Fix after_save webhook callback handling#16
Merged
Conversation
Ensure after_save webhook handlers that return a Parse::Object no longer suppress model callbacks. The change makes callback dispatch depend only on request origin (trusted Ruby-initiated saves still skip webhook callbacks; client-initiated saves always run them) and documents that the handler result is normalized to true so returned objects cannot leak into responses or logs. Bumps stack version to 5.4.1, adds a regression test for object-returning handlers, and updates the changelog.
There was a problem hiding this comment.
Pull request overview
This PR fixes after_save webhook callback dispatch so that model callbacks (after_create/after_save) are no longer suppressed when an afterSave handler mistakenly returns a Parse::Object. Callback dispatch now depends only on request origin (trusted Ruby-initiated saves still suppress webhook-side callbacks to avoid double-runs; client-initiated saves always run them), and afterSave handler results are normalized to true to prevent object leakage into webhook responses/logs.
Changes:
- Update
Parse::Webhooks.call_routeto runafter_savemodel callbacks based solely on request origin, not the handler return value. - Add a regression test covering object-returning
after_savehandlers and verifying the result is normalized totrue. - Bump version to
5.4.1and document the fix in the changelog.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
test/lib/parse/webhook_callbacks_test.rb |
Adds regression coverage ensuring object-returning after_save handlers still dispatch callbacks (client-initiated) and normalize return value to true. |
lib/parse/webhooks.rb |
Removes handler-result gating for after_save callback dispatch and documents/implements result normalization to true. |
lib/parse/stack/version.rb |
Bumps gem version from 5.4.0 to 5.4.1. |
CHANGELOG.md |
Documents the afterSave callback suppression fix and return-value normalization behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Ensure after_save webhook handlers that return a Parse::Object no longer suppress model callbacks. The change makes callback dispatch depend only on request origin (trusted Ruby-initiated saves still skip webhook callbacks; client-initiated saves always run them) and documents that the handler result is normalized to true so returned objects cannot leak into responses or logs. Bumps stack version to 5.4.1, adds a regression test for object-returning handlers, and updates the changelog.