php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-01 20:19:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #19847: Fix regression introduced in #15376 that caused DbManager::getRolesByUser() to return stale data

Browse Source
This commit is contained in:
Michaël Arnauts
2023-05-24 19:21:37 +02:00
committed by GitHub
parent e8f2ca727d
commit 37cd13e9c7
3 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
framework/CHANGELOG.md
View File

@ -4,7 +4,7 @@ Yii Framework 2 Change Log
2.0.49 under development 2.0.49 under development
------------------------ ------------------------
- no changes in this release. - Bug #19847: Fix regression introduced in #15376 that caused `DbManager::getRolesByUser()` to return stale data (michaelarnauts)
2.0.48 May 22, 2023 2.0.48 May 22, 2023

15
framework/rbac/DbManager.php
View File

@ -882,6 +882,9 @@ class DbManager extends BaseManager
])->execute(); ])->execute();
unset($this->checkAccessAssignments[(string) $userId]); unset($this->checkAccessAssignments[(string) $userId]);
$this->invalidateCache();
return $assignment; return $assignment;
} }
@ -895,9 +898,13 @@ class DbManager extends BaseManager
} }
unset($this->checkAccessAssignments[(string) $userId]); unset($this->checkAccessAssignments[(string) $userId]);
return $this->db->createCommand() $result = $this->db->createCommand()
->delete($this->assignmentTable, ['user_id' => (string) $userId, 'item_name' => $role->name]) ->delete($this->assignmentTable, ['user_id' => (string) $userId, 'item_name' => $role->name])
->execute() > 0; ->execute() > 0;
$this->invalidateCache();
return $result;
} }
/** /**
@ -910,9 +917,13 @@ class DbManager extends BaseManager
} }
unset($this->checkAccessAssignments[(string) $userId]); unset($this->checkAccessAssignments[(string) $userId]);
return $this->db->createCommand() $result = $this->db->createCommand()
->delete($this->assignmentTable, ['user_id' => (string) $userId]) ->delete($this->assignmentTable, ['user_id' => (string) $userId])
->execute() > 0; ->execute() > 0;
$this->invalidateCache();
return $result;
} }
/** /**

21
tests/framework/rbac/DbManagerTestCase.php
View File

@ -220,17 +220,27 @@ abstract class DbManagerTestCase extends ManagerTestCase
$admin = $this->auth->createRole('Admin'); $admin = $this->auth->createRole('Admin');
$this->auth->add($admin); $this->auth->add($admin);
$this->auth->assign($admin, 1);
$manager = $this->auth->createRole('Manager'); $manager = $this->auth->createRole('Manager');
$this->auth->add($manager); $this->auth->add($manager);
$adminUserRoles = $this->auth->getRolesByUser(1);
$this->assertArrayHasKey('myDefaultRole', $adminUserRoles);
$this->assertArrayNotHasKey('Admin', $adminUserRoles);
$this->auth->assign($admin, 1);
$managerUserRoles = $this->auth->getRolesByUser(2);
$this->assertArrayHasKey('myDefaultRole', $managerUserRoles);
$this->assertArrayNotHasKey('Manager', $managerUserRoles);
$this->auth->assign($manager, 2); $this->auth->assign($manager, 2);
$adminUserRoles = $this->auth->getRolesByUser(1); $adminUserRoles = $this->auth->getRolesByUser(1);
$this->assertArrayHasKey('myDefaultRole', $adminUserRoles);
$this->assertArrayHasKey('Admin', $adminUserRoles); $this->assertArrayHasKey('Admin', $adminUserRoles);
$this->assertEquals($admin->name, $adminUserRoles['Admin']->name); $this->assertEquals($admin->name, $adminUserRoles['Admin']->name);
$managerUserRoles = $this->auth->getRolesByUser(2); $managerUserRoles = $this->auth->getRolesByUser(2);
$this->assertArrayHasKey('myDefaultRole', $managerUserRoles);
$this->assertArrayHasKey('Manager', $managerUserRoles); $this->assertArrayHasKey('Manager', $managerUserRoles);
$this->assertEquals($manager->name, $managerUserRoles['Manager']->name); $this->assertEquals($manager->name, $managerUserRoles['Manager']->name);
} }
@ -350,7 +360,7 @@ abstract class DbManagerTestCase extends ManagerTestCase
} }
$this->assertSingleQueryToAssignmentsTable($logTarget); $this->assertSingleQueryToAssignmentsTable($logTarget);
// verify cache is flushed on unassign (createPost is now false again) // verify cache is flushed on revoke (createPost is now false again)
$this->auth->revoke($this->auth->getRole('admin'), 'reader A'); $this->auth->revoke($this->auth->getRole('admin'), 'reader A');
foreach (['readPost' => true, 'createPost' => false] as $permission => $result) { foreach (['readPost' => true, 'createPost' => false] as $permission => $result) {
$this->assertEquals($result, $this->auth->checkAccess('reader A', $permission), "Checking $permission"); $this->assertEquals($result, $this->auth->checkAccess('reader A', $permission), "Checking $permission");
@ -379,8 +389,11 @@ abstract class DbManagerTestCase extends ManagerTestCase
private function assertSingleQueryToAssignmentsTable($logTarget) private function assertSingleQueryToAssignmentsTable($logTarget)
{ {
$this->assertCount(1, $logTarget->messages, 'Only one query should have been performed, but there are the following logs: ' . print_r($logTarget->messages, true)); $messages = array_filter($logTarget->messages, function ($message) {
$this->assertContains('auth_assignment', $logTarget->messages[0][0], 'Log message should be a query to auth_assignment table'); return strpos($message[0], 'auth_assignment') !== false;
});
$this->assertCount(1, $messages, 'Only one query should have been performed, but there are the following logs: ' . print_r($logTarget->messages, true));
$this->assertContains('auth_assignment', $messages[0][0], 'Log message should be a query to auth_assignment table');
$logTarget->messages = []; $logTarget->messages = [];
} }
} }