Skip to content

Fix: Critical cache key collision bug in ApiModelCache #182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
roncodes merged 5 commits into from
Dec 21, 2025
Merged

Fix: Critical cache key collision bug in ApiModelCache #182

roncodes merged 5 commits into from
Dec 21, 2025

Conversation

@roncodes
Copy link
Member

@roncodes roncodes commented Dec 21, 2025
edited
Loading

Bug Fixes

  • Fixed cache key collision bug - Different filter parameters (e.g., type=customer vs type=contact) now generate unique cache keys instead of returning wrong cached results
  • Fixed BadMethodCallException - Models without soft deletes (like Permission) no longer crash when calling getDeletedAtColumn()

Improvements

  • Added caching to Permission model - Permission queries now benefit from Redis caching for improved performance

roncodes and others added 5 commits December 20, 2025 22:42
@roncodes
Fix: Critical cache key collision bug - include all query parameters …
f880712 
…in cache key

Previously, generateQueryCacheKey() only included a hardcoded whitelist of 11 parameters,
causing cache key collisions when different filter values were used (e.g., type=customer
vs type=contact generated the same cache key).

This fix includes ALL query parameters in the cache key generation, excluding only
internal/cache-busting parameters like '_', 'timestamp', 'nocache', and '_method'.

Impact:
- Fixes data integrity issue where different queries returned cached results from other queries
- Ensures accurate cache HIT/MISS behavior for all filter combinations
- Backward compatible - existing cache keys will naturally expire and regenerate

Example:
Before: /contacts?type=customer and /contacts?type=contact had SAME cache key
After:  /contacts?type=customer and /contacts?type=contact have DIFFERENT cache keys
@roncodes
Fix: Critical cache key collision bug in ApiModelCache
3201931
@roncodes
Merge pull request #181 from fleetbase/dev-v1.6.29
42a2335 
Fix: Critical cache key collision bug in ApiModelCache
@roncodes
Fix: BadMethodCallException for getDeletedAtColumn() on models withou…
850e70a 
…t SoftDeletes

Issue: shouldQualifyColumn() method was unconditionally calling getDeletedAtColumn()
which only exists on models using the SoftDeletes trait. This caused a fatal error
when querying models like Permission that don't use soft deletes.

Error:
BadMethodCallException: Call to undefined method Fleetbase\Models\Permission::getDeletedAtColumn()

Fix: Check if the method exists before calling it using method_exists().
Only include deleted_at column in qualifiable columns if the model uses SoftDeletes.

Impact:
- Fixes fatal error when querying Permission and other non-soft-deletable models
- Maintains backward compatibility with models that do use SoftDeletes
- No functional changes to soft-delete behavior
@roncodes
Added caching to permission model
9b36e81
@roncodes roncodes merged commit 9020d12 into main Dec 21, 2025
1 check passed
@roncodes roncodes deleted the dev-v1.6.30 branch December 21, 2025 03:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roncodes