public function testGetMungeIdsByUserIncludesEveryoneGroup() { Yii::app()->user->userModel = User::getByUsername('super'); $mungeIds = AllPermissionsOptimizationUtil::getMungeIdsByUser(Yii::app()->user->userModel); $this->assertEquals(2, count($mungeIds)); $group = Group::getByName(Group::EVERYONE_GROUP_NAME); $group->save(); AllPermissionsOptimizationCache::forgetAll(); $mungeIds = AllPermissionsOptimizationUtil::getMungeIdsByUser(Yii::app()->user->userModel); $this->assertEquals(3, count($mungeIds)); }
public static function forgetAllCaches() { RedBeanModelsCache::forgetAll(); RedBeansCache::forgetAll(); PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); GeneralCache::forgetAll(); BeanModelCache::forgetAll(); Currency::resetCaches(); //php only cache }
public static function tearDownAfterClass() { if (static::$activateDefaultLanguages) { Yii::app()->languageHelper->deactivateLanguagesForTesting(); } TestDatabaseUtil::deleteRowsFromAllTablesExceptLog(); PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); RedBeanModel::forgetAll(); RedBeanDatabase::close(); assert('!RedBeanDatabase::isSetup()'); // Not Coding Standard GeneralCache::forgetAll(); BeanModelCache::forgetAll(); }
public static function setUpBeforeClass() { parent::setUpBeforeClass(); ZurmoDatabaseCompatibilityUtil::createActualPermissionsCacheTable(); ZurmoDatabaseCompatibilityUtil::createNamedSecurableActualPermissionsCacheTable(); ZurmoDatabaseCompatibilityUtil::createActualRightsCacheTable(); ZurmoDatabaseCompatibilityUtil::dropStoredFunctionsAndProcedures(); PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); Currency::resetCaches(); //php only cache Permission::resetCaches(); //php only cache self::$activitiesObserver = new ActivitiesObserver(); self::$activitiesObserver->init(); //runs init(); self::$conversationsObserver = new ConversationsObserver(); self::$conversationsObserver->init(); //runs init(); self::$emailMessagesObserver = new EmailMessagesObserver(); self::$emailMessagesObserver->init(); //runs init(); self::$contactLatestActivityDateTimeObserver = new ContactLatestActivityDateTimeObserver(); self::$contactLatestActivityDateTimeObserver->init(); //runs init(); self::$accountLatestActivityDateTimeObserver = new AccountLatestActivityDateTimeObserver(); self::$accountLatestActivityDateTimeObserver->init(); //runs init(); self::$accountContactAffiliationObserver = new AccountContactAffiliationObserver(); self::$accountContactAffiliationObserver->init(); //runs init(); Yii::app()->gameHelper; Yii::app()->gamificationObserver; //runs init(); Yii::app()->gameHelper->resetDeferredPointTypesAndValuesByUserIdToAdd(); Yii::app()->emailHelper->sendEmailThroughTransport = false; Yii::app()->jobQueue->deleteAll(); }
/** * @param User $user * @return array */ public static function getMungeIdsByUser(User $user) { try { return AllPermissionsOptimizationCache::getMungeIdsByUser($user); } catch (NotFoundException $e) { list($roleId, $groupIds) = self::getUserRoleIdAndGroupIds($user); $mungeIds = array("U{$user->id}"); if ($roleId != null) { $mungeIds[] = "R{$roleId}"; } foreach ($groupIds as $groupId) { $mungeIds[] = "G{$groupId}"; } //Add everyone group $everyoneGroupId = Group::getByName(Group::EVERYONE_GROUP_NAME)->id; if (!in_array("G" . $everyoneGroupId, $mungeIds) && $everyoneGroupId > 0) { $mungeIds[] = "G" . $everyoneGroupId; } AllPermissionsOptimizationCache::cacheMungeIdsByUser($user, $mungeIds); } return $mungeIds; }
protected function clearCaches() { PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); }
protected function afterDelete() { $this->forgetPermissionsRightsAndPoliciesCache(); ReadPermissionsSubscriptionUtil::roleHasBeenDeleted(); AllPermissionsOptimizationCache::forgetAll(); static::forgetRoleIdToRoleCache(); }
public function removeAllPermissions() { $this->checkPermissionsHasAnyOf(Permission::CHANGE_PERMISSIONS); PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); $this->permissions->removeAll(); }
/** * Override to ensure the permissions cache is forgotten since if it is not, other users logged in will not * get the effective changes until the cache is cleared across the application. * (non-PHPdoc) * @see ZurmoBaseController::actionAfterSuccessfulModelSave() */ protected function actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams = null) { PermissionsCache::forgetAll(); RightsCache::forgetAll(); PoliciesCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); parent::actionAfterSuccessfulModelSave($model, $modelToStringValue, $redirectUrlParams); }
public static function deleteAll() { PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); parent::deleteAll(); }
