1,6 +1,10 @@
 package models
 
-import "github.com/authorizerdev/authorizer/server/graph/model"
+import (
+	"strings"
+
+	"github.com/authorizerdev/authorizer/server/graph/model"
+)
 
 // Note: any change here should be reflected in providers/casandra/provider.go as it does not have model support in collection creation
 
@@ -17,8 +21,12 @@ type WebhookLog struct {
 }
 
 func (w *WebhookLog) AsAPIWebhookLog() *model.WebhookLog {
+	id := w.ID
+	if strings.Contains(id, Collections.WebhookLog+"/") {
+		id = strings.TrimPrefix(id, Collections.WebhookLog+"/")
+	}
 	return &model.WebhookLog{
-		ID:         w.ID,
+		ID:         id,
 		HTTPStatus: &w.HttpStatus,
 		Response:   &w.Response,
 		Request:    &w.Request,

server/db/providers/arangodb/user.go

@@ -63,9 +63,9 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return err
 	}
 
-	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @userId REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
+	query := fmt.Sprintf(`FOR d IN %s FILTER d.user_id == @user_id REMOVE { _key: d._key } IN %s`, models.Collections.Session, models.Collections.Session)
 	bindVars := map[string]interface{}{
-		"userId": user.ID,
+		"user_id": user.ID,
 	}
 	cursor, err := p.db.Query(ctx, query, bindVars)
 	if err != nil {

server/db/providers/arangodb/webhook.go

@@ -83,7 +83,7 @@ func (p *provider) ListWebhook(ctx context.Context, pagination model.Pagination)
 // GetWebhookByID to get webhook by id
 func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model.Webhook, error) {
 	var webhook models.Webhook
-	query := fmt.Sprintf("FOR d in %s FILTER d._id == @webhook_id RETURN d", models.Collections.Webhook)
+	query := fmt.Sprintf("FOR d in %s FILTER d._key == @webhook_id RETURN d", models.Collections.Webhook)
 	bindVars := map[string]interface{}{
 		"webhook_id": webhookID,
 	}
@@ -146,9 +146,9 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 		return err
 	}
 
-	query := fmt.Sprintf("FOR d in %s FILTER d.event_id == @event_id REMOVE { _key: d._key }", models.Collections.WebhookLog)
+	query := fmt.Sprintf("FOR d IN %s FILTER d.webhook_id == @webhook_id REMOVE { _key: d._key } IN %s", models.Collections.WebhookLog, models.Collections.WebhookLog)
 	bindVars := map[string]interface{}{
-		"event_id": webhook.ID,
+		"webhook_id": webhook.ID,
 	}
 
 	cursor, err := p.db.Query(ctx, query, bindVars)

server/db/providers/arangodb/webhook_log.go

@@ -37,11 +37,12 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	query := fmt.Sprintf("FOR d in %s SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
 
 	if webhookID != "" {
-		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhookID SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
+		query = fmt.Sprintf("FOR d in %s FILTER d.webhook_id == @webhook_id SORT d.created_at DESC LIMIT %d, %d RETURN d", models.Collections.WebhookLog, pagination.Offset, pagination.Limit)
 		bindVariables = map[string]interface{}{
 			"webhook_id": webhookID,
 		}
 	}
+
 	sctx := driver.WithQueryFullCount(ctx)
 	cursor, err := p.db.Query(sctx, query, bindVariables)
 	if err != nil {

server/db/providers/cassandradb/provider.go

@@ -143,6 +143,11 @@ func NewProvider() (*provider, error) {
 	if err != nil {
 		return nil, err
 	}
+	sessionIndexQuery := fmt.Sprintf("CREATE INDEX IF NOT EXISTS authorizer_session_user_id ON %s.%s (user_id)", KeySpace, models.Collections.Session)
+	err = session.Query(sessionIndexQuery).Exec()
+	if err != nil {
+		return nil, err
+	}
 
 	userCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, email text, email_verified_at bigint, password text, signup_methods text, given_name text, family_name text, middle_name text, nickname text, gender text, birthdate text, phone_number text, phone_number_verified_at bigint, picture text, roles text, updated_at bigint, created_at bigint, revoked_timestamp bigint, PRIMARY KEY (id))", KeySpace, models.Collections.User)
 	err = session.Query(userCollectionQuery).Exec()
@@ -177,7 +182,7 @@ func NewProvider() (*provider, error) {
 		return nil, err
 	}
 
