Commit 23a1989c authored by Francesc Guasch's avatar Francesc Guasch
Browse files

refactor(frontend): check permissions from db

The check grants on frontend was slow because it opened
the virtual machine properties. A SQL check is enough

issue #1271
parent 01e8d17f
......@@ -632,18 +632,37 @@ sub can_do_domain($self, $grant, $domain) {
my %valid_grant = map { $_ => 1 } qw(change_settings shutdown rename);
confess "Invalid grant here '$grant'" if !$valid_grant{$grant};
return 0 if !$self->can_do($grant) && !$domain->id_base;
return 0 if !$self->can_do($grant) && !$self->_domain_id_base($domain);
return 1 if $self->can_do("${grant}_all");
return 1 if $domain->id_owner == $self->id && $self->can_do($grant);
return 1 if $self->_domain_id_owner($domain) == $self->id && $self->can_do($grant);
if ($self->can_do("${grant}_clones") && $domain->id_base) {
my $base = Ravada::Front::Domain->open($domain->id_base);
if ($self->can_do("${grant}_clones") && $self->_domain_id_base($domain)) {
my $base = Ravada::Front::Domain->open($self->_domain_id_base($domain));
return 1 if $base->id_owner == $self->id;
}
return 0;
}
sub _domain_id_base($self, $domain) {
return $domain->id_base if ref($domain);
my $sth = $$CON->dbh->prepare("SELECT id_base FROM domains WHERE id=?");
$sth->execute($domain);
my ($id_base) = $sth->fetchrow;
return $id_base;
}
sub _domain_id_owner($self, $domain) {
return $domain->id_owner if ref($domain);
my $sth = $$CON->dbh->prepare("SELECT id_owner FROM domains WHERE id=?");
$sth->execute($domain);
my ($id_owner) = $sth->fetchrow;
return $id_owner;
}
sub _load_grants($self) {
$self->_load_aliases();
return if exists $self->{_grant};
......@@ -1058,7 +1077,6 @@ sub AUTOLOAD($self, $domain=undef) {
my ($permission) = $name =~ /^can_([a-z_]+)/;
return $self->can_do($permission) if !$domain;
$domain = Ravada::Front::Domain->open($domain) if !ref $domain;
return $self->can_do_domain($permission,$domain);
}
......
......@@ -273,7 +273,7 @@ sub test_prepare_base_with_cd_req {
,uid => user_admin->id
,with_cd => 1
);
wait_request( debug => 1 );
wait_request( debug => 0 );
is($req->status, 'done');
is($req->error, '');
......@@ -380,7 +380,7 @@ sub test_clone_with_cd_req {
,name => $clone_name
,uid => user_admin->id
);
wait_request(debug => 1);
wait_request(debug => 0);
is($domain->is_base,1);
is($req->status, 'done');
is($req->error,'');
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment