Skip to content

Commit f8464cd

Browse files
committed
Add ability to reload permissions for all authenticated users
NOTE: Anonymous users cannot reload permissions, you must flush sessions to reload permissions for anonymous users that still have a session.
1 parent 111e546 commit f8464cd

File tree

14 files changed

+73
-29
lines changed

14 files changed

+73
-29
lines changed

_build/build.sample.properties

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,8 @@ git.command = git
1111
#project.name.fs = modx
1212

1313
# Override to set the version and release strings
14-
#modx.core.version = 2.2.0
15-
#modx.core.release = pl2
14+
#modx.core.version = 2.2.1
15+
#modx.core.release = dev
1616

1717
# these properties require a local Git clone in order to produce distributions
1818
# Set this property to produce distribution packages from a Git archive
@@ -25,7 +25,7 @@ git.command = git
2525
#build.nominify = true
2626

2727
# Override to pull source from a specific ref in the git repository
28-
#build.src.tree = v2.2.0-pl2
28+
#build.src.tree = v2.2.1-dev
2929

3030
# Override to turn off the additional of timestamps to the distribution packages (used for nightlies)
3131
#build.timestamp = false

_build/build.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
<property name="project.manager.dir" value="${project.root.dir}/manager" />
2020

2121
<!-- Set the project version -->
22-
<property name="modx.core.version" value="2.2.0" />
23-
<property name="modx.core.release" value="pl2" />
22+
<property name="modx.core.version" value="2.2.1" />
23+
<property name="modx.core.release" value="dev" />
2424

2525
<!-- Set some common build properties -->
2626
<property name="build.dir" value="${project.basedir}" />

core/docs/changelog.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
This file shows the changes in recent releases of MODX. The most current release is usually the
33
development release, and is only shown to give an idea of what's currently in the pipeline.
44

5+
- Add ability to reload permissions for all authenticated users
56
- [#6651] Add properties field and API methods for modResource
67
- [#6613] Ensure page redirects if removing Element via tree that is currently being edited
78
- [#6608] Fix search text in package management when doing empty search

core/docs/version.inc.php

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,9 @@
33
$v['version']= '2'; // Current version.
44
$v['major_version']= '2'; // Current major version.
55
$v['minor_version']= '1'; // Current minor version.
6-
$v['patch_level']= 'pl'; // Current patch level.
6+
$v['patch_level']= 'dev'; // Current patch level.
77
$v['code_name']= 'Revolution'; // Current codename.
88
$v['distro']= '@git@';
99
$v['full_version']= $v['version'] . ($v['major_version'] ? ".{$v['major_version']}" : ".0") . ($v['minor_version'] ? ".{$v['minor_version']}" : ".0") . ($v['patch_level'] ? "-{$v['patch_level']}" : "");
1010
$v['full_appname']= 'MODX' . ($v['code_name'] ? " {$v['code_name']} " : " ") . $v['full_version'] . ' (' . trim($v['distro'], '@') . ')';
1111
return $v;
12-
?>

core/model/modx/modprincipal.class.php

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -50,14 +50,7 @@ public function getAttributes($targets = array(), $context = '', $reload = false
5050
$targets = explode(',', $this->xpdo->getOption('principal_targets', null, 'modAccessContext,modAccessResourceGroup,modAccessCategory,sources.modAccessMediaSource'));
5151
array_walk($targets, 'trim');
5252
}
53-
if (is_array($targets)) {
54-
foreach ($targets as $target) {
55-
$this->loadAttributes($target, $context, $reload);
56-
}
57-
}
58-
elseif (is_string($targets)) {
59-
$this->loadAttributes($targets, $context, $reload);
60-
}
53+
$this->loadAttributes($targets, $context, $reload);
6154
return $this->_attributes[$context];
6255
}
6356
}

core/model/modx/moduser.class.php

Lines changed: 25 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -117,6 +117,16 @@ public function remove(array $ancestors = array()) {
117117
public function loadAttributes($target, $context = '', $reload = false) {
118118
$context = !empty($context) ? $context : $this->xpdo->context->get('key');
119119
$id = $this->get('id') ? (string) $this->get('id') : '0';
120+
if ($this->get('id') && !$reload) {
121+
$staleContexts = $this->get('session_stale');
122+
$stale = array_search($context, $staleContexts);
123+
if ($stale !== false) {
124+
$reload = true;
125+
$staleContexts = array_diff($staleContexts, array($context));
126+
$this->set('session_stale', $staleContexts);
127+
$this->save();
128+
}
129+
}
120130
if ($this->_attributes === null || $reload) {
121131
$this->_attributes = array();
122132
if (isset($_SESSION["modx.user.{$id}.attributes"])) {
@@ -127,18 +137,23 @@ public function loadAttributes($target, $context = '', $reload = false) {
127137
}
128138
}
129139
}
130-
if (!isset($this->_attributes[$context])) $this->_attributes[$context] = array();
131-
if (!isset($this->_attributes[$context][$target])) {
132-
$this->_attributes[$context][$target] = $this->xpdo->call(
133-
$target,
134-
'loadAttributes',
135-
array(&$this->xpdo, $context, $this->get('id'))
136-
);
137-
if (!isset($this->_attributes[$context][$target]) || !is_array($this->_attributes[$context][$target])) {
138-
$this->_attributes[$context][$target] = array();
140+
if (!isset($this->_attributes[$context])) {
141+
$this->_attributes[$context] = array();
142+
}
143+
$target = (array) $target;
144+
foreach ($target as $t) {
145+
if (!isset($this->_attributes[$context][$t])) {
146+
$this->_attributes[$context][$t] = $this->xpdo->call(
147+
$t,
148+
'loadAttributes',
149+
array(&$this->xpdo, $context, $this->get('id'))
150+
);
151+
if (!isset($this->_attributes[$context][$t]) || !is_array($this->_attributes[$context][$t])) {
152+
$this->_attributes[$context][$t] = array();
153+
}
139154
}
140-
$_SESSION["modx.user.{$id}.attributes"] = $this->_attributes;
141155
}
156+
$_SESSION["modx.user.{$id}.attributes"] = $this->_attributes;
142157
}
143158

144159
/**

core/model/modx/mysql/moduser.map.inc.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
'hash_class' => 'hashing.modPBKDF2',
2020
'salt' => '',
2121
'primary_group' => 0,
22+
'session_stale' => NULL,
2223
),
2324
'fieldMeta' =>
2425
array (
@@ -105,6 +106,12 @@
105106
'default' => 0,
106107
'index' => 'index',
107108
),
109+
'session_stale' =>
110+
array (
111+
'dbtype' => 'text',
112+
'phptype' => 'array',
113+
'null' => true,
114+
),
108115
),
109116
'indexes' =>
110117
array (

core/model/modx/processors/security/access/flush.class.php

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,14 @@ public function checkPermissions() {
1111
}
1212

1313
public function process() {
14-
if ($this->modx->getUser()) {
15-
$this->modx->user->getAttributes(array(), '', true);
14+
$ctxQuery = $this->modx->newQuery('modContext');
15+
$ctxQuery->select($this->modx->getSelectColumns('modContext', '', '', array('key')));
16+
if ($ctxQuery->prepare() && $ctxQuery->stmt->execute()) {
17+
$contexts = $ctxQuery->stmt->fetchAll(PDO::FETCH_COLUMN);
18+
if ($contexts) {
19+
$serialized = serialize($contexts);
20+
$this->modx->exec("UPDATE {$this->modx->getTableName('modUser')} SET {$this->modx->escape('session_stale')} = {$this->modx->quote($serialized)}");
21+
}
1622
}
1723
return $this->success();
1824
}

core/model/modx/processors/security/login.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@
4848
unset($key,$value);
4949
}
5050

51+
/** @var $user modUser */
5152
$user= $modx->getObjectGraph('modUser', '{"Profile":{},"UserSettings":{}}', array ('modUser.username' => $username));
5253

5354
if (!$user) {

core/model/modx/sqlsrv/moduser.map.inc.php

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
'hash_class' => 'hashing.modPBKDF2',
2020
'salt' => '',
2121
'primary_group' => 0,
22+
'session_stale' => NULL,
2223
),
2324
'fieldMeta' =>
2425
array (
@@ -102,6 +103,13 @@
102103
'default' => 0,
103104
'index' => 'index',
104105
),
106+
'session_stale' =>
107+
array (
108+
'dbtype' => 'nvarchar',
109+
'precision' => 'max',
110+
'phptype' => 'array',
111+
'null' => true,
112+
),
105113
),
106114
'indexes' =>
107115
array (

core/model/schema/modx.mysql.schema.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1117,6 +1117,7 @@
11171117
<field key="hash_class" dbtype="varchar" precision="100" phptype="string" null="false" default="hashing.modPBKDF2" />
11181118
<field key="salt" dbtype="varchar" precision="100" phptype="string" null="false" default="" />
11191119
<field key="primary_group" dbtype="int" precision="10" phptype="integer" attributes="unsigned" null="false" default="0" index="index" />
1120+
<field key="session_stale" dbtype="text" phptype="array" null="true" />
11201121

11211122
<index alias="username" name="username" primary="false" unique="true" type="BTREE">
11221123
<column key="username" length="" collation="A" null="false" />

core/model/schema/modx.sqlsrv.schema.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1109,6 +1109,7 @@
11091109
<field key="hash_class" dbtype="nvarchar" precision="100" phptype="string" null="false" default="hashing.modPBKDF2" />
11101110
<field key="salt" dbtype="nvarchar" precision="100" phptype="string" null="false" default="" />
11111111
<field key="primary_group" dbtype="int" phptype="integer" null="false" default="0" index="index" />
1112+
<field key="session_stale" dbtype="nvarchar" precision="max" phptype="array" null="true" />
11121113

11131114
<index alias="username" name="username" primary="false" unique="true" type="BTREE">
11141115
<column key="username" length="" collation="A" null="false" />

setup/includes/upgrades/mysql/2.2.1-pl.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,4 +18,10 @@
1818
$class = 'modResource';
1919
$table = $modx->getTableName($class);
2020
$description = $this->install->lexicon('add_column',array('column' => 'properties','table' => $table));
21-
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'properties'));
21+
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'properties'));
22+
23+
/* add session_stale field to modUser */
24+
$class = 'modUser';
25+
$table = $modx->getTableName($class);
26+
$description = $this->install->lexicon('add_column',array('column' => 'session_stale','table' => $table));
27+
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'session_stale'));

setup/includes/upgrades/sqlsrv/2.2.1-pl.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,4 +18,10 @@
1818
$class = 'modResource';
1919
$table = $modx->getTableName($class);
2020
$description = $this->install->lexicon('add_column',array('column' => 'properties','table' => $table));
21-
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'properties'));
21+
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'properties'));
22+
23+
/* add session_stale field to modUser */
24+
$class = 'modUser';
25+
$table = $modx->getTableName($class);
26+
$description = $this->install->lexicon('add_column',array('column' => 'session_stale','table' => $table));
27+
$this->processResults($class, $description, array($modx->manager, 'addField'), array($class, 'session_stale'));

0 commit comments

Comments
 (0)