[SalesForce] Lightning Locker Service and object fields at different levels

I'm seeing some unexpected behaviour with the locker service enabled when updating two fields on an object, one of which is nested inside a sub-object.

I have a lightning application that initialises a JavaScript object and passes references to fields on the object, and the object itself, as attributes to a contained component:

App Markup

<aura:application >
    <aura:attribute name="obj" type="object" />
    <aura:handler name="init" value="{!this}" action="{!c.init}" />

    Top level value: <ui:outputText value="{!v.obj.value1}" /> <br/>
    Nested value: <ui:outputText value="{!v.obj.sub.value2}" /> <br/>

    <c:MultiFieldTest obj="{!v.obj}" value1="{!v.obj.value1}" value2="{!v.obj.sub.value2}" />

    <br/>

    <button onclick="{!c.showObj}">Show Object</button>
</aura:application>

app controller

({
    init : function(component, event, helper) {
        helper.init(component);
    },
    showObj : function(component, event, helper) {
        helper.showObj(component);
    }
})

app helper:

({
    init : function(cmp) {
        var obj={value1:'', sub:{value2:''}};
        cmp.set('v.obj', obj);
    },
    showObj : function(cmp) {
        alert('Object = ' + JSON.stringify(cmp.get('v.obj')));
    }
})

So the concept is there is an object with the structure:

{value1:'', 
 sub:{
     value2:''}
}

and I want to pass value1 and sub.value2 as attributes to a component that will update them. However, to ensure that the changes are propagated up and down the food chain (as per : Lightning Components – SObject attribute change event only sent to descendants) I am also passing in the object itself. Essentially I want the contained component to update a couple of fields and propagate the changes without having to know which fields it is updating.

The containing component markup:

<aura:component>
    <aura:attribute name="value1" type="String" />
    <aura:attribute name="value2" type="String" />
    <aura:attribute name="obj" type="object"/>

    <button onclick="{!c.setValues}">Set Values</button>

</aura:component>

controller:

({
    setValues : function(component, event, helper) {
        helper.setValues(component);
    }
})

helper:

({
    setValues : function(cmp) {
        var obj=cmp.get('v.obj');
        console.log('Obj before = ' + JSON.stringify(obj));

        cmp.set('v.value1', 'Value 1');
        cmp.set('v.value2', 'Value 2'); 

        obj=cmp.get('v.obj');
        console.log('Obj after = ' + JSON.stringify(obj));

        cmp.set('v.obj', obj);
    }
})

So when the user clicks the button, strings are set into the value1/value2 attributes and the underlying object 'reset' into the page. I then click on the 'Show Object' button, and the results are as expected with the locker service deactivated.

However, when I activate the locker service, only the second update 'sticks' and obj.value1 is empty, although both ui:outputText elements show the value1/value2 details as expected. What appears to be happening is that setting the first attribute updates the page as expected, and the object, but setting the second attribute updates the page and an earlier version of the object, minus the value1 details.

However, if I don't get the obj attribute at the beginning of the setValues method, it works:

setValues : function(cmp) {
    // var obj=cmp.get('v.obj'); <---- removed this

    cmp.set('v.value1', 'Value 1');
    cmp.set('v.value2', 'Value 2'); 

    var obj=cmp.get('v.obj');
    console.log('Obj after = ' + JSON.stringify(obj));

    cmp.set('v.obj', obj);
}

So pretty easy to work around, but I'm curious as to why this would be necessary with the locker service enabled – there's no secure versions of anything in play and the attributes are all accessible to the component. Its almost like the act of looking at the object fixes a version somewhere, and all updates retrieve that version before applying their update, rather than retrieving the latest version.

Best Answer

There are secure proxies involved here for certain - currently arrays and raw objects are being sent through filtering/wrapping/unwrapping. We just fixed (deploys in the next patch Tuesday) a similar issue in that logic specific to arrays where the initial value was getting "pinned". This looks very similar but I do not think the changes I have queued up for the array issue will address this nested object problem. I'm opening a bug to track this now.

I'd also like to second crmprogdev's sentiment and I'm certain that could be arranged if you are interested in joining the Salesforce team :-) I can tell you it always looks easier from the outside though.

The security and supportability challenge we are going after is massive and has never been solved afaik by any platform. The amount that just works and is secure (and fast) is substantial and the surface area we are covering is huge - the testing matrix includes dozens of browser versions, hundreds of libraries, etc and all of the wild and wacky JavaScript and BOM/DOM fun that has accreted in the world over decades. It's tricky. We've also rolled out access= enforcement simultaneously which has been the actual issue in many of the cases we've investigated. There have also been the usual helping of bugs in any release where thousands of developers have been working on a product for the release.

Related Solutions

[SalesForce] Lightning Component – Locker Service: Onclick button, div no longer working

I'm faced with the same problem. I'm doing an aura:iteration to create a list of < th > with an onclick="{!c.func}". Since I don't know how to pass a paramater to said func, I was using the data attributes. Come LockerService, it stopped working.

