Record Locking In Laravel 8 ?

@vincej this happens mostly in a client server setting (same office), but can happen if say a husband and wife or two truck dispatchers (just examples) edit something at the same time.

For cases where it can happen set an FOR UPDATE lock and perform a transaction.

In most cases two users won't be on same edit, like this forum, I can only edit my replies.

@Tray2 Yup, that sounds right. And those are the large multiuser systems he has worked on. So, I have not read @jlrdw reponse on MYSQL yet, but is it not normal for Laravel users to implement this? I am assuming that Laravel is being used by some larger companies; no ?

@vincej I think the question is rather if big companies use mysql as this is all handled by the database, not laravel

@vincej It's not that common no but check the manual on the link I gave your and you see how easy it is to implement.

@Tray2 Thank you - I have not studied it yet, but that looks encouraging. You see the guy is a consultant now, and he looks for stuff like this. If I don't satisfy his question, my app will be disregarded out of the gate. So, can you tell me, does this feature effectively deliver protection from two users each others update to a record? I don't want to implement huge number of changes if it does not do it. Thanks !!

@vincej I believe you only lock it for the duration of the change. So if I save 2 seconds after you, by change overwrites your

@Sinnbeck Yes, exactly, and therefore by definition multiple users can overwrite each others amendments, thus in his opinion, such a system is not a multi user system. Ugh!

@vincej but how would such a system work? For how long would you expect the record to be locked? I am actually curious

@vincej Yes and no. If you do a select for update no other user can make changes to that record until the first user have done a commit or a rollback. There is nothing however to prevent another user from updating it after the previous commit/rollback. The thing to be aware of is that if a user does a select for update and doesn't save or cancel it the recorded will be locked until the session that locks the record is killed.

@Sinnbeck I'm not sure, I have never worked in that environment, however, @tray2 makes a very good point, that it could be locked for a long time. I think my colleague wants assurances that my application will not allow two users to overwrite each others amendments. So, putting aside the situation where someone opens a record and then goes home, I would expect that a record would be open for the duration of the transaction. some seconds to perhaps a minute or two. This is not something I have thought about. But I need to figure it out or else my consultant friend will dismiss my application entirely as a single user system.

@Tray2 never worked with that so I'm qurious how it would work? How does mysql know what user has made the lock? Would you be forced to have a mysql login for every single user?

Or are we just talking for the duration of the transaction?

@Sinnbeck I don't know, however, does the DB need to know who the user was that opened the record? I think not. Only that it is in use by another user. @jlrdw link to MYSQL offers a detailed discussion on the topic. My consultant friend asks a good question, and I am surprised that there is almost no discussions on the topic on laracasts.

@vincej as I see it, if you can lock it for a duration, the mysql should be able to identify who did so. If not it cannot know who is allowed to update the record in the end. Only was I can see this working on a database layer is within a single transaction

@Sinnbeck That is a very good question, I don't know how that would function but I think that the connection to the database is stored in a session in the database and if that session takes out a lock only that same session can do the commit or rollback. So if you have a edit view it must take out the lock and then the update method needs to commit it to the database. So I'm guessing the persistent database connections for each and every user somehow.

This is mostly old client server methodology where every user was a database user. Not sure how that would function in a modern day web app since it's usually only one database user and several application users.

@Tray2 my though exactly! I actually struggle with this issue at work on an old system using mssql. Would be nice to know of a workaround in case I someday rewrite the backend

@Sinnbeck Yes, you make a good point, I agree. This transaction locking stuff sounds very complicated and an enormous amount of work. Somehow I need to come up with a reasonable answer for him, even if it means that I will do it, and this is how.

For the record, I don't think I have seen any modern system handle this without some sort of js/ajax check if a user is editing a record. I know WordPress does it this way

@vincej any chance you can ask him if his solution is multiple database users or if he has another trick (like locking using code)?

@Sinnbeck Yes I am speaking with him tomorrow at length. This subject will be for 100% certain part of the discussion. I fear that he will insist that my application is not a true multiuser system.

@vincej well if you are able to get an idea of what he expects in more detail, it might end up being solvable

@Tray2 Ok, fair enough. Any idea how large php users handle this problem eg Amazon, Magento etc?

@vincej I would try and find out how others are doing it. If they expect it to be like that then they must have other examples of systems where that is the case. I would then dive into how they work for inspiration

@Sinnbeck It appears that no one else on Laracasts has been asking this question. But, yes, for sure I will study the issue this afternoon.

@Sinnbeck Nice idea, I will look into it. I don't think my app will be condemned for not having it today, but I will need to show a roadmap on how to get there.

@vincej Like I said: For cases where it can happen set a FOR UPDATE lock and perform a transaction.

And a transaction is easy, not hard at all. That's all you would need to do. You can do a transaction within laravel.

Edit: If fact here is an example:

https://stackoverflow.com/questions/61985327/how-to-lockforupdate-on-an-existing-eloquent-model

@jlrdw You know, I think you were right all along! I just had a look at FOR UPDATE, and indeed, it looks like this would do the trick! I will have to try one and see how well it works. I just looked at a video on transaction from Povilas, and to me, it looks like journaling on steroids.

I find it bizaar that it looks like I am the first person to ask this question on LC. When I get it working, I will come back and give your answer the best reply reward. MANY THANKS!

@vincej see my edit also, the laravel example.

@Snapey Many Thanks for that ! Great answer. So, if I understand you correctly, I could just store the last "updated_at" value, and if when the form is posted back to the server, you check that the updated_at value has not changed. And if it has changed that means that someone else has amended the record. So, then I need to compare DB record and and my form, and update the DB with my form as mine is newer? This sounds quit complex, I'm scared already! Particularly since I would need to amend dozens and dozens of views and the controllers which go with them. Maybe I have not understood correctly?

@vincej all of your Farms are not going to have this problem, as I'm sure customer A cannot edit customer B data.

Taylor has lock example in the docs.

@jlrdw Farms? You are right. However, I will be deploying one instance per customer, so there is no risk of that.

The essential problem is to ensure that if a large company calls up my user who themselves might have multiple employees manning phones, and says change my address. Ok. However, then someone from the same "large company" also calls at the same time and speaks to a different person, and says add a new phone number to our company profile, then called #2 data will overwrite caller #1 data.

@vincej If you find that the record has been updated whilst the user was deciding what to enter, then you have to go back to them with an error and let them fill the form in again

@vincej I found a very detailed article covering locks: https://stackoverflow.com/questions/129329/optimistic-vs-pessimistic-locking

It even has diagrams.

@Snapey So that means user #2 has an error message presented, some JS I guess, and then refresh the page and tell them to re-enter the data they were about to enter. Correct? Sounds good, but does this not require a lot of coding at both view and controller level? Just like to understand and find the easiest / quickest approach.

@jlrdw Mnay thanks ! I'll check it out! Gotta walk the dog before it gets too dark and cold -5C (20F) here, snow, wind! Texas must be nice!

@vincej 75 degrees.

@Sinnbeck Looks interesting. I'll study this. Many thanks !!

@Sinnbeck @snapey thinking about the validation approach it occurred to me that when user two gets a warning that there have been changes they will have to refresh their page view with the upto date data. Ok. But surely this means they loose all the amendments they made and they will now have to be re-entered. Correct?

@vincej unfortunately yes. There could be some clever presentation of the conflict and allow the user to choose which one they want, but it would require a bit of work

@vincej but at least the changes wouldn't be gone until they manually refresh, due to laravels old() helper

@snapey

Very good point - just like in wikipedia!

I have so much to do, between this, and a side project, that I really don't want to be having to re-engineering my whole site. Many thanks !

@Snapey Furthermore, this guy comes from a mainframe world. I am never going to be selling into banks or airlines. I am selling into small and medium sized businesses. I am not selling against SAP. And now that I better understand the technical issues better, I accept it is a priority, but it is not for me a top priority. Cheers !

@rawfan

Thanks for your thoughts. They are much appreciated.

I am sure you mean nothing by it, however, computer science is not my hobby. I have been in the software industry since 1985, working for some of the most prominent corporations in the world, commonly in a senior management positions. My last "real job" was running Canadian operations for a publicly quoted International software provider. In my new role as an independent s/w developer, I accept my search for technical responses with humility.

As I said in earlier responses, I am not convinced that record locking is essential for my application. Nevertheless I am going to study the various suggestions from @jlrdw, @sinnbeck, @snapey. And I will include those wikipedia references you have offered.

Many Thanks !! Cheers Vince