From 64fb7a6edb00fac497fa9ef58b2b8f49a5f8b4ed Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Tue, 19 Apr 2016 23:47:08 +0300 Subject: model: cache permissions at user object --- aconf/model/aaa.lua | 19 ++++++++++++------- aconf/model/node.lua | 7 +++---- 2 files changed, 15 insertions(+), 11 deletions(-) (limited to 'aconf') diff --git a/aconf/model/aaa.lua b/aconf/model/aaa.lua index 3f62ef0..982e5b3 100644 --- a/aconf/model/aaa.lua +++ b/aconf/model/aaa.lua @@ -1,5 +1,5 @@ --[[ -Copyright (c) 2012-2015 Kaarle Ritvanen +Copyright (c) 2012-2016 Kaarle Ritvanen See LICENSE file for license details --]] @@ -56,14 +56,19 @@ function User:check_password(password) end function User:check_permission(permission) - assert(self:fetch('/aaa/permissions')[permission]) - - for _, role in node.pairs(self.roles, true) do - for _, p in node.pairs(role.permissions, true) do - if p == permission then return true end + local mt = getmetatable(self) + if not mt.permissions then + mt.permissions = {} + for _, p in pairs(self:fetch('../../permissions')) do + mt.permissions[p] = false + end + for _, role in node.pairs(self.roles, true) do + for _, p in node.pairs(role.permissions, true) do + mt.permissions[p] = true + end end end - return false + return mt.permissions[permission] end diff --git a/aconf/model/node.lua b/aconf/model/node.lua index c1d53e9..ccbb418 100644 --- a/aconf/model/node.lua +++ b/aconf/model/node.lua @@ -1,5 +1,5 @@ --[[ -Copyright (c) 2012-2015 Kaarle Ritvanen +Copyright (c) 2012-2016 Kaarle Ritvanen See LICENSE file for license details --]] @@ -200,9 +200,8 @@ function M.TreeNode:init(context, params) res = user.superuser or mt._has_permission(permission) if res == nil then - if getmetatable(mt.escalate).fetch('/aaa/permissions')[name] then - res = user:check_permission(name) - else + res = mt.txn.user:check_permission(name) + if res == nil then if ({create=true, delete=true})[permission] then permission = 'modify' end -- cgit v1.2.3