projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e711e48)
8886: Restore behavior in group_permissions to call
authorPeter Amstutz <peter.amstutz@curoverse.com>
Wed, 11 May 2016 13:50:23 +0000 (09:50 -0400)
committerPeter Amstutz <peter.amstutz@curoverse.com>
Wed, 11 May 2016 13:52:13 +0000 (09:52 -0400)
calculate_group_permissions when cache is empty and async_permissions_update is
not true.

services/api/app/models/group.rb patch | blob | history
services/api/app/models/user.rb patch | blob | history

diff --git a/services/api/app/models/group.rb b/services/api/app/models/group.rb
index ac3309bb8c164e1b65aceec6bb7ce8bcef6c6c6b..6105b5f35d78636b0c9471b4f1315ec2236d77d6 100644 (file)
--- a/services/api/app/models/group.rb
+++ b/services/api/app/models/group.rb
@@ -20,7 +20,7 @@ class Group < ArvadosModel
     if uuid_changed? or owner_uuid_changed?
       # This can change users' permissions on other groups as well as
       # this one.
-      invalidate_permissions_cache db_current_time.to_i
+      invalidate_permissions_cache
     end
   end
 
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 3cb595b499264bdff8d551d4b0855bb122137dc7..553a3be5aebbd703690f54156a6c0efb22dbe528 100644 (file)
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -123,14 +123,22 @@ class User < ArvadosModel
     true
   end
 
-  def self.invalidate_permissions_cache timestamp
+  def self.invalidate_permissions_cache(timestamp=nil)
     if Rails.configuration.async_permissions_update
+      timestamp = DbCurrentTime::db_current_time.to_i if timestamp.nil?
       connection.execute "NOTIFY invalidate_permissions_cache, '#{timestamp}'"
     else
       Rails.cache.delete_matched(/^groups_for_user_/)
     end
   end
 
+  # Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
+  # and perm_hash[:write] are true if this user can read and write
+  # objects owned by group_uuid.
+  #
+  # The permission graph is built by repeatedly enumerating all
+  # permission links reachable from self.uuid, and then calling
+  # search_permissions
   def calculate_group_permissions
       permissions_from = {}
       todo = {self.uuid => true}
@@ -186,15 +194,17 @@ class User < ArvadosModel
   # Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
   # and perm_hash[:write] are true if this user can read and write
   # objects owned by group_uuid.
-  #
-  # The permission graph is built by repeatedly enumerating all
-  # permission links reachable from self.uuid, and then calling
-  # search_permissions
   def group_permissions
     r = Rails.cache.read "groups_for_user_#{self.uuid}"
-    while r.nil?
-      sleep(0.1)
-      r = Rails.cache.read "groups_for_user_#{self.uuid}"
+    if r.nil?
+      if Rails.configuration.async_permissions_update
+        while r.nil?
+          sleep(0.1)
+          r = Rails.cache.read "groups_for_user_#{self.uuid}"
+        end
+      else
+        r = calculate_group_permissions
+      end
     end
     r
   end