Make readOnly requests to the database the default #1705
Assignees
Labels
Comments
andchiind
added
backend
|
Already merged |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the improvement you would like to see
Instead of having to specify when a request is readOnly, forcing developers to specify when they want to be able to edit a database entry will result in better code quality and performance. This is straightforwards to enable (see https://learn.microsoft.com/en-us/ef/core/querying/tracking#no-tracking-queries), but will take more time to get working with the existing code. A good first step would be to go to the functions that have "bool readOnly = false" set as a parameter and change the default value to true instead.
How will this change existing functionality?
As mentioned this will encourage better code quality and readability. It will hopefully encourage developers to pay more attention to how objects are used in the functions they pass them to and perhaps consider simply passing the object ID or a readOnly object instead so that we do not need to follow the object throught the call stack to find inconsistencies when debugging.
How will this improvement affect the current Threat Model?
It will improve it by reducing accidental database changes.
The text was updated successfully, but these errors were encountered: