Merge a148788 into e8b060d

LibreCat · Mar 5, 2020 · e4ff930 · e4ff930
2 parents e8b060d + a148788
commit e4ff930
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 18 deletions.
diff --git a/cpanfile b/cpanfile
@@ -84,6 +84,7 @@ requires 'App::bmkpasswd', '2.010001';
 requires 'Autoload::AUTOCAN', '0.005';
 requires 'Business::ISBN10';
 requires 'Business::ISBN13';
+requires 'CHI','0.60';
 requires 'Clone';
 requires 'Code::TidyAll', 0;
 requires 'Config::Onion', '>= 1.007';

diff --git a/lib/LibreCat/App/Catalogue/Controller/Permission.pm b/lib/LibreCat/App/Catalogue/Controller/Permission.pm
@@ -9,9 +9,42 @@ use LibreCat::Access;
 use Carp;
 use Dancer qw(:syntax);
 use Exporter qw/import/;
+use CHI;
 
 use Moo;
 
+sub cache {
+    state $cache = CHI->new(
+        driver => "Memory",
+        datastore => +{},
+        expires_in => h->config->{permissions}->{cache}->{expires_in} // 5,
+    );
+}
+
+sub get_cached_publication {
+    my $id = $_[0];
+
+    my $pub = cache()->get( "RECORD_${id}" );
+    my $set_cache = !$pub;
+    $pub //= h->main_publication->get($id);
+
+    cache()->set( "RECORD_${id}", $pub) if $set_cache;
+
+    $pub;
+}
+
+sub get_cached_user {
+    my $user_id = $_[0];
+
+    my $user = cache()->get( "USER_${user_id}" );
+    my $set_cache = !$user;
+    $user //= h->get_person( $user_id );
+
+    cache()->set("USER_${user_id}", $user) if $set_cache;
+
+    $user;
+}
+
 sub _can_do_action {
     my ($self, $action, $id, $opts) = @_;
 
@@ -30,8 +63,11 @@ sub _can_do_action {
 
     return 0 unless defined($user_id) && defined($role);
 
-    my $pub   = publication->search_bag->get($id) or return 0;
-    my $user  = h->get_person($user_id);
+    my $pub   = $opts->{live} ? h->main_publication->get($id) : get_cached_publication($id);
+
+    is_hash_ref($pub) or return 0;
+
+    my $user  = $opts->{live} ? h->get_person( $user_id ) : get_cached_user($user_id);
 
     # do not touch deleted records
     return 0 if $pub->{status} && $pub->{status} eq 'deleted';
@@ -69,7 +105,9 @@ Publication identifier
 
 =item opts
 
-Hash reference containing "user_id" and "role". Both must be a string
+ * user_id
+ * role
+ * [live=1]
 
 =back
 
@@ -90,7 +128,9 @@ Publication identifier
 
 =item opts
 
-Hash reference containing "user_id" and "role". Both must be a string
+* user_id
+* role
+* [live=1]
 
 =back
 
@@ -111,7 +151,9 @@ Publication identifier
 
 =item opts
 
-Hash reference containing "user_id" and "role". Both must be a string
+* user_id
+* role
+* [live=1]
 
 =back
 
@@ -132,7 +174,9 @@ Publication identifier
 
 =item opts
 
-Hash reference containing "user_id" and "role". Both must be a string
+* user_id
+* role
+* [live=1]
 
 =back
 
@@ -153,7 +197,9 @@ Publication identifier
 
 =item opts
 
-Hash reference containing "user_id" and "role". Both must be a string
+* user_id
+* role
+* [live=1]
 
 =back
 
@@ -180,6 +226,7 @@ Hash reference containing:
     * role (string)
     * file_id (string)
     * ip (string)
+    * [live=1]
 
 =back
 
@@ -191,8 +238,10 @@ sub can_download {
     is_string($id)     or return (0, "");
     is_hash_ref($opts) or return (0, "");
 
-    my $pub = publication->search_bag->get($id) or return (0, "");
+    my $pub   = $opts->{live} ? h->main_publication->get($id) : get_cached_publication($id);
 
+    is_hash_ref($pub) or retur (0,"");
+
     my $file_id = $opts->{file_id};
     my $user_id = $opts->{user_id};
     my $role    = $opts->{role};

diff --git a/lib/LibreCat/App/Catalogue/Route/file.pm b/lib/LibreCat/App/Catalogue/Route/file.pm
@@ -156,7 +156,8 @@ sub _handle_download {
             file_id => $file_id,
             user_id => session->{user_id},
             role    => session->{role},
-            ip      => request->address
+            ip      => request->address,
+            live    => 1
         }
     );
 

diff --git a/lib/LibreCat/App/Catalogue/Route/publication.pm b/lib/LibreCat/App/Catalogue/Route/publication.pm
@@ -139,7 +139,7 @@ Checks if the user has permission the see/edit this record.
         unless (
             p->can_edit(
                 $rec->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -201,7 +201,7 @@ Checks if the user has the rights to update this record.
             $params->{finalSubmit} eq 'recPublish'
             && p->can_make_public(
                 $params->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -211,7 +211,7 @@ Checks if the user has the rights to update this record.
             $params->{finalSubmit} eq 'recReturn'
             && p->can_return(
                 $params->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -221,7 +221,7 @@ Checks if the user has the rights to update this record.
             $params->{finalSubmit} eq 'recSubmit'
             && p->can_submit(
                 $params->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -230,7 +230,7 @@ Checks if the user has the rights to update this record.
         elsif (
             p->can_edit(
                 $params->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
         )
         {
@@ -352,7 +352,7 @@ Checks if the user has the rights to edit this record.
         unless (
             p->can_return(
                 $rec->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -390,7 +390,7 @@ Deletes record with id. For admins only.
         unless (
             p->can_delete(
                 $rec->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {
@@ -518,7 +518,7 @@ Publishes private records, returns to the list.
         unless (
             p->can_make_public(
                 $rec->{_id},
-                {user_id => session("user_id"), role => session("role")}
+                {user_id => session("user_id"), role => session("role"), live=>1}
             )
             )
         {

diff --git a/t/LibreCat/App/Catalogue/Route/file.t b/t/LibreCat/App/Catalogue/Route/file.t
@@ -159,7 +159,6 @@ note("hide record from public and try to download");
     $pubs->search_bag->add($r);
     $pubs->bag->commit();
     $pubs->search_bag->commit;
-
     $mech->max_redirect(0);
     $mech->get("/download/$record_id/$file_id/$file_name");
     is ($mech->status, 403, "forbidden: status 403");