permission cache storage

Discussion forum for Extension Writers regarding Extension Development.
Post Reply
LaxSlash1993
Registered User
Posts: 182
Joined: Sat Sep 22, 2012 2:20 am

permission cache storage

Post by LaxSlash1993 » Sun Nov 06, 2016 5:18 am

How/where are group and user permissions stored in the cache? I can only find where roles and options are.

User avatar
3Di
Former Team Member
Posts: 13688
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: permission cache storage

Post by 3Di » Sun Nov 06, 2016 5:41 am

_role_cache contains one or all users cached permission settings.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫

LaxSlash1993
Registered User
Posts: 182
Joined: Sat Sep 22, 2012 2:20 am

Re: permission cache storage

Post by LaxSlash1993 » Sun Nov 13, 2016 10:39 pm

Had some time to sit down and take a look at this.

Getting kinda confused, however. Where does acl_get get permissions from... the cache files? Or from user_permissions in the users table? And what's the point of having both user_permissions and the cache?

User avatar
3Di
Former Team Member
Posts: 13688
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: permission cache storage

Post by 3Di » Mon Nov 14, 2016 12:56 am

Here's the "auth" API doc: https://area51.phpbb.com/docs/code/3.1. ... /auth.html
On a side note: there are differencies between acl_get and acl_gets.

If you expand your question telling us what you are trying to achieve together with some code example of what you are working on.. may be we could be of more help.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫

LaxSlash1993
Registered User
Posts: 182
Joined: Sat Sep 22, 2012 2:20 am

Re: permission cache storage

Post by LaxSlash1993 » Mon Nov 14, 2016 3:28 am

Basically what I'm trying to do is create two completely new local permission types for my extension - s_ and app_. The way I have it working now is it gets auth values on each user setup, finds out which ones are allowed for a user and which ones aren't, and then puts the allowed permissions for the user into the user object - so when a check is called, it just checks out if the permission is in their authorization array.

It's not exactly the most efficient way of doing it... I'd like to have them use the cache in the same sense the built-in permissions do. Which is what I'm trying to figure out.

User avatar
3Di
Former Team Member
Posts: 13688
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: permission cache storage

Post by 3Di » Mon Nov 14, 2016 5:16 pm

Aren't you using the permission tool for your extension?
Did you already perform a search in this forum about perms?

A github'ed repository here linked sure helps a lot.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫

LaxSlash1993
Registered User
Posts: 182
Joined: Sat Sep 22, 2012 2:20 am

Re: permission cache storage

Post by LaxSlash1993 » Mon Nov 14, 2016 6:24 pm

3Di wrote:Aren't you using the permission tool for your extension?
Did you already perform a search in this forum about perms?

A github'ed repository here linked sure helps a lot.
Yes and yes. I'm using that for my a_ and m_ permissions. But what I need is a new permission type apart from a_ m_ and f_ that checks another ID as opposed to Forum ID.

I'll post a Git repo of what I have so far later on tonight when I have the time to do so.

User avatar
gn#36
Translator
Posts: 185
Joined: Fri Oct 13, 2006 1:16 pm
Contact:

Re: permission cache storage

Post by gn#36 » Fri Nov 18, 2016 7:27 am

Several years ago, I have done something similar for phpBB 3.0. I wanted to have separate permissions for some pages inside my mod that had nothing to do with forums. The mod is no longer used and I never created separate install instructions, but if I invest a bit of time I am fairly sure I can find it somewhere inside my VCS.

Regardless of that, you will have to create your own ACP pages for handling the permissions and roles.

The compiled user permissions are stored in the users table (user_permissions) and extracted from there by the auth class. Remember to clear that column on a regular basis when you are experimenting with the permissions. The auth class is not perfectly independent of the auth options. For example, its handling of "a_" is special due to founder privileges. But as far as I know, that only is the case for creating the cache and I don't see a reason for any other special handling. You might run into trouble if the existence of forum_ids is checked (which will not necessarily be the case for forum independent local permissions), but probably you will be fine on that regard.

But you should take a really close look on how the compilation and caching of permissions is done to see if there is trouble to be expected by adding a fifth or sixth type of permissions. You could use your own slightly modified variant of the auth class (e.g. using inheritance) if need be. But I think that part was more or less straight forward, it took way more time to create the ACP modules necessary to handle the new permissions.
German Support Team Member • http://www.phpbb.de • My Extensions in the CDB • My Extensions on Github • Contact with caos is inavoidable but no catastrophy if you keep an overview.

User avatar
3Di
Former Team Member
Posts: 13688
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: permission cache storage

Post by 3Di » Fri Nov 18, 2016 10:45 am

As a matter of fact I tought the best way to do that is to extend the auth class with a Service replacement.

The "same method" is named and used in 3.2.x as Service decoration.

Everything I posted here is purely theoric since I didn't experiment all of that.
Also I am not yet aware of extensions that are using this method/s.

If that's the way to go, I feel is more elegant and functional though.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫

User avatar
3Di
Former Team Member
Posts: 13688
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: permission cache storage

Post by 3Di » Fri Nov 18, 2016 11:22 am

gn#36 wrote:But I think that part was more or less straight forward, it took way more