|
const filteredUuids = registryOrg.admins.filter(uuid => uuid !== registryUser.UUID) |
|
currentOrg.admins = currentOrg.admins.filter(a => a !== identifier) |
Similar to the #1764 situation, if an organization has its own client that is trying to operate on an admins array with concurrent requests concerned with different users, then the task that calls the .save method last can undo the change made by the task that calls the .save method first. In other words, both API requests will be successful but only one of the two users will end up removed from the admins array.
The race condition can be avoided by, for example, using $pull in DocumentDB.
cve-services/src/repositories/baseUserRepository.js
Line 433 in 791d31f
cve-services/src/repositories/baseUserRepository.js
Line 555 in 791d31f
Similar to the #1764 situation, if an organization has its own client that is trying to operate on an admins array with concurrent requests concerned with different users, then the task that calls the .save method last can undo the change made by the task that calls the .save method first. In other words, both API requests will be successful but only one of the two users will end up removed from the admins array.
The race condition can be avoided by, for example, using $pull in DocumentDB.