Validation with `Ecto.Changeset.unsafe_validate_unique` and `Ecto.Changeset.put_assoc`

albiere · July 8, 2021, 3:40pm

Hey peeps. Has anybody used Ecto.Changeset.unsafe_validate_unique with an association? I’m trying to do something like this:

organization = Repo.get!(Organization, 1)

%User{}
|> Ecto.Changeset.cast(%{email: "email", pass: "pass"}, [:email, :pass])
|> Ecto.Changeset.put_assoc(:organization, organization)
|> Ecto.Changeset.unsafe_validate_unique([:email, :org_id], MyApp.Repo)

I read the implementation of unsafe_validate_unique and the query doesn’t know how to handle associations. It only adds a simple where clause for chosen fields. Here’s the link to the implementation: ecto/changeset.ex at 599a1a327b78320f85551c62b14fb7d272439014 · elixir-ecto/ecto · GitHub

In my case, I don’t want to cast the org_id, since that’s not something that should come directly from the user. Has anybody run into something similar? I feel like that would be a very common scenario for any type of SaaS type of app.

albiere · July 8, 2021, 7:36pm

I’m not sure if there’s a reason not to support changes that are associations, but would a change in the current implementation make sense?

Link to current implementation: ecto/changeset.ex at 599a1a327b78320f85551c62b14fb7d272439014 · elixir-ecto/ecto · GitHub

where_clause = for field <- fields do
  case changeset.types[field] do
    {:assoc, %Ecto.Association.BelongsTo{} = assoc} ->
      assoc_struct = get_field(changeset, field)
      {assoc.owner_key, Map.get(assoc_struct, assoc.related_key)}
    _ ->
      {field, get_field(changeset, field)}
  end
end

And here’s the change that could potentially be implemented. What are your thoughts?