CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-02 10:54:44 +12:00
Code Issues Projects Releases Wiki Activity

refactor(realtime): move getRoles into Auth

Browse source
This commit is contained in:
Torsten Dittmann 2021-06-28 12:18:00 +02:00
parent a77291dcb0
commit 06674982df
4 changed files with 54 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/controllers/general.php
View file

@ -240,21 +240,11 @@ App::init(function ($utopia, $request, $response, $console, $project, $consoleDB
} }
} }
if ($user->getId()) {
Authorization::setRole('user:'.$user->getId());
}
Authorization::setRole('role:'.$role); Authorization::setRole('role:'.$role);
\array_map(function ($node) { foreach (Auth::getRoles($user) as $role) {
if (isset($node['teamId']) && isset($node['roles'])) { Authorization::setRole($role);
Authorization::setRole('team:'.$node['teamId']); }
foreach ($node['roles'] as $nodeRole) { // Set all team roles
Authorization::setRole('team:'.$node['teamId'].'/'.$nodeRole);
}
}
}, $user->getAttribute('memberships', []));
// TDOO Check if user is root // TDOO Check if user is root

6
app/init.php
View file

@ -432,8 +432,7 @@ App::setResource('user', function($mode, $project, $console, $request, $response
if (APP_MODE_ADMIN !== $mode) { if (APP_MODE_ADMIN !== $mode) {
$user = $projectDB->getDocument(Auth::$unique); $user = $projectDB->getDocument(Auth::$unique);
} } else {
else {
$user = $consoleDB->getDocument(Auth::$unique); $user = $consoleDB->getDocument(Auth::$unique);
$user $user
@ -450,8 +449,7 @@ App::setResource('user', function($mode, $project, $console, $request, $response
if (APP_MODE_ADMIN === $mode) { if (APP_MODE_ADMIN === $mode) {
if (!empty($user->search('teamId', $project->getAttribute('teamId'), $user->getAttribute('memberships')))) { if (!empty($user->search('teamId', $project->getAttribute('teamId'), $user->getAttribute('memberships')))) {
Authorization::setDefaultStatus(false); // Cancel security segmentation for admin users. Authorization::setDefaultStatus(false); // Cancel security segmentation for admin users.
} } else {
else {
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]); $user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
} }
} }

