Skip to content

Filtering on a relation with multiple values doesn't work as documented (RESTful API Handler) #2061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
zupamario opened this issue Mar 28, 2025 · 2 comments
Closed

Filtering on a relation with multiple values doesn't work as documented (RESTful API Handler) #2061

zupamario opened this issue Mar 28, 2025 · 2 comments
Labels
in-progress

Comments

@zupamario
Copy link

Hello Zenstack Team,

I think I found an issue in the rest api handler.

According to the documentation, it should be possible to filter by multiple values (see example 3: https://zenstack.dev/docs/reference/server-adapters/api-handlers/rest#examples-4). That works for "normal" attributes but not for relations. When filtering on relations it only filter on the first value and ignores the rest of the list.

I was able to reproduce the issue from the example model below. I tested the following requests. Specifically request number 2 is problematic in my use-case.

  1. Filter on an int field with multiple values: localhost:3000/api/post?filter[rating]=2,5
    WORKS

  2. Filter on relation field that has an integer id: localhost:3000/api/post?filter[page]=1,2
    does NOT work correctly -> always filters only by the first value in the list

  3. Filter on a string field with multiple values: localhost:3000/api/post?filter[title]=Join the Prisma Slack,Follow Prisma on Twitter
    WORKS

  4. Filter on relation field that has a string id: localhost:3000/api/post?filter[author]=cm8n6dhkr0000gu5ea1v6kwv5,cm8n6dhkt0002gu5e7t0my17d
    also does NOT work correctly, but this returns an empty list, so maybe I'm doing the query wrong

datasource db {
    provider = 'sqlite'
    url = 'file:./dev.db'
}

generator client {
    provider = "prisma-client-js"
}

/**
 * User model
 */
model User {
    id       String @id @default(cuid())
    email    String @unique @email @length(6, 32)
    name     String
    password String @password @omit
    posts    Post[]

    // everybody can signup
    @@allow('create', true)

    // full access by self
    @@allow('all', auth() == this)
}

model Page {
    id       Int    @id @default(autoincrement())
    name   String
    post Post[]
}

/**
 * Post model
 */
model Post {
    id        String   @id @default(cuid())
    createdAt DateTime @default(now())
    updatedAt DateTime @updatedAt
    title     String   @length(1, 256)
    content   String
    published Boolean  @default(false)
    author    User     @relation(fields: [authorId], references: [id])
    authorId  String
    rating    Int      @default(5)
    page      Page     @relation(fields: [pageId], references: [id])
    pageId    Int

    // allow read for all signin users
    @@allow('read', auth() != null && published)

    // full access by author
    @@allow('all', author == auth())
}```

**Environment (please complete the following information):**

-   ZenStack version: 2.13.0
-   Prisma version: 5.18.0
-   Database type: Postgresql
ymc9 added a commit that referenced this issue Apr 15, 2025
@ymc9
fix(rest): multiple relation id filter values are not properly split
0a93a4a 
fixes #2061
@ymc9 ymc9 mentioned this issue Apr 15, 2025
Merged
@ymc9
Copy link
Member

ymc9 commented Apr 16, 2025

Fixed in 2.14.0

@ymc9 ymc9 closed this as completed Apr 16, 2025
@zupamario
Copy link
Author

This is great. Thanks for your awesome work!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
in-progress
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zupamario @ymc9