def propagate_all():
"""Re-evaluate propagation for all objects."""
with utils.benchmark("Clear ACL memcache"):
clear_permission_cache()
with utils.benchmark("Run propagate_all"):
with utils.benchmark("Add missing acl entries"):
_add_missing_acl_entries()
with utils.benchmark("Get non propagated acl ids"):
query = db.session.query(all_models.AccessControlList.id, ).filter(
all_models.AccessControlList.parent_id.is_(None), )
all_acl_ids = [acl.id for acl in query]
with utils.benchmark("Propagate normal acl entries"):
count = len(all_acl_ids)
propagated_count = 0
for acl_ids in utils.list_chunks(all_acl_ids, chunk_size=50):
propagated_count += len(acl_ids)
logger.info("Propagating ACL entries: %s/%s", propagated_count,
count)
_delete_propagated_acls(acl_ids)
flask.g.new_acl_ids = acl_ids
flask.g.new_relationship_ids = set()
flask.g.user_ids = set()
flask.g.deleted_objects = set()
propagate(full_propagate=True)
def test_memcache_flushing(self):
"""Test if memcache is properly cleaned on object creation
Procedure to test functionality:
1) load and permissions for specific user and store them in memcahe
2) emulate new object creation, which cleans permissions in memcache
3) make request which tries to get cache for permissions from memcache
Also, it's assumed that 2 or more GGRC workers are running
"""
client = cache_utils.get_cache_manager().cache_object.memcache_client
client.flush_all()
# load perms and store them in memcache
self.load_perms(11, {"11": "a"})
# emulate situation when a new object is created
# this procedure cleans memcache in the end
cache_utils.clear_permission_cache()
# emulate work of worker #1 - get permissions for our user
# the first step - check permissions in memcache
ggrc_basic_permissions.query_memcache(client, "permissions:11")
# step 2 - load permissions from DB and save then into memcahe
# this step is omitted
# load permission on behalf of worker #2, before step 2 of worker #1
result = self.load_perms(11, {"11": "b"})
# ensure that new permissions were returned instead of old ones
self.assertEquals(result, {"11": "b"})
def test_memcache_flushing(self):
"""Test if memcache is properly cleaned on object creation
Procedure to test functionality:
1) load and permissions for specific user and store them in memcahe
2) emulate new object creation, which cleans permissions in memcache
3) make request which tries to get cache for permissions from memcache
Also, it's assumed that 2 or more GGRC workers are running
"""
client = cache_utils.get_cache_manager().cache_object.memcache_client
client.flush_all()
# load perms and store them in memcache
self.load_perms(11, {"11": "a"})
# emulate situation when a new object is created
# this procedure cleans memcache in the end
cache_utils.clear_permission_cache()
# emulate work of worker #1 - get permissions for our user
# the first step - check permissions in memcache
ggrc_basic_permissions.query_memcache(client, "permissions:11")
# step 2 - load permissions from DB and save then into memcahe
# this step is omitted
# load permission on behalf of worker #2, before step 2 of worker #1
result = self.load_perms(11, {"11": "b"})
# ensure that new permissions were returned instead of old ones
self.assertEquals(result, {"11": "b"})
def make_document_admin():
"""Add current user as document admin"""
DocumentEndpoint.validate_doc_request(request.json)
ids = request.json["gdrive_ids"]
docs = all_models.Document.query.filter(
all_models.Document.gdrive_id.in_(ids))
for doc in docs:
doc.add_admin_role()
db.session.commit()
clear_permission_cache()
response = DocumentEndpoint.build_make_admin_response(request.json, docs)
return Response(json.dumps(response), mimetype='application/json')
def make_document_admin():
"""Add current user as document admin"""
DocumentEndpoint.validate_doc_request(request.json)
ids = request.json["gdrive_ids"]
docs = all_models.Document.query.filter(
all_models.Document.gdrive_id.in_(ids))
for doc in docs:
doc.add_admin_role()
db.session.commit()
clear_permission_cache()
response = DocumentEndpoint.build_make_admin_response(request.json, docs)
return Response(json.dumps(response), mimetype='application/json')