-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Products created in one shop showing up in all shops #4092
Comments
Issue Description and resolutionProducts created in one shop showing up in all shops.
Changes:Filepath:imports/plugins/included/productvariant/containers/productsContainer.js Line No: 109
After this change was made products were only visible in the stores they were created in. @prinzdezibel is this solution valid? |
@spencern Just want to verify that this is the expected behavior: http://localhost:3000 shows all products from all merchants |
That's how it's been designed to this point |
@spencern Just would like to know, at which level we can achieve multi-tenant. we already referred. #357 We assumed shop1 product should not display in shop2. We also trying like a single supplier can have multiple shops, One supplier shops details and products should not be displayed to another. Could you suggest how to achieve this with the current system? |
@nithin-ideas2it I think you have misunderstood Spencer's comment. He is agreeing that the current implementation (assuming that this bug is reported correctly) is incorrect and needs to be fixed. |
@zenweasel Sorry I thought to know the multi-tenant structure after the fix so that we can change few things on our side. Let us wait for the update. Thank you. |
@nithin-ideas2it I think this is a legitimate bug in our marketplace product publication or subscription code likely and I'd look at a PR that identifies what the problem was and provides a good solution. I think your proposed fix on line 109 is not ideal because it appears to remove the product filter from the URL and to hard-code it to the active shop. I'd also look at a PR that creates a method to toggle this behavior on/off from the operator interface if this is the functionality that your multi-tenant marketplace needs, though I'd want to understand the use-case better. @pmn4 I think you've been working on a multi-tenant marketplace, have you experienced similar issues with products showing up in grids that they aren't supposed to? Any other solutions come to mind? |
tl;dr: I have noticed this, yes. My memory is fuzzy, but when I first got started with Reaction, I noticed that Primary Shop products had been appearing in Merchant Shops and vice-versa. I didn't get too far into sorting out why before I re-wrote the Products subscription to only show for the current Shop (@kathiresh-i2i's solution would have been much simpler!). Compounding the problem is that I use the My use of Reaction is less like a Marketplace and more like a white-label solution for shops -- I disable the Primary Shop grid, instead showing a grid of the merchant shops -- I had no need for a combined grid page, making the solution much simpler. It seems like a combination of My question is whether this check should take place server-side in |
I hadn't noticed that this was a client-side check. That's a good catch. The general rule should be that the client should never be sent data it doesn't need or shouldn't have and that those filters should take place in the database ideally, or on the server. |
Issue Description
This issue only applies to a marketplace setup.
As a merchant admin, the product grid shows all products available. That is, you can see products from other merchants as well as the marketplace owner's products. You can't edit them though, so there's no direct security issue arising through this bug.
As a user, only those products that belong to the appropriate shop are displayed, which is the expected behaviour, IMHO.
E.g.
Steps to Reproduce
Versions
Node: 8.2.1
NPM: 5.3.0
Meteor Node: 8.9.4
Meteor NPM: 5.6.0
Reaction CLI: 0.29.0
Reaction: 1.10.0
Reaction branch: master
Docker: 17.03.1-ce
The text was updated successfully, but these errors were encountered: