def propagate_all(): """Re-evaluate propagation for all objects.""" with utils.benchmark("Clear ACL memcache"): clear_permission_cache() with utils.benchmark("Run propagate_all"): with utils.benchmark("Add missing acl entries"): _add_missing_acl_entries() with utils.benchmark("Get non propagated acl ids"): query = db.session.query(all_models.AccessControlList.id, ).filter( all_models.AccessControlList.parent_id.is_(None), ) all_acl_ids = [acl.id for acl in query] with utils.benchmark("Propagate normal acl entries"): count = len(all_acl_ids) propagated_count = 0 for acl_ids in utils.list_chunks(all_acl_ids, chunk_size=50): propagated_count += len(acl_ids) logger.info("Propagating ACL entries: %s/%s", propagated_count, count) _delete_propagated_acls(acl_ids) flask.g.new_acl_ids = acl_ids flask.g.new_relationship_ids = set() flask.g.user_ids = set() flask.g.deleted_objects = set() propagate(full_propagate=True)
def test_memcache_flushing(self): """Test if memcache is properly cleaned on object creation Procedure to test functionality: 1) load and permissions for specific user and store them in memcahe 2) emulate new object creation, which cleans permissions in memcache 3) make request which tries to get cache for permissions from memcache Also, it's assumed that 2 or more GGRC workers are running """ client = cache_utils.get_cache_manager().cache_object.memcache_client client.flush_all() # load perms and store them in memcache self.load_perms(11, {"11": "a"}) # emulate situation when a new object is created # this procedure cleans memcache in the end cache_utils.clear_permission_cache() # emulate work of worker #1 - get permissions for our user # the first step - check permissions in memcache ggrc_basic_permissions.query_memcache(client, "permissions:11") # step 2 - load permissions from DB and save then into memcahe # this step is omitted # load permission on behalf of worker #2, before step 2 of worker #1 result = self.load_perms(11, {"11": "b"}) # ensure that new permissions were returned instead of old ones self.assertEquals(result, {"11": "b"})
def make_document_admin(): """Add current user as document admin""" DocumentEndpoint.validate_doc_request(request.json) ids = request.json["gdrive_ids"] docs = all_models.Document.query.filter( all_models.Document.gdrive_id.in_(ids)) for doc in docs: doc.add_admin_role() db.session.commit() clear_permission_cache() response = DocumentEndpoint.build_make_admin_response(request.json, docs) return Response(json.dumps(response), mimetype='application/json')