Use cache for datastructures of the user/permission management

genieacs · Dec 7, 2017 · c04ad95 · c04ad95
1 parent 9237739
commit c04ad95
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 24 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -69,15 +69,41 @@ def denormalize_resource_path(resource, resource_prefix)
   def get_permissions
     case Rails.configuration.auth_method
     when :db
-      fetch_permissions_from_db
+      Rails.configuration.permissions = Rails.cache.fetch("all_permissions", race_condition_ttl: 5.seconds) do
+        roles = Role.all
+        Rails.configuration.permissions = {}
+
+        roles.each do |role|
+          Rails.configuration.permissions[role.name] = Array.new
+          role.privileges.each do |privilege|
+            Rails.configuration.permissions[role.name].push([privilege.action, privilege.weight, privilege.resource])
+          end
+        end
+        Rails.configuration.permissions
+      end
+
+      Rails.configuration.users = Rails.cache.fetch("all_users", race_condition_ttl: 5.seconds) do
+        users = User.all
+        Rails.configuration.users = {}
+
+        users.each do |user|
+          Rails.configuration.users[user.username] = Hash.new
+          Rails.configuration.users[user.username]["password"] = user.password
+          Rails.configuration.users[user.username]["roles"] = Array.new
+          user.roles.each do |role|
+            Rails.configuration.users[user.username]["roles"].push(role.name)
+          end
+        end
+        Rails.configuration.users
+      end
     end
 
     roles = ['anonymous']
     if current_user
       roles.concat(Rails.configuration.users[current_user]['roles'])
     end
 
-    @permissions ||= Rails.cache.fetch("#{roles}_permisions", :expires_in => 60.seconds) do
+    @permissions ||= Rails.cache.fetch("#{roles}_permissions", race_condition_ttl: 5.seconds) do
       permissions = []
       roles.each do |role|
         if Rails.configuration.permissions.has_key?(role)
@@ -91,28 +117,10 @@ def get_permissions
     end
   end
 
-  def fetch_permissions_from_db
-    roles = Role.all
-    Rails.configuration.permissions = {}
-
-    roles.each do |role|
-      Rails.configuration.permissions[role.name] = Array.new
-      role.privileges.each do |privilege|
-        Rails.configuration.permissions[role.name].push([privilege.action, privilege.weight, privilege.resource])
-      end
-    end
-
-    users = User.all
-    Rails.configuration.users = {}
-
-    users.each do |user|
-      Rails.configuration.users[user.username] = Hash.new
-      Rails.configuration.users[user.username]["password"] = user.password
-      Rails.configuration.users[user.username]["roles"] = Array.new
-      user.roles.each do |role|
-        Rails.configuration.users[user.username]["roles"].push(role.name)
-      end
-    end
+  def clear_permissions_cache
+    Rails.cache.delete("all_permissions")
+    Rails.cache.delete("all_users")
+    Rails.cache.delete_matched(".*_permissions")
   end
 
 end
diff --git a/app/controllers/change_password_controller.rb b/app/controllers/change_password_controller.rb
@@ -21,6 +21,8 @@ def update
       flash[:error] = user.errors.full_messages.join('; ')
       redirect_to change_password_path
       return
+    else
+      clear_permissions_cache
     end
 
     flash[:success] = 'Password successfully changed'

diff --git a/app/controllers/privileges_controller.rb b/app/controllers/privileges_controller.rb
@@ -4,6 +4,7 @@ def create
     can?(:create, 'privileges') do
       @role = Role.find(params[:role_id])
       @privilege = @role.privileges.create(privilege_params)
+      clear_permissions_cache
       redirect_to edit_role_path(@role)
     end
   end
@@ -13,6 +14,7 @@ def destroy
       @role = Role.find(params[:role_id])
       @privilege = @role.privileges.find(params['id'])
       @privilege.destroy
+      clear_permissions_cache
       redirect_to edit_role_path(@role)
     end
   end

diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb
@@ -26,6 +26,7 @@ def create
     can?(:create, 'roles') do
       @role = Role.new(role_params)
       if @role.save
+        clear_permissions_cache
         redirect_to roles_path
       else
         render 'new'
@@ -37,6 +38,7 @@ def update
     can?(:update, 'roles') do
       @role = Role.find(params['id'])
       if @role.update(role_params)
+        clear_permissions_cache
         redirect_to roles_path
       else
           render 'edit'
@@ -48,6 +50,7 @@ def destroy
     can?(:delete, 'roles') do
       @role = Role.find(params['id'])
       @role.destroy
+      clear_permissions_cache
       redirect_to roles_path
     end
   end

diff --git a/app/controllers/user_roles_controller.rb b/app/controllers/user_roles_controller.rb
@@ -4,6 +4,7 @@ def create
     can?(:create, 'user_roles') do
       @user = User.find(params[:user_id])
       @user_role = @user.user_roles.create(user_role_params)
+      clear_permissions_cache
       redirect_to edit_user_path(@user)
     end
   end
@@ -13,6 +14,7 @@ def destroy
       @user = User.find(params[:user_id])
       @user_role = @user.user_roles.find(params['id'])
       @user_role.destroy
+      clear_permissions_cache
       redirect_to edit_user_path(@user)
     end
   end

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -25,6 +25,7 @@ def create
     can?(:create, 'users') do
       @user = User.new(user_params)
       if @user.save
+        clear_permissions_cache
         redirect_to users_path
       else
         render 'new'
@@ -40,6 +41,7 @@ def update
       end
 
       if @user.update(user_params)
+        clear_permissions_cache
         redirect_to users_path
       else
           render 'edit'
@@ -51,6 +53,7 @@ def destroy
     can?(:delete, 'users') do
       @user = User.find(params['id'])
       @user.destroy
+      clear_permissions_cache
       redirect_to users_path
     end
   end