services/api/lib/refresh_permission_view.rb

   1 # Copyright (C) The Arvados Authors. All rights reserved.
   2 #
   3 # SPDX-License-Identifier: AGPL-3.0
   4
   5 PERMISSION_VIEW = "materialized_permissions"
   6 TRASHED_GROUPS = "trashed_groups"
   7
   8 def do_refresh_permission_view
   9   ActiveRecord::Base.transaction do
  10     ActiveRecord::Base.connection.execute("LOCK TABLE permission_refresh_lock")
  11     ActiveRecord::Base.connection.execute("DELETE FROM #{PERMISSION_VIEW}")
  12     ActiveRecord::Base.connection.execute %{
  13 INSERT INTO #{PERMISSION_VIEW}
  14 select users.uuid, g.target_uuid, g.val, g.traverse_owned
  15 from users, lateral search_permission_graph(users.uuid, 3) as g
  16 }
  17   end
  18 end
  19
  20 def refresh_permission_view(async=false)
  21   if async and Rails.configuration.API.AsyncPermissionsUpdateInterval > 0
  22     exp = Rails.configuration.API.AsyncPermissionsUpdateInterval.seconds
  23     need = false
  24     Rails.cache.fetch('AsyncRefreshPermissionView', expires_in: exp) do
  25       need = true
  26     end
  27     if need
  28       # Schedule a new permission update and return immediately
  29       Thread.new do
  30         Thread.current.abort_on_exception = false
  31         begin
  32           sleep(exp)
  33           Rails.cache.delete('AsyncRefreshPermissionView')
  34           do_refresh_permission_view
  35         rescue => e
  36           Rails.logger.error "Updating permission view: #{e}\n#{e.backtrace.join("\n\t")}"
  37         ensure
  38           ActiveRecord::Base.connection.close
  39         end
  40       end
  41       true
  42     end
  43   else
  44     do_refresh_permission_view
  45   end
  46 end