protected function clearAllCaches() { ForgetAllCacheUtil::forgetAllCaches(); PermissionsCache::forgetAll(true); RightsCache::forgetAll(true); Role::forgetRoleIdToRoleCache(); }
public static function forgetAllCaches() { RedBeanModelsCache::forgetAll(); RedBeansCache::forgetAll(); PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); GeneralCache::forgetAll(); BeanModelCache::forgetAll(); Currency::resetCaches(); //php only cache }
public static function setUpBeforeClass() { parent::setUpBeforeClass(); ZurmoDatabaseCompatibilityUtil::createActualPermissionsCacheTable(); ZurmoDatabaseCompatibilityUtil::createNamedSecurableActualPermissionsCacheTable(); ZurmoDatabaseCompatibilityUtil::createActualRightsCacheTable(); ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures(); PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); Currency::resetCaches(); //php only cache Permission::resetCaches(); //php only cache self::$activitiesObserver = new ActivitiesObserver(); self::$activitiesObserver->init(); //runs init(); self::$conversationsObserver = new ConversationsObserver(); self::$conversationsObserver->init(); //runs init(); self::$emailMessagesObserver = new EmailMessagesObserver(); self::$emailMessagesObserver->init(); //runs init(); self::$contactLatestActivityDateTimeObserver = new ContactLatestActivityDateTimeObserver(); self::$contactLatestActivityDateTimeObserver->init(); //runs init(); self::$accountLatestActivityDateTimeObserver = new AccountLatestActivityDateTimeObserver(); self::$accountLatestActivityDateTimeObserver->init(); //runs init(); self::$accountContactAffiliationObserver = new AccountContactAffiliationObserver(); self::$accountContactAffiliationObserver->init(); //runs init(); Yii::app()->gameHelper; Yii::app()->gamificationObserver; //runs init(); Yii::app()->gameHelper->resetDeferredPointTypesAndValuesByUserIdToAdd(); Yii::app()->emailHelper->sendEmailThroughTransport = false; Yii::app()->jobQueue->deleteAll(); }
public static function setUpBeforeClass() { parent::setUpBeforeClass(); ZurmoDatabaseCompatibilityUtil::createActualPermissionsCacheTable(); ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures(); PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); Currency::resetCaches(); //php only cache $activitiesObserver = new ActivitiesObserver(); $activitiesObserver->init(); //runs init(); $conversationsObserver = new ConversationsObserver(); $conversationsObserver->init(); //runs init(); Yii::app()->gameHelper; Yii::app()->gamificationObserver; //runs init(); Yii::app()->gameHelper->resetDeferredPointTypesAndValuesByUserIdToAdd(); Yii::app()->emailHelper->sendEmailThroughTransport = false; }
protected function clearCaches() { PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); }
protected function afterDelete() { PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); }
protected function forgetPermissionsRightsAndPoliciesCache() { PermissionsCache::forgetAll(); Permission::resetCaches(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); }
/** * Override to ensure the permissions cache is forgotten since if it is not, other users logged in will not * get the effective changes until the cache is cleared across the application. * (non-PHPdoc) * @see ZurmoBaseController::actionAfterSuccessfulModelSave() */ protected function actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams = null) { PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); parent::actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams); }
public function getActualRight($moduleName, $rightName) { assert('is_string($moduleName)'); assert('is_string($rightName)'); assert('$moduleName != ""'); assert('$rightName != ""'); $identifier = $this->id . $moduleName . $rightName . 'ActualRight'; if (!SECURITY_OPTIMIZED) { // The slow way will remain here as documentation // for what the optimized way is doing. try { // not using default value to save cpu cycles on requests that follow the first exception. return RightsCache::getEntry($identifier); } catch (NotFoundException $e) { if (Group::getByName(Group::SUPER_ADMINISTRATORS_GROUP_NAME)->contains($this)) { $actualRight = Right::ALLOW; } else { $actualRight = parent::getActualRight($moduleName, $rightName); } RightsCache::cacheEntry($identifier, $actualRight); } } else { try { // not using default value to save cpu cycles on requests that follow the first exception. return RightsCache::getEntry($identifier); } catch (NotFoundException $e) { // Optimizations work on the database, // anything not saved will not work. assert('$this->id > 0'); $actualRight = intval(ZurmoDatabaseCompatibilityUtil::callFunction("get_user_actual_right({$this->id}, '{$moduleName}', '{$rightName}')")); RightsCache::cacheEntry($identifier, $actualRight); } } return $actualRight; }
public function testRightsPropagationViaRoles() { $parentRole = Role::getByName('Sales Manager'); $childRole = Role::getByName('Sales Person'); $childChildRole = Role::getByName('Junior Sales Person'); $userInParentRole = $parentRole->users[0]; $userInChildRole = $childRole->users[0]; $userInChildChildRole = $childChildRole->users[0]; $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInChildRole->save()); $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInParentRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API, Right::DENY); $this->assertTrue($userInParentRole->save()); $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInParentRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInParentRole->save()); $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API, Right::DENY); $this->assertTrue($userInChildRole->save()); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInParentRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInParentRole->save()); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInParentRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInParentRole->save()); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInChildRole->save()); $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInChildRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInChildRole->save()); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $userInChildChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API); $this->assertTrue($userInChildChildRole->save()); $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::ALLOW, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); Right::deleteAll(); //Clear the cache since the method above removeAll calls directly to the database. RightsCache::forgetAll(); $userInParentRoleId = $userInParentRole->id; $userInChildRoleId = $userInChildRole->id; $userInChildChildRoleId = $userInChildChildRole->id; RedBeanModel::forgetAll(); unset($userInParentRole); unset($userInChildRole); unset($userInChildChildRole); $userInParentRole = User::getById($userInParentRoleId); $userInChildRole = User::getById($userInChildRoleId); $userInChildChildRole = User::getById($userInChildChildRoleId); $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API)); }
protected function afterSave() { parent::afterSave(); if ($this->rightsChanged) { RightsCache::forgetAll(); $this->rightsChanged = false; } if ($this->policiesChanged) { PoliciesCache::forgetAll(); $this->policiesChanged = false; } }