public function testForgetSecurableItem() { if (PermissionsCache::supportsAndAllowsMemcache()) { $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; $account = new Account(); $account->name = 'Ocean Inc.'; $this->assertTrue($account->save()); $combinedPermissions = 5; PermissionsCache::cacheCombinedPermissions($account, $super, $combinedPermissions); $combinedPermissionsFromCache = PermissionsCache::getCombinedPermissions($account, $super); $this->assertEquals($combinedPermissions, $combinedPermissionsFromCache); PermissionsCache::forgetSecurableItem($account); AllPermissionsOptimizationCache::forgetSecurableItemForRead($account); try { PermissionsCache::getCombinedPermissions($account, $super); $this->fail('NotFoundException exception is not thrown.'); } catch (NotFoundException $e) { $this->assertTrue(true); } } }
/** * Remove user from group, and in this case user and account should still exist in table but with TYPE_DELETE * Also in this scenario test when user is added again to the group, after it is removed from group * @depends testGroupChangeOrDeleteScenario1 */ public function testGroupChangeOrDeleteScenario2() { $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; $job = new ReadPermissionSubscriptionUpdateForAccountJob(); $jobBasedOnBuildTable = new ReadPermissionSubscriptionUpdateForAccountFromBuildTableJob(); Yii::app()->jobQueue->deleteAll(); $this->deleteAllModelsAndRecordsFromReadPermissionTable('Account'); $johnny = self::$johnny; $account = AccountTestHelper::createAccountByNameForOwner('Second Account', $super); Yii::app()->jobQueue->deleteAll(); sleep(1); $group = new Group(); $group->name = 'Group2'; $this->assertTrue($group->save()); $group->users->add($johnny); $this->assertTrue($group->save()); $account->addPermissions($group, Permission::READ); $this->assertTrue($account->save()); RedBeanModel::forgetAll(); ReadPermissionsOptimizationUtil::rebuild(); AllPermissionsOptimizationCache::forgetAll(); $queuedJobs = Yii::app()->jobQueue->getAll(); $this->assertEquals(1, count($queuedJobs[5])); $this->assertEquals('ReadPermissionSubscriptionUpdateForAccountFromBuildTable', $queuedJobs[5][0]['jobType']); Yii::app()->jobQueue->deleteAll(); $this->assertTrue($jobBasedOnBuildTable->run()); // Check if everything is added correctly $sql = "SELECT * FROM account_read_subscription order by userid"; $rows = ZurmoRedBean::getAll($sql); $this->assertEquals(2, count($rows)); $this->assertEquals($super->id, $rows[0]['userid']); $this->assertEquals($account->id, $rows[0]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']); $this->assertEquals($johnny->id, $rows[1]['userid']); $this->assertEquals($account->id, $rows[1]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']); // Remove user from group //$group->users->remove($johnny); //$this->assertTrue($group->save()); $form = new GroupUserMembershipForm(); $fakePostData = array('userMembershipData' => array(), 'userNonMembershipData' => array()); $form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData); $saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group); $this->assertTrue($saved); RedBeanModel::forgetAll(); ReadPermissionsOptimizationUtil::rebuild(); $queuedJobs = Yii::app()->jobQueue->getAll(); $this->assertEquals(1, count($queuedJobs[5])); $this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']); Yii::app()->jobQueue->deleteAll(); $this->assertTrue($job->run()); // Because user is added to group, and group have read access to account, this account should be in // read permission table for user $sql = "SELECT * FROM account_read_subscription order by userid"; $rows = ZurmoRedBean::getAll($sql); $this->assertEquals(2, count($rows)); $this->assertEquals($super->id, $rows[0]['userid']); $this->assertEquals($account->id, $rows[0]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']); $this->assertEquals($johnny->id, $rows[1]['userid']); $this->assertEquals($account->id, $rows[1]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_DELETE, $rows[1]['subscriptiontype']); // Now add user to group again and test //$group->users->add($johnny); //$this->assertTrue($group->save()); // We need to add user to group using GroupUserMembershipForm, so ReadPermissionsSubscriptionUtil::userAddedToGroup(); will be triggered $form = new GroupUserMembershipForm(); $fakePostData = array('userMembershipData' => array(0 => $johnny->id), 'userNonMembershipData' => array()); $form = GroupUserMembershipFormUtil::setFormFromCastedPost($form, $fakePostData); $saved = GroupUserMembershipFormUtil::setMembershipFromForm($form, $group); $this->assertTrue($saved); RedBeanModel::forgetAll(); ReadPermissionsOptimizationUtil::rebuild(); $queuedJobs = Yii::app()->jobQueue->getAll(); $this->assertEquals(1, count($queuedJobs[5])); $this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']); Yii::app()->jobQueue->deleteAll(); $this->assertTrue($job->run()); // Because user is added to group, and group have read access to account, this account should be in // read permission table for user $sql = "SELECT * FROM account_read_subscription order by userid"; $rows = ZurmoRedBean::getAll($sql); $this->assertEquals(2, count($rows)); $this->assertEquals($super->id, $rows[0]['userid']); $this->assertEquals($account->id, $rows[0]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']); $this->assertEquals($johnny->id, $rows[1]['userid']); $this->assertEquals($account->id, $rows[1]['modelid']); $this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']); }
public function testPermissionsCachingHitsAndMisses2() { if (!SECURITY_OPTIMIZED) { return; } // Like the test above by averaging over many loops. $loops = 100; $accounts = Account::getAll(); $account = $accounts[0]; $user = User::getByUsername('bobby'); $this->assertNotEquals($account->owner->id, $user->id); $this->setSomePermissions(); $firstTime = $secondTime = $thirdTime = $fourthTime = 0; for ($i = 0; $i < $loops; $i++) { $startTime = microtime(true); $permissions = $account->getEffectivePermissions($user); $endTime = microtime(true); $firstTime += $endTime - $startTime; $startTime = microtime(true); $permissions = $account->getEffectivePermissions($user); $endTime = microtime(true); $secondTime += $endTime - $startTime; // The false tells it to not forget the // db level cached permissions. PermissionsCache::forgetAll(false); AllPermissionsOptimizationCache::forgetAll(); $startTime = microtime(true); $permissions = $account->getEffectivePermissions($user); $endTime = microtime(true); $thirdTime += $endTime - $startTime; // Will forget the db level cached permissions. PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); $startTime = microtime(true); $permissions = $account->getEffectivePermissions($user); $endTime = microtime(true); $fourthTime += $endTime - $startTime; // Will forget the db level cached permissions // to leave it clean for the next loop. PermissionsCache::forgetAll(); AllPermissionsOptimizationCache::forgetAll(); } $firstTime /= $loops; $secondTime /= $loops; $thirdTime /= $loops; $fourthTime /= $loops; // The first time is at least 10 times faster than // the second time because it will get it from the // php cached permissions. if ($secondTime > 0) { $this->assertGreaterThan(10, $firstTime / $secondTime); } // The first time is at least 2 times faster than // the third time even though the php level permissions // cache is cleared (or it's a different request) // because it will get it from the db cached permissions. if ($thirdTime > 0) { $this->assertGreaterThan(2, $firstTime / $thirdTime); } // The first time is at least 10 times faster than // the third time even though the php level permissions // cache is cleared (or it's a different request) // because it will get it from the db cached permissions. $this->assertWithinTolerance($firstTime, $fourthTime, 0.005); Permission::deleteAll(); }
public function testForgetAll() { if (PermissionsCache::supportsAndAllowsMemcache()) { $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; $account = new Account(); $account->name = 'Ocean Inc2.'; $this->assertTrue($account->save()); $combinedPermissions = 5; // Set some GeneralCache, which should stay in cache after cleanup GeneralCache::cacheEntry('somethingForTesting', 34); $value = GeneralCache::getEntry('somethingForTesting'); $this->assertEquals(34, $value); AllPermissionsOptimizationCache::cacheHasReadPermissionOnSecurableItem($account, $super, true); $hasReadPermission = AllPermissionsOptimizationCache::getHasReadPermissionOnSecurableItem($account, $super); $this->assertTrue($hasReadPermission); AllPermissionsOptimizationCache::forgetAll(); try { AllPermissionsOptimizationCache::getHasReadPermissionOnSecurableItem($account, $super); $this->fail('NotFoundException exception is not thrown.'); } catch (NotFoundException $e) { // Data from generalCache should still be in cache $value = GeneralCache::getEntry('somethingForTesting'); $this->assertEquals(34, $value); } } // To-Do: Add test for forgetAll with $forgetDbLevelCache = true. It could be added to testForgetAll() function. // To-Do: Add test for forgetSecurableItem with $forgetDbLevelCache = true. . It could be added to testForgetSecurableItem() function. }