diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f48900b..800677f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -69,7 +69,33 @@ def denormalize_resource_path(resource, resource_prefix) def get_permissions case Rails.configuration.auth_method when :db - fetch_permissions_from_db + Rails.configuration.permissions = Rails.cache.fetch("all_permissions", race_condition_ttl: 5.seconds) do + roles = Role.all + Rails.configuration.permissions = {} + + roles.each do |role| + Rails.configuration.permissions[role.name] = Array.new + role.privileges.each do |privilege| + Rails.configuration.permissions[role.name].push([privilege.action, privilege.weight, privilege.resource]) + end + end + Rails.configuration.permissions + end + + Rails.configuration.users = Rails.cache.fetch("all_users", race_condition_ttl: 5.seconds) do + users = User.all + Rails.configuration.users = {} + + users.each do |user| + Rails.configuration.users[user.username] = Hash.new + Rails.configuration.users[user.username]["password"] = user.password + Rails.configuration.users[user.username]["roles"] = Array.new + user.roles.each do |role| + Rails.configuration.users[user.username]["roles"].push(role.name) + end + end + Rails.configuration.users + end end roles = ['anonymous'] @@ -77,7 +103,7 @@ def get_permissions roles.concat(Rails.configuration.users[current_user]['roles']) end - @permissions ||= Rails.cache.fetch("#{roles}_permisions", :expires_in => 60.seconds) do + @permissions ||= Rails.cache.fetch("#{roles}_permissions", race_condition_ttl: 5.seconds) do permissions = [] roles.each do |role| if Rails.configuration.permissions.has_key?(role) @@ -91,28 +117,10 @@ def get_permissions end end - def fetch_permissions_from_db - roles = Role.all - Rails.configuration.permissions = {} - - roles.each do |role| - Rails.configuration.permissions[role.name] = Array.new - role.privileges.each do |privilege| - Rails.configuration.permissions[role.name].push([privilege.action, privilege.weight, privilege.resource]) - end - end - - users = User.all - Rails.configuration.users = {} - - users.each do |user| - Rails.configuration.users[user.username] = Hash.new - Rails.configuration.users[user.username]["password"] = user.password - Rails.configuration.users[user.username]["roles"] = Array.new - user.roles.each do |role| - Rails.configuration.users[user.username]["roles"].push(role.name) - end - end + def clear_permissions_cache + Rails.cache.delete("all_permissions") + Rails.cache.delete("all_users") + Rails.cache.delete_matched(".*_permissions") end end diff --git a/app/controllers/change_password_controller.rb b/app/controllers/change_password_controller.rb index e38c7a1..614b79e 100644 --- a/app/controllers/change_password_controller.rb +++ b/app/controllers/change_password_controller.rb @@ -21,6 +21,8 @@ def update flash[:error] = user.errors.full_messages.join('; ') redirect_to change_password_path return + else + clear_permissions_cache end flash[:success] = 'Password successfully changed' diff --git a/app/controllers/privileges_controller.rb b/app/controllers/privileges_controller.rb index 73c0679..204b972 100644 --- a/app/controllers/privileges_controller.rb +++ b/app/controllers/privileges_controller.rb @@ -4,6 +4,7 @@ def create can?(:create, 'privileges') do @role = Role.find(params[:role_id]) @privilege = @role.privileges.create(privilege_params) + clear_permissions_cache redirect_to edit_role_path(@role) end end @@ -13,6 +14,7 @@ def destroy @role = Role.find(params[:role_id]) @privilege = @role.privileges.find(params['id']) @privilege.destroy + clear_permissions_cache redirect_to edit_role_path(@role) end end diff --git a/app/controllers/roles_controller.rb b/app/controllers/roles_controller.rb index c8849fc..48234ef 100644 --- a/app/controllers/roles_controller.rb +++ b/app/controllers/roles_controller.rb @@ -26,6 +26,7 @@ def create can?(:create, 'roles') do @role = Role.new(role_params) if @role.save + clear_permissions_cache redirect_to roles_path else render 'new' @@ -37,6 +38,7 @@ def update can?(:update, 'roles') do @role = Role.find(params['id']) if @role.update(role_params) + clear_permissions_cache redirect_to roles_path else render 'edit' @@ -48,6 +50,7 @@ def destroy can?(:delete, 'roles') do @role = Role.find(params['id']) @role.destroy + clear_permissions_cache redirect_to roles_path end end diff --git a/app/controllers/user_roles_controller.rb b/app/controllers/user_roles_controller.rb index 416cc0a..b3dad6a 100644 --- a/app/controllers/user_roles_controller.rb +++ b/app/controllers/user_roles_controller.rb @@ -4,6 +4,7 @@ def create can?(:create, 'user_roles') do @user = User.find(params[:user_id]) @user_role = @user.user_roles.create(user_role_params) + clear_permissions_cache redirect_to edit_user_path(@user) end end @@ -13,6 +14,7 @@ def destroy @user = User.find(params[:user_id]) @user_role = @user.user_roles.find(params['id']) @user_role.destroy + clear_permissions_cache redirect_to edit_user_path(@user) end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ae924ab..c6bd752 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -25,6 +25,7 @@ def create can?(:create, 'users') do @user = User.new(user_params) if @user.save + clear_permissions_cache redirect_to users_path else render 'new' @@ -40,6 +41,7 @@ def update end if @user.update(user_params) + clear_permissions_cache redirect_to users_path else render 'edit' @@ -51,6 +53,7 @@ def destroy can?(:delete, 'users') do @user = User.find(params['id']) @user.destroy + clear_permissions_cache redirect_to users_path end end