-	webhookCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, endpoint text, enabled boolean, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Webhook)
+	webhookCollectionQuery := fmt.Sprintf("CREATE TABLE IF NOT EXISTS %s.%s (id text, event_name text, endpoint text, enabled boolean, headers text, updated_at bigint, created_at bigint, PRIMARY KEY (id))", KeySpace, models.Collections.Webhook)
 	err = session.Query(webhookCollectionQuery).Exec()
 	if err != nil {
 		return nil, err

server/db/providers/cassandradb/user.go

@@ -102,6 +102,10 @@ func (p *provider) UpdateUser(ctx context.Context, user models.User) (models.Use
 			continue
 		}
 
+		if key == "_key" {
+			continue
+		}
+
 		if value == nil {
 			updateFields += fmt.Sprintf("%s = null,", key)
 			continue
@@ -135,7 +139,19 @@ func (p *provider) DeleteUser(ctx context.Context, user models.User) error {
 		return err
 	}
 
-	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE user_id = '%s'", KeySpace+"."+models.Collections.Session, user.ID)
+	getSessionsQuery := fmt.Sprintf("SELECT id FROM %s WHERE user_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.Session, user.ID)
+	scanner := p.db.Query(getSessionsQuery).Iter().Scanner()
+	sessionIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		sessionIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	sessionIDs = strings.TrimSuffix(sessionIDs, ",")
+	deleteSessionQuery := fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.Session, sessionIDs)
 	err = p.db.Query(deleteSessionQuery).Exec()
 	if err != nil {
 		return err
@@ -181,7 +197,7 @@ func (p *provider) ListUsers(ctx context.Context, pagination model.Pagination) (
 // GetUserByEmail to get user information from database using email address
 func (p *provider) GetUserByEmail(ctx context.Context, email string) (models.User, error) {
 	var user models.User
-	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1", KeySpace+"."+models.Collections.User, email)
+	query := fmt.Sprintf("SELECT id, email, email_verified_at, password, signup_methods, given_name, family_name, middle_name, nickname, birthdate, phone_number, phone_number_verified_at, picture, roles, revoked_timestamp, created_at, updated_at FROM %s WHERE email = '%s' LIMIT 1 ALLOW FILTERING", KeySpace+"."+models.Collections.User, email)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&user.ID, &user.Email, &user.EmailVerifiedAt, &user.Password, &user.SignupMethods, &user.GivenName, &user.FamilyName, &user.MiddleName, &user.Nickname, &user.Birthdate, &user.PhoneNumber, &user.PhoneNumberVerifiedAt, &user.Picture, &user.Roles, &user.RevokedTimestamp, &user.CreatedAt, &user.UpdatedAt)
 	if err != nil {
 		return user, err

server/db/providers/cassandradb/webhook.go

@@ -24,6 +24,11 @@ func (p *provider) AddWebhook(ctx context.Context, webhook models.Webhook) (*mod
 	webhook.CreatedAt = time.Now().Unix()
 	webhook.UpdatedAt = time.Now().Unix()
 
+	existingHook, _ := p.GetWebhookByEventName(ctx, webhook.EventName)
+	if existingHook != nil {
+		return nil, fmt.Errorf("Webhook with %s event_name already exists", webhook.EventName)
+	}
+
 	insertQuery := fmt.Sprintf("INSERT INTO %s (id, event_name, endpoint, headers, enabled,  created_at, updated_at) VALUES ('%s', '%s', '%s', '%s', %t, %d, %d)", KeySpace+"."+models.Collections.Webhook, webhook.ID, webhook.EventName, webhook.EndPoint, webhook.Headers, webhook.Enabled, webhook.CreatedAt, webhook.UpdatedAt)
 	err := p.db.Query(insertQuery).Exec()
 	if err != nil {
@@ -56,6 +61,10 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 			continue
 		}
 
