Merge pull request #5149 from FinnStutzenstein/deleteUsersWithWSConnection

Fixed late autoupdates with deleted users
This commit is contained in:
Emanuel Schütze 2019-12-09 10:41:59 +01:00 committed by GitHub
commit e2630faead
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 4 deletions

View File

@ -19,6 +19,14 @@ group_collection_string = "users/group"
user_collection_string = "users/user" user_collection_string = "users/user"
class UserDoesNotExist(Exception):
"""
This is raised, if some permissions checks are done on not existing users.
"""
pass
def get_group_model() -> Model: def get_group_model() -> Model:
""" """
Return the Group model that is active in this project. Return the Group model that is active in this project.
@ -78,7 +86,7 @@ async def async_has_perm(user_id: int, perm: str) -> bool:
user_collection_string, user_id user_collection_string, user_id
) )
if user_data is None: if user_data is None:
raise RuntimeError(f"User with id {user_id} does not exist.") raise UserDoesNotExist()
if GROUP_ADMIN_PK in user_data["groups_id"]: if GROUP_ADMIN_PK in user_data["groups_id"]:
# User in admin group (pk 2) grants all permissions. # User in admin group (pk 2) grants all permissions.
has_perm = True has_perm = True
@ -92,7 +100,7 @@ async def async_has_perm(user_id: int, perm: str) -> bool:
) )
if group is None: if group is None:
raise RuntimeError( raise RuntimeError(
f"User is in non existing group with id {group_id}." f"User {user_id} is in non existing group {group_id}."
) )
if perm in group["permissions"]: if perm in group["permissions"]:
@ -135,7 +143,7 @@ async def async_in_some_groups(user_id: int, groups: List[int]) -> bool:
user_collection_string, user_id user_collection_string, user_id
) )
if user_data is None: if user_data is None:
raise RuntimeError(f"User with id {user_id} does not exist.") raise UserDoesNotExist()
if GROUP_ADMIN_PK in user_data["groups_id"]: if GROUP_ADMIN_PK in user_data["groups_id"]:
# User in admin group (pk 2) grants all permissions. # User in admin group (pk 2) grants all permissions.
in_some_groups = True in_some_groups = True

View File

@ -7,7 +7,7 @@ from channels.generic.websocket import AsyncWebsocketConsumer
from ..utils.websocket import WEBSOCKET_CHANGE_ID_TOO_HIGH from ..utils.websocket import WEBSOCKET_CHANGE_ID_TOO_HIGH
from . import logging from . import logging
from .auth import async_anonymous_is_enabled from .auth import UserDoesNotExist, async_anonymous_is_enabled
from .autoupdate import AutoupdateFormat from .autoupdate import AutoupdateFormat
from .cache import ChangeIdTooLowError, element_cache, split_element_id from .cache import ChangeIdTooLowError, element_cache, split_element_id
from .utils import get_worker_id from .utils import get_worker_id
@ -149,6 +149,11 @@ class SiteConsumer(ProtocollAsyncJsonWebsocketConsumer):
changed_elements = await element_cache.get_all_data_list(user_id) changed_elements = await element_cache.get_all_data_list(user_id)
all_data = True all_data = True
deleted_elements: Dict[str, List[int]] = {} deleted_elements: Dict[str, List[int]] = {}
except UserDoesNotExist:
# Maybe the user was deleted, but a websocket connection is still open to the user.
# So we can close this connection and return.
await self.close()
return
else: else:
all_data = False all_data = False
deleted_elements = defaultdict(list) deleted_elements = defaultdict(list)