never invalidate session in sharing, as we cant regenerate it (and we dont need to)

This commit is contained in:
Ralf Becker 2017-11-07 13:02:39 +01:00
parent 1222ef1813
commit 464f1b3894
3 changed files with 21 additions and 13 deletions

View File

@ -347,9 +347,10 @@ class Acl
* @param string $location location * @param string $location location
* @param int $account_id account id * @param int $account_id account id
* @param int $rights rights * @param int $rights rights
* @param boolean $invalidate_session =true false: do NOT invalidate session
* @return boolean allways true * @return boolean allways true
*/ */
function add_repository($app, $location, $account_id, $rights) function add_repository($app, $location, $account_id, $rights, $invalidate_session=true)
{ {
//echo "<p>self::add_repository('$app','$location',$account_id,$rights);</p>\n"; //echo "<p>self::add_repository('$app','$location',$account_id,$rights);</p>\n";
$this->db->insert(self::TABLE,array( $this->db->insert(self::TABLE,array(
@ -360,7 +361,7 @@ class Acl
'acl_account' => $account_id, 'acl_account' => $account_id,
),__LINE__,__FILE__); ),__LINE__,__FILE__);
if ($account_id == $GLOBALS['egw_info']['user']['account_id'] && if ($invalidate_session && $account_id == $GLOBALS['egw_info']['user']['account_id'] &&
method_exists($GLOBALS['egw'],'invalidate_session_cache')) // egw object in setup is limited method_exists($GLOBALS['egw'],'invalidate_session_cache')) // egw object in setup is limited
{ {
$GLOBALS['egw']->invalidate_session_cache(); $GLOBALS['egw']->invalidate_session_cache();
@ -373,10 +374,11 @@ class Acl
* *
* @param string $app appname * @param string $app appname
* @param string $location location * @param string $location location
* @param int/boolean $accountid = '' account id, default 0=$this->account_id, or false to delete all entries for $app/$location * @param int|boolean $accountid = '' account id, default 0=$this->account_id, or false to delete all entries for $app/$location
* @param boolean $invalidate_session =true false: do NOT invalidate session
* @return int number of rows deleted * @return int number of rows deleted
*/ */
function delete_repository($app, $location, $accountid='') function delete_repository($app, $location, $accountid='', $invalidate_session=true)
{ {
static $cache_accountid = array(); static $cache_accountid = array();
@ -395,15 +397,17 @@ class Acl
$where['acl_account'] = $cache_accountid[$accountid] = get_account_id($accountid,$this->account_id); $where['acl_account'] = $cache_accountid[$accountid] = get_account_id($accountid,$this->account_id);
} }
} }
if (method_exists($GLOBALS['egw'],'invalidate_session_cache')) // egw object in setup is limited
{
$GLOBALS['egw']->invalidate_session_cache();
}
if ($app == '%' || $app == '%%') unset($where['acl_appname']); if ($app == '%' || $app == '%%') unset($where['acl_appname']);
$this->db->delete(self::TABLE,$where,__LINE__,__FILE__); $this->db->delete(self::TABLE,$where,__LINE__,__FILE__);
return $this->db->affected_rows(); $deleted = $this->db->affected_rows();
if ($invalidate_session && $deleted && method_exists($GLOBALS['egw'],'invalidate_session_cache')) // egw object in setup is limited
{
$GLOBALS['egw']->invalidate_session_cache();
}
return $deleted;
} }
/** /**

View File

@ -448,10 +448,14 @@ class Egw extends Egw\Base
* the change should have immediate effect * the change should have immediate effect
*/ */
static function invalidate_session_cache() static function invalidate_session_cache()
{
// if sharing is active, we must not invalidate the session, as it can not be regenerated
if (empty($GLOBALS['egw']->sharing))
{ {
unset($_SESSION['egw_info_cache']); unset($_SESSION['egw_info_cache']);
unset($_SESSION['egw_object_cache']); unset($_SESSION['egw_object_cache']);
} }
}
/** /**
* run string through htmlspecialchars and stripslashes * run string through htmlspecialchars and stripslashes

View File

@ -1497,7 +1497,7 @@ class StreamWrapper extends Api\Db\Pdo implements Vfs\StreamWrapperIface
{ {
self::$extended_acl = null; // force new read of eACL, as there could be multiple eACL for that path self::$extended_acl = null; // force new read of eACL, as there could be multiple eACL for that path
} }
$ret = $GLOBALS['egw']->acl->delete_repository(self::EACL_APPNAME,$fs_id,(int)$owner); $ret = $GLOBALS['egw']->acl->delete_repository(self::EACL_APPNAME, $fs_id, (int)$owner, false);
} }
else else
{ {
@ -1507,7 +1507,7 @@ class StreamWrapper extends Api\Db\Pdo implements Vfs\StreamWrapperIface
// set rights for this class, if applicable // set rights for this class, if applicable
self::$extended_acl[$path] |= $rights; self::$extended_acl[$path] |= $rights;
} }
$ret = $GLOBALS['egw']->acl->add_repository(self::EACL_APPNAME,$fs_id,$owner,$rights); $ret = $GLOBALS['egw']->acl->add_repository(self::EACL_APPNAME, $fs_id, $owner, $rights, false);
} }
if ($ret) if ($ret)
{ {