+		if key == "_key" {
+			continue
+		}
+
 		if value == nil {
 			updateFields += fmt.Sprintf("%s = null,", key)
 			continue
@@ -72,7 +81,6 @@ func (p *provider) UpdateWebhook(ctx context.Context, webhook models.Webhook) (*
 	updateFields = strings.TrimSuffix(updateFields, ",")
 
 	query := fmt.Sprintf("UPDATE %s SET %s WHERE id = '%s'", KeySpace+"."+models.Collections.Webhook, updateFields, webhook.ID)
-
 	err = p.db.Query(query).Exec()
 	if err != nil {
 		return nil, err
@@ -130,7 +138,7 @@ func (p *provider) GetWebhookByID(ctx context.Context, webhookID string) (*model
 // GetWebhookByEventName to get webhook by event_name
 func (p *provider) GetWebhookByEventName(ctx context.Context, eventName string) (*model.Webhook, error) {
 	var webhook models.Webhook
-	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1`, KeySpace+"."+models.Collections.Webhook, eventName)
+	query := fmt.Sprintf(`SELECT id, event_name, endpoint, headers, enabled, created_at, updated_at FROM %s WHERE event_name = '%s' LIMIT 1 ALLOW FILTERING`, KeySpace+"."+models.Collections.Webhook, eventName)
 	err := p.db.Query(query).Consistency(gocql.One).Scan(&webhook.ID, &webhook.EventName, &webhook.EndPoint, &webhook.Headers, &webhook.Enabled, &webhook.CreatedAt, &webhook.UpdatedAt)
 	if err != nil {
 		return nil, err
@@ -146,7 +154,19 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 		return err
 	}
 
-	query = fmt.Sprintf("DELETE FROM %s WHERE webhook_id = '%s'", KeySpace+"."+models.Collections.WebhookLog, webhook.ID)
+	getWebhookLogQuery := fmt.Sprintf("SELECT id FROM %s WHERE webhook_id = '%s' ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhook.ID)
+	scanner := p.db.Query(getWebhookLogQuery).Iter().Scanner()
+	webhookLogIDs := ""
+	for scanner.Next() {
+		var wlID string
+		err = scanner.Scan(&wlID)
+		if err != nil {
+			return err
+		}
+		webhookLogIDs += fmt.Sprintf("'%s',", wlID)
+	}
+	webhookLogIDs = strings.TrimSuffix(webhookLogIDs, ",")
+	query = fmt.Sprintf("DELETE FROM %s WHERE id IN (%s)", KeySpace+"."+models.Collections.WebhookLog, webhookLogIDs)
 	err = p.db.Query(query).Exec()
 	return err
 }

server/db/providers/cassandradb/webhook_log.go

@@ -40,8 +40,8 @@ func (p *provider) ListWebhookLogs(ctx context.Context, pagination model.Paginat
 	query := fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, pagination.Limit+pagination.Offset)
 
 	if webhookID != "" {
-		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s'`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
-		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
+		totalCountQuery = fmt.Sprintf(`SELECT COUNT(*) FROM %s WHERE webhook_id='%s' ALLOW FILTERING`, KeySpace+"."+models.Collections.WebhookLog, webhookID)
+		query = fmt.Sprintf("SELECT id, http_status, response, request, webhook_id, created_at, updated_at FROM %s WHERE webhook_id = '%s' LIMIT %d ALLOW FILTERING", KeySpace+"."+models.Collections.WebhookLog, webhookID, pagination.Limit+pagination.Offset)
 	}
 
 	err := p.db.Query(totalCountQuery).Consistency(gocql.One).Scan(&paginationClone.Total)

server/db/providers/mongodb/webhook.go

@@ -111,7 +111,7 @@ func (p *provider) DeleteWebhook(ctx context.Context, webhook *model.Webhook) er
 	}
 
 	webhookLogCollection := p.db.Collection(models.Collections.WebhookLog, options.Collection())
-	_, err = webhookLogCollection.DeleteOne(nil, bson.M{"webhook_id": webhook.ID}, options.Delete())
+	_, err = webhookLogCollection.DeleteMany(nil, bson.M{"webhook_id": webhook.ID}, options.Delete())
 	if err != nil {
 		return err
 	}