I've asked somewhat the same question and got a reply that it's a known SF issue and they're working on it:

https://salesforce.stackexchange.com/a/129468/31984

And there's already an open case about it:

https://success.salesforce.com/issues_view?id=a1p3A00000183rMQAQ

Either way, I found a workaround for now:

Creating a mini component which extends the original component (thus has access to the same JS Controller and helper), and putting the < th > with onclick as the markup of the new component. After that replacing all the < th > in the original component with instances of this new mini component, and instead of using a data attribute, just pass the value as a parameter to the inner component. Once the function gets called from one of the inner components, it will raise an application event to be caught by all the other instances of the inner component to check whether their 'key argument' matches whatever was fired by the event, and perform the appropriate action (add/remove class in my case, on objects I now have access to due to not being inside the aura namespace).

Here's some code (hopefully didn't miss anything copy pasting):

appEvent.evt:

<aura:event type="APPLICATION">
    <aura:attribute name="containerGId" type="String" />
    <aura:attribute name="fieldName" type="String" />
</aura:event>

innerComp.cmp

<aura:component>
    <aura:attribute name="containerGId" type="String" />
    <aura:attribute name="fieldName" type="String" />
    <aura:registerEvent name="appEvt" type="c:appEvent" />
    <aura:handler event="c:appEvent" action="{!c.catchSomething}" />
    <th aura:id='columnHeaders' onclick="{!c.fireSomething}">{!v.fieldName}</th>
</aura:component>

mainComp.cmp

<...>
<tr>
    <aura:iteration items="{!v.fieldNames}" var="fieldName">
        <c:innerComp containerGId="{!globalId}" fieldName="{!fieldName}" />
    </aura:iteration>
<tr>
<...>

innerCompController.js

({
    fireSomething : function(component, event, helper) {
        helper.fireSomething(component);
    },

    catchSomething : function(component, event, helper) {
        var evtContainerGId = event.getParam("containerGId");
        var cmpContainerGId = component.get("v.containerGId");

        if (evtContainerGId === cmpContainerGId) {
            var cmpFieldName = component.get("v.fieldName");
            var evtFieldName = event.getParam("fieldName");
            var headerElement = component.find("columnHeaders").getElement();

            if (evtFieldName === cmpFieldName) {
                $A.util.addClass(headerElement, 'slds-is-sorted');
            }
            else {
                $A.util.removeClass(headerElement, 'slds-is-sorted');
            }

innerCompHelper.js

({
    fireSomething : function(component) {
        var appEvent = $A.get("e.appEvent");
        var containerGId = component.get("v.containerGId");
        var fieldName = component.get("v.fieldName");
        appEvent.setParams({ "containerGId" : containerGId, "fieldName" : fieldName });
        appEvent.fire();
    }
})

[SalesForce] Data binding for different attribute types in parent & child components under locker service

I think that after spending few hours I found the answer for the above. Still not sure if it's a bug or a feature of the framework, but definately it has something to do with how secure objects are constructed.

You need to make sure all possible properties for the object are defined (even if null) when you call component.set("v.obj", obj); for the first time.

Here is example component & controller, with one simple attribute (initialized on init), and two buttons calling log & set functions of controller:

<aura:component >
    <aura:attribute name="testAtr" type="Object" access="global"/>
    <aura:handler name="init" value="{!this}" action="{!c.initialize}"/>
    <p><a onclick="{!c.logAtr}">Console Log Parent</a></p>
    <p><a onclick="{!c.setSth}">Set Something</a></p>
</aura:component>

({
    initialize : function(component, event, helper) {
        var obj = {};
        obj.data = 'test';
        // obj.someNewProperty = null;
        component.set("v.testAtr", obj);
    },
    logAtr : function(component, event, helper) {
        console.log(component.get("v.testAtr.someNewProperty"));
    },
    setSth : function(component, event, helper) {
        var testAtr = component.get("v.testAtr");
        testAtr.someNewProperty = 'New Property';
        component.set("v.testAtr", testAtr);
    },
})

If the line obj.someNewProperty = null; in initialize method is commented out, console.log returns undefined even if you call setSth method that actually sets value of obj.someNewProperty.

If the line obj.someNewProperty = null; in initialize method is present, console.log returns null before calling setSth method and 'New Property' after calling it.

EDIT: But this has some drawbacks. Let's imagine we have a simple form for sObject. You need to initialize object with all the possible properties. If you don't do this - no values will be kept. If these lines: acc.Name = null; acc.Phone = null; acc.Account_Status__c = null; are commented as in below example - value put in the input text is not bind to testAcc attribute.

<aura:component >
    <aura:attribute name="testAcc" type="Account" access="global"/>
    <aura:handler name="init" value="{!this}" action="{!c.initialize}"/>

    <p>Name: <ui:inputText value="{!v.testAcc.Name}"/></p>
    <p>Phone: <ui:inputText value="{!v.testAcc.Phone}"/></p>
    <p>Status: <ui:inputText value="{!v.testAcc.Account_Status__c}"/></p>
    <p><a onclick="{!c.logAcc}">Console Log Acc</a></p>
</aura:component>

({
    initialize : function(component, event, helper) {
        var acc = {};
        // acc.Name = null;
        // acc.Phone = null;
        // acc.Account_Status__c = null;
        component.set("v.testAcc", acc);
    },

    logAcc : function(component) {
        console.log(component.get("v.testAcc"));
    }
})

Best Answer

Related Solutions

[SalesForce] Lightning Component – Locker Service: Onclick button, div no longer working

[SalesForce] Data binding for different attribute types in parent & child components under locker service

Related Topic