43
app/realtime.php
View file

@ -1,5 +1,6 @@
<?php <?php
use Appwrite\Auth\Auth;
use Appwrite\Database\Adapter\Redis as RedisAdapter; use Appwrite\Database\Adapter\Redis as RedisAdapter;
use Appwrite\Database\Adapter\MySQL as MySQLAdapter; use Appwrite\Database\Adapter\MySQL as MySQLAdapter;
use Appwrite\Database\Database; use Appwrite\Database\Database;
@ -43,7 +44,7 @@ $stats->create();
$server = new Server($adapter); $server = new Server($adapter);
$server->onStart(function(SwooleServer $server) use ($stats) { $server->onStart(function (SwooleServer $server) use ($stats) {
Console::success('Server started succefully'); Console::success('Server started succefully');
Console::info("Master pid {$server->master_pid}, manager pid {$server->manager_pid}"); Console::info("Master pid {$server->master_pid}, manager pid {$server->manager_pid}");
@ -82,7 +83,7 @@ $server->onStart(function(SwooleServer $server) use ($stats) {
}); });
}); });
$server->onWorkerStart(function(SwooleServer $swooleServer, int $workerId) use ($server, $register, $stats, &$subscriptions, &$connections) { $server->onWorkerStart(function (SwooleServer $swooleServer, int $workerId) use ($server, $register, $stats, &$subscriptions, &$connections) {
Console::success('Worker ' . $workerId . ' started succefully'); Console::success('Worker ' . $workerId . ' started succefully');
$attempts = 0; $attempts = 0;
@ -107,7 +108,7 @@ $server->onWorkerStart(function(SwooleServer $swooleServer, int $workerId) use (
'channels' => ['project'], 'channels' => ['project'],
'timestamp' => time(), 'timestamp' => time(),
'payload' => $payload 'payload' => $payload
])); ]));
} }
}); });
@ -137,38 +138,38 @@ $server->onWorkerStart(function(SwooleServer $swooleServer, int $workerId) use (
if ($event['permissionsChanged'] && isset($event['userId'])) { if ($event['permissionsChanged'] && isset($event['userId'])) {
$project = $event['project']; $project = $event['project'];
$userId = $event['userId']; $userId = $event['userId'];
if (array_key_exists($project, $subscriptions) && array_key_exists('user:'.$userId, $subscriptions[$project])) { if (array_key_exists($project, $subscriptions) && array_key_exists('user:' . $userId, $subscriptions[$project])) {
$connection = array_key_first(reset($subscriptions[$project]['user:'.$userId])); $connection = array_key_first(reset($subscriptions[$project]['user:' . $userId]));
} else { } else {
return; return;
} }
/** /**
* This is redundant soon and will be gone with merging the usage branch. * This is redundant soon and will be gone with merging the usage branch.
*/ */
$db = $register->get('dbPool')->get(); $db = $register->get('dbPool')->get();
$cache = $register->get('redisPool')->get(); $cache = $register->get('redisPool')->get();
$projectDB = new Database(); $projectDB = new Database();
$projectDB->setAdapter(new RedisAdapter(new MySQLAdapter($db, $cache), $cache)); $projectDB->setAdapter(new RedisAdapter(new MySQLAdapter($db, $cache), $cache));
$projectDB->setNamespace('app_'.$project); $projectDB->setNamespace('app_' . $project);
$projectDB->setMocks(Config::getParam('collections', [])); $projectDB->setMocks(Config::getParam('collections', []));
$user = $projectDB->getDocument($userId); $user = $projectDB->getDocument($userId);
Parser::setUser($user); Parser::setUser($user);
$roles = Parser::getRoles(); $roles = Auth::getRoles($user);
Parser::subscribe($project, $connection, $roles, $subscriptions, $connections, $connections[$connection]['channels']); Parser::subscribe($project, $connection, $roles, $subscriptions, $connections, $connections[$connection]['channels']);
$register->get('dbPool')->put($db); $register->get('dbPool')->put($db);
$register->get('redisPool')->put($cache); $register->get('redisPool')->put($cache);
} }
$receivers = Parser::identifyReceivers($event, $subscriptions); $receivers = Parser::identifyReceivers($event, $subscriptions);
// Temporarily print debug logs by default for Alpha testing. // Temporarily print debug logs by default for Alpha testing.
// if (App::isDevelopment() && !empty($receivers)) { // if (App::isDevelopment() && !empty($receivers)) {
if (!empty($receivers)) { if (!empty($receivers)) {
@ -199,7 +200,7 @@ $server->onWorkerStart(function(SwooleServer $swooleServer, int $workerId) use (
Console::error('Failed to restart pub/sub...'); Console::error('Failed to restart pub/sub...');
}); });
$server->onOpen(function(SwooleServer $swooleServer, SwooleRequest $request) use ($server, $register, $stats, &$subscriptions, &$connections) { $server->onOpen(function (SwooleServer $swooleServer, SwooleRequest $request) use ($server, $register, $stats, &$subscriptions, &$connections) {
$app = new App('UTC'); $app = new App('UTC');
$connection = $request->fd; $connection = $request->fd;
$request = new Request($request); $request = new Request($request);
@ -315,13 +316,13 @@ $server->onOpen(function(SwooleServer $swooleServer, SwooleRequest $request) use
} }
}); });
$server->onMessage(function(SwooleServer $swooleServer, Frame $frame) use ($server) { $server->onMessage(function (SwooleServer $swooleServer, Frame $frame) use ($server) {
$connection = $frame->fd; $connection = $frame->fd;
$server->send([$connection], 'Sending messages is not allowed.'); $server->send([$connection], 'Sending messages is not allowed.');
$server->close($connection, 1003); $server->close($connection, 1003);
}); });
$server->onClose(function(SwooleServer $server, int $connection) use (&$connections, &$subscriptions, $stats) { $server->onClose(function (SwooleServer $server, int $connection) use (&$connections, &$subscriptions, $stats) {
if (array_key_exists($connection, $connections)) { if (array_key_exists($connection, $connections)) {
$stats->decr($connections[$connection]['projectId'], 'connectionsTotal'); $stats->decr($connections[$connection]['projectId'], 'connectionsTotal');
} }
@ -329,4 +330,4 @@ $server->onClose(function(SwooleServer $server, int $connection) use (&$connecti
Console::info('Connection close: ' . $connection); Console::info('Connection close: ' . $connection);
}); });
$server->start(); $server->start();

27
src/Appwrite/Auth/Auth.php
View file

@ -271,4 +271,31 @@ class Auth
return false; return false;
} }
/**
* Returns all roles for a user.
*
* @param Document $user
* @return array
*/
public static function getRoles(Document $user): array
{
$roles = [];
if ($user->getId()) {
$roles[] = 'user:'.$user->getId();
}
foreach ($user->getAttribute('memberships', []) as $node) {
if (isset($node['teamId']) && isset($node['roles'])) {
$roles[] = 'team:' . $node['teamId'];
foreach ($node['roles'] as $nodeRole) { // Set all team roles
$roles[] = 'team:' . $node['teamId'] . '/' . $nodeRole;
}
}
}
return $roles;
}
} }