true
end
- def self.invalidate_permissions_cache timestamp
+ def self.invalidate_permissions_cache(timestamp=nil)
if Rails.configuration.async_permissions_update
+ timestamp = DbCurrentTime::db_current_time.to_i if timestamp.nil?
connection.execute "NOTIFY invalidate_permissions_cache, '#{timestamp}'"
else
Rails.cache.delete_matched(/^groups_for_user_/)
end
end
+ # Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
+ # and perm_hash[:write] are true if this user can read and write
+ # objects owned by group_uuid.
+ #
+ # The permission graph is built by repeatedly enumerating all
+ # permission links reachable from self.uuid, and then calling
+ # search_permissions
def calculate_group_permissions
permissions_from = {}
todo = {self.uuid => true}
# Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
# and perm_hash[:write] are true if this user can read and write
# objects owned by group_uuid.
- #
- # The permission graph is built by repeatedly enumerating all
- # permission links reachable from self.uuid, and then calling
- # search_permissions
def group_permissions
r = Rails.cache.read "groups_for_user_#{self.uuid}"
- while r.nil?
- sleep(0.1)
- r = Rails.cache.read "groups_for_user_#{self.uuid}"
+ if r.nil?
+ if Rails.configuration.async_permissions_update
+ while r.nil?
+ sleep(0.1)
+ r = Rails.cache.read "groups_for_user_#{self.uuid}"
+ end
+ else
+ r = calculate_group_permissions
+ end
end
r
end
self.save!
end
+ def set_initial_username(requested: false)
+ if !requested.is_a?(String) || requested.empty?
+ email_parts = email.partition("@")
+ local_parts = email_parts.first.partition("+")
+ if email_parts.any?(&:empty?)
+ return
+ elsif not local_parts.first.empty?
+ requested = local_parts.first
+ else
+ requested = email_parts.first
+ end
+ end
+ requested.sub!(/^[^A-Za-z]+/, "")
+ requested.gsub!(/[^A-Za-z0-9]/, "")
+ unless requested.empty?
+ self.username = find_usable_username_from(requested)
+ end
+ end
+
protected
def ensure_ownership_path_leads_to_user
self.class.
where("username like '#{pattern}'").
select(:username).
- order(username: :asc).
- find_each do |other_user|
+ order('username asc').
+ each do |other_user|
if other_user.username > next_username
break
elsif other_user.username == next_username
nil
end
- def set_initial_username
- email_parts = email.partition("@")
- local_parts = email_parts.first.partition("+")
- if email_parts.any?(&:empty?)
- return
- elsif not local_parts.first.empty?
- base_username = local_parts.first
- else
- base_username = email_parts.first
- end
- base_username.sub!(/^[^A-Za-z]+/, "")
- base_username.gsub!(/[^A-Za-z0-9]/, "")
- unless base_username.empty?
- self.username = find_usable_username_from(base_username)
- end
- end
-
def prevent_privilege_escalation
if current_user.andand.is_admin
return true