Merge pull request #3742 from FinnStutzenstein/deleteUserChache
Delete restricted data cache on permission changes (closes #3396)
This commit is contained in:
commit
f8df7ddda6
@ -20,6 +20,7 @@ from ..utils.autoupdate import (
|
|||||||
inform_changed_data,
|
inform_changed_data,
|
||||||
inform_data_collection_element_list,
|
inform_data_collection_element_list,
|
||||||
)
|
)
|
||||||
|
from ..utils.cache import restricted_data_cache
|
||||||
from ..utils.collection import CollectionElement
|
from ..utils.collection import CollectionElement
|
||||||
from ..utils.rest_api import (
|
from ..utils.rest_api import (
|
||||||
ModelViewSet,
|
ModelViewSet,
|
||||||
@ -79,12 +80,13 @@ class UserViewSet(ModelViewSet):
|
|||||||
self.check_view_permissions()). Also it is evaluated whether he
|
self.check_view_permissions()). Also it is evaluated whether he
|
||||||
wants to update himself or is manager.
|
wants to update himself or is manager.
|
||||||
"""
|
"""
|
||||||
|
user = self.get_object()
|
||||||
# Check permissions.
|
# Check permissions.
|
||||||
if (has_perm(self.request.user, 'users.can_see_name') and
|
if (has_perm(self.request.user, 'users.can_see_name') and
|
||||||
has_perm(request.user, 'users.can_see_extra_data') and
|
has_perm(request.user, 'users.can_see_extra_data') and
|
||||||
has_perm(request.user, 'users.can_manage')):
|
has_perm(request.user, 'users.can_manage')):
|
||||||
# The user has all permissions so he may update every user.
|
# The user has all permissions so he may update every user.
|
||||||
if request.data.get('is_active') is False and self.get_object() == request.user:
|
if request.data.get('is_active') is False and user == request.user:
|
||||||
# But a user can not deactivate himself.
|
# But a user can not deactivate himself.
|
||||||
raise ValidationError({'detail': _('You can not deactivate yourself.')})
|
raise ValidationError({'detail': _('You can not deactivate yourself.')})
|
||||||
else:
|
else:
|
||||||
@ -97,6 +99,8 @@ class UserViewSet(ModelViewSet):
|
|||||||
if key not in ('username', 'about_me'):
|
if key not in ('username', 'about_me'):
|
||||||
del request.data[key]
|
del request.data[key]
|
||||||
response = super().update(request, *args, **kwargs)
|
response = super().update(request, *args, **kwargs)
|
||||||
|
# Maybe some group assignments have changed. Better delete the restricted user cache
|
||||||
|
restricted_data_cache.del_user(user.id)
|
||||||
return response
|
return response
|
||||||
|
|
||||||
def destroy(self, request, *args, **kwargs):
|
def destroy(self, request, *args, **kwargs):
|
||||||
@ -294,6 +298,10 @@ class GroupViewSet(ModelViewSet):
|
|||||||
# Check status code and send 'permission_change' signal.
|
# Check status code and send 'permission_change' signal.
|
||||||
if response.status_code == 200:
|
if response.status_code == 200:
|
||||||
|
|
||||||
|
# Delete the user chaches of all affected users
|
||||||
|
for user in group.user_set.all():
|
||||||
|
restricted_data_cache.del_user(user.id)
|
||||||
|
|
||||||
def diff(full, part):
|
def diff(full, part):
|
||||||
"""
|
"""
|
||||||
This helper function calculates the difference of two lists:
|
This helper function calculates the difference of two lists:
|
||||||
|
@ -461,6 +461,12 @@ class DummyRestrictedDataCache:
|
|||||||
def del_element(self, user_id: int, collection_string: str, id: int) -> None:
|
def del_element(self, user_id: int, collection_string: str, id: int) -> None:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
def del_user(self, user_id: int) -> None:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def del_all(self) -> None:
|
||||||
|
pass
|
||||||
|
|
||||||
def exists_for_user(self, user_id: int) -> bool:
|
def exists_for_user(self, user_id: int) -> bool:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user