protected function clearAllCaches()
 {
     ForgetAllCacheUtil::forgetAllCaches();
     PermissionsCache::forgetAll(true);
     RightsCache::forgetAll(true);
     Role::forgetRoleIdToRoleCache();
 }
Ejemplo n.º 2
0
 public static function forgetAllCaches()
 {
     RedBeanModelsCache::forgetAll();
     RedBeansCache::forgetAll();
     PermissionsCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
     GeneralCache::forgetAll();
     BeanModelCache::forgetAll();
     Currency::resetCaches();
     //php only cache
 }
Ejemplo n.º 3
0
 public static function setUpBeforeClass()
 {
     parent::setUpBeforeClass();
     ZurmoDatabaseCompatibilityUtil::createActualPermissionsCacheTable();
     ZurmoDatabaseCompatibilityUtil::createNamedSecurableActualPermissionsCacheTable();
     ZurmoDatabaseCompatibilityUtil::createActualRightsCacheTable();
     ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures();
     PermissionsCache::forgetAll();
     AllPermissionsOptimizationCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
     Currency::resetCaches();
     //php only cache
     Permission::resetCaches();
     //php only cache
     self::$activitiesObserver = new ActivitiesObserver();
     self::$activitiesObserver->init();
     //runs init();
     self::$conversationsObserver = new ConversationsObserver();
     self::$conversationsObserver->init();
     //runs init();
     self::$emailMessagesObserver = new EmailMessagesObserver();
     self::$emailMessagesObserver->init();
     //runs init();
     self::$contactLatestActivityDateTimeObserver = new ContactLatestActivityDateTimeObserver();
     self::$contactLatestActivityDateTimeObserver->init();
     //runs init();
     self::$accountLatestActivityDateTimeObserver = new AccountLatestActivityDateTimeObserver();
     self::$accountLatestActivityDateTimeObserver->init();
     //runs init();
     self::$accountContactAffiliationObserver = new AccountContactAffiliationObserver();
     self::$accountContactAffiliationObserver->init();
     //runs init();
     Yii::app()->gameHelper;
     Yii::app()->gamificationObserver;
     //runs init();
     Yii::app()->gameHelper->resetDeferredPointTypesAndValuesByUserIdToAdd();
     Yii::app()->emailHelper->sendEmailThroughTransport = false;
     Yii::app()->jobQueue->deleteAll();
 }
Ejemplo n.º 4
0
 public static function setUpBeforeClass()
 {
     parent::setUpBeforeClass();
     ZurmoDatabaseCompatibilityUtil::createActualPermissionsCacheTable();
     ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures();
     PermissionsCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
     Currency::resetCaches();
     //php only cache
     $activitiesObserver = new ActivitiesObserver();
     $activitiesObserver->init();
     //runs init();
     $conversationsObserver = new ConversationsObserver();
     $conversationsObserver->init();
     //runs init();
     Yii::app()->gameHelper;
     Yii::app()->gamificationObserver;
     //runs init();
     Yii::app()->gameHelper->resetDeferredPointTypesAndValuesByUserIdToAdd();
     Yii::app()->emailHelper->sendEmailThroughTransport = false;
 }
Ejemplo n.º 5
0
 protected function clearCaches()
 {
     PermissionsCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
     AllPermissionsOptimizationCache::forgetAll();
 }
Ejemplo n.º 6
0
 protected function afterDelete()
 {
     PermissionsCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
 }
Ejemplo n.º 7
0
 protected function forgetPermissionsRightsAndPoliciesCache()
 {
     PermissionsCache::forgetAll();
     Permission::resetCaches();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
 }
Ejemplo n.º 8
0
 /**
  * Override to ensure the permissions cache is forgotten since if it is not, other users logged in will not
  * get the effective changes until the cache is cleared across the application.
  * (non-PHPdoc)
  * @see ZurmoBaseController::actionAfterSuccessfulModelSave()
  */
 protected function actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams = null)
 {
     PermissionsCache::forgetAll();
     RightsCache::forgetAll();
     PoliciesCache::forgetAll();
     parent::actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams);
 }
Ejemplo n.º 9
0
 public function getActualRight($moduleName, $rightName)
 {
     assert('is_string($moduleName)');
     assert('is_string($rightName)');
     assert('$moduleName != ""');
     assert('$rightName  != ""');
     $identifier = $this->id . $moduleName . $rightName . 'ActualRight';
     if (!SECURITY_OPTIMIZED) {
         // The slow way will remain here as documentation
         // for what the optimized way is doing.
         try {
             // not using default value to save cpu cycles on requests that follow the first exception.
             return RightsCache::getEntry($identifier);
         } catch (NotFoundException $e) {
             if (Group::getByName(Group::SUPER_ADMINISTRATORS_GROUP_NAME)->contains($this)) {
                 $actualRight = Right::ALLOW;
             } else {
                 $actualRight = parent::getActualRight($moduleName, $rightName);
             }
             RightsCache::cacheEntry($identifier, $actualRight);
         }
     } else {
         try {
             // not using default value to save cpu cycles on requests that follow the first exception.
             return RightsCache::getEntry($identifier);
         } catch (NotFoundException $e) {
             // Optimizations work on the database,
             // anything not saved will not work.
             assert('$this->id > 0');
             $actualRight = intval(ZurmoDatabaseCompatibilityUtil::callFunction("get_user_actual_right({$this->id}, '{$moduleName}', '{$rightName}')"));
             RightsCache::cacheEntry($identifier, $actualRight);
         }
     }
     return $actualRight;
 }
Ejemplo n.º 10
0
 public function testRightsPropagationViaRoles()
 {
     $parentRole = Role::getByName('Sales Manager');
     $childRole = Role::getByName('Sales Person');
     $childChildRole = Role::getByName('Junior Sales Person');
     $userInParentRole = $parentRole->users[0];
     $userInChildRole = $childRole->users[0];
     $userInChildChildRole = $childChildRole->users[0];
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInChildRole->save());
     $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInParentRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API, Right::DENY);
     $this->assertTrue($userInParentRole->save());
     $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInParentRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInParentRole->save());
     $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API, Right::DENY);
     $this->assertTrue($userInChildRole->save());
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInParentRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInParentRole->save());
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInParentRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInParentRole->save());
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInChildRole->save());
     $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInChildRole->removeRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInChildRole->save());
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $userInChildChildRole->setRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API);
     $this->assertTrue($userInChildChildRole->save());
     $this->assertEquals(Right::ALLOW, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::ALLOW, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     Right::deleteAll();
     //Clear the cache since the method above removeAll calls directly to the database.
     RightsCache::forgetAll();
     $userInParentRoleId = $userInParentRole->id;
     $userInChildRoleId = $userInChildRole->id;
     $userInChildChildRoleId = $userInChildChildRole->id;
     RedBeanModel::forgetAll();
     unset($userInParentRole);
     unset($userInChildRole);
     unset($userInChildChildRole);
     $userInParentRole = User::getById($userInParentRoleId);
     $userInChildRole = User::getById($userInChildRoleId);
     $userInChildChildRole = User::getById($userInChildChildRoleId);
     $this->assertEquals(Right::DENY, $userInParentRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
     $this->assertEquals(Right::DENY, $userInChildChildRole->getEffectiveRight('UsersModule', UsersModule::RIGHT_LOGIN_VIA_WEB_API));
 }
Ejemplo n.º 11
0
 protected function afterSave()
 {
     parent::afterSave();
     if ($this->rightsChanged) {
         RightsCache::forgetAll();
         $this->rightsChanged = false;
     }
     if ($this->policiesChanged) {
         PoliciesCache::forgetAll();
         $this->policiesChanged = false;
     }
 }