diff options
author | Christopher Speller <crspeller@gmail.com> | 2017-10-25 11:48:15 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-25 11:48:15 -0700 |
commit | 4491b5ecdfad96959f9a9ab32a5f127bbfa7eac5 (patch) | |
tree | c2fb61b469f5ba6f4bce2ef5aa5c2646dd6a8cf2 /app | |
parent | c16f417f49303ef3a0319ba769eb3698e735b73c (diff) | |
download | chat-4491b5ecdfad96959f9a9ab32a5f127bbfa7eac5.tar.gz chat-4491b5ecdfad96959f9a9ab32a5f127bbfa7eac5.tar.bz2 chat-4491b5ecdfad96959f9a9ab32a5f127bbfa7eac5.zip |
Performance improvements for 40M posts (#7708)
* Optimizing get root posts SQL query
* Setting session invalidation to be reliable
* Adding app reciever to SessionHasPermissionToUser
* Adding app reciever to SessionHasPermissionToTeam
* Adding app reciever to SessionHasPermissionTo
* Clear session cache if permission was denied
* Fixing rebase issues
* Revert "Optimizing get root posts SQL query"
This reverts commit f364757e7015cfb4ec673d0a4fc3d57cd25d8dd7.
* Fixing build
Diffstat (limited to 'app')
-rw-r--r-- | app/authorization.go | 39 | ||||
-rw-r--r-- | app/session.go | 2 |
2 files changed, 31 insertions, 10 deletions
diff --git a/app/authorization.go b/app/authorization.go index 01180e8d8..ed485e597 100644 --- a/app/authorization.go +++ b/app/authorization.go @@ -11,10 +11,16 @@ import ( "github.com/mattermost/mattermost-server/model" ) -func SessionHasPermissionTo(session model.Session, permission *model.Permission) bool { - return CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id) +func (a *App) SessionHasPermissionTo(session model.Session, permission *model.Permission) bool { + if !CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id) { + a.ClearSessionCacheForUser(session.UserId) + return false + } + + return true } +/// DO NOT USE: LEGACY func SessionHasPermissionToTeam(session model.Session, teamId string, permission *model.Permission) bool { if teamId == "" { return false @@ -27,7 +33,22 @@ func SessionHasPermissionToTeam(session model.Session, teamId string, permission } } - return SessionHasPermissionTo(session, permission) + return CheckIfRolesGrantPermission(session.GetUserRoles(), permission.Id) +} + +func (a *App) SessionHasPermissionToTeam(session model.Session, teamId string, permission *model.Permission) bool { + if teamId == "" { + return false + } + + teamMember := session.GetTeamByTeamId(teamId) + if teamMember != nil { + if CheckIfRolesGrantPermission(teamMember.GetRoles(), permission.Id) { + return true + } + } + + return a.SessionHasPermissionTo(session, permission) } func (a *App) SessionHasPermissionToChannel(session model.Session, channelId string, permission *model.Permission) bool { @@ -50,12 +71,12 @@ func (a *App) SessionHasPermissionToChannel(session model.Session, channelId str channel, err := a.GetChannel(channelId) if err == nil && channel.TeamId != "" { - return SessionHasPermissionToTeam(session, channel.TeamId, permission) + return a.SessionHasPermissionToTeam(session, channel.TeamId, permission) } else if err != nil && err.StatusCode == http.StatusNotFound { return false } - return SessionHasPermissionTo(session, permission) + return a.SessionHasPermissionTo(session, permission) } func (a *App) SessionHasPermissionToChannelByPost(session model.Session, postId string, permission *model.Permission) bool { @@ -70,13 +91,13 @@ func (a *App) SessionHasPermissionToChannelByPost(session model.Session, postId if result := <-a.Srv.Store.Channel().GetForPost(postId); result.Err == nil { channel := result.Data.(*model.Channel) - return SessionHasPermissionToTeam(session, channel.TeamId, permission) + return a.SessionHasPermissionToTeam(session, channel.TeamId, permission) } - return SessionHasPermissionTo(session, permission) + return a.SessionHasPermissionTo(session, permission) } -func SessionHasPermissionToUser(session model.Session, userId string) bool { +func (a *App) SessionHasPermissionToUser(session model.Session, userId string) bool { if userId == "" { return false } @@ -85,7 +106,7 @@ func SessionHasPermissionToUser(session model.Session, userId string) bool { return true } - if SessionHasPermissionTo(session, model.PERMISSION_EDIT_OTHER_USERS) { + if a.SessionHasPermissionTo(session, model.PERMISSION_EDIT_OTHER_USERS) { return true } diff --git a/app/session.go b/app/session.go index 31f658e2f..209604dc5 100644 --- a/app/session.go +++ b/app/session.go @@ -124,7 +124,7 @@ func (a *App) ClearSessionCacheForUser(userId string) { if a.Cluster != nil { msg := &model.ClusterMessage{ Event: model.CLUSTER_EVENT_CLEAR_SESSION_CACHE_FOR_USER, - SendType: model.CLUSTER_SEND_BEST_EFFORT, + SendType: model.CLUSTER_SEND_RELIABLE, Data: userId, } a.Cluster.SendClusterMessage(msg) |