Skip to content

[Bug]: Deck 1.18.2 + notify_push 1.3.3 on NC34 — opening any board returns 404 (dirty table reads in LiveUpdateListener) #8111

Description

@ssergio-ll

Describe the bug

After upgrading to Nextcloud 34.0.1, opening any board in Deck returns Request failed with status code 404. The issue only occurs when notify_push is enabled. Disabling notify_push (occ app:disable notify_push) resolves the problem immediately.

To Reproduce

  1. Have Nextcloud 34.0.1 running with Deck 1.18.2 and notify_push 1.3.3 enabled
  2. Open Deck from the top navigation menu
  3. Click on any board
  4. Frontend immediately returns: Request failed with status code 404

Expected behavior

The board loads normally.

Server details

Operating system: Synology DSM (ARM64)
PHP version: 8.4
Nextcloud version: 34.0.1
Deck version: 1.18.2
notify_push version: 1.3.3

What happens

The request PUT /ocs/v2.php/apps/deck/api/v1.0/session/create fails. The following exception appears in nextcloud.log at level 0 (debug):

Exception: dirty table reads: SELECT `id`, `board_id`, `last_contact`, `user_id`, `token`
FROM `oc_deck_sessions` 
WHERE (`board_id` = :dcValue1) AND (`last_contact` > :dcValue2)

Stack trace

SessionController::create()
  → SessionService::initSession()
  → EventDispatcher::dispatchTyped(SessionCreatedEvent)
  → LiveUpdateListener::handle()              [LiveUpdateListener.php line 73]
  → SessionService::notifyAllSessions()
  → SessionMapper::findAllActive()            [SessionMapper.php line 49-51]
    → QueryBuilder::executeQuery()
      → Exception: dirty table reads          [Connection.php line 407]

Root cause analysis

NC34 appears to have tightened enforcement of "dirty table reads" detection (reads outside an active DB transaction). When a user opens a board, LiveUpdateListener fires a SessionCreatedEvent and attempts to notify active sessions via notify_push/Redis. Inside that event handler, SessionMapper::findAllActive() executes a SELECT on oc_deck_sessions outside a transaction. In NC34 this triggers an exception that aborts the entire request, which the frontend receives as a 404.

Workaround

Disabling notify_push resolves the issue:

occ app:disable notify_push

Workaround that does NOT work

occ config:app:set deck disable_push_notifications --value=1

This config key has no effect — the LiveUpdateListener still fires and the exception still occurs.

Suggested fix

The SELECT in SessionMapper::findAllActive() called from LiveUpdateListener should be wrapped in a proper transaction context, or the dirty read check should be explicitly bypassed for this read-only lookup in the event listener.

This issue started after upgrading from Nextcloud 33 to Nextcloud 34.0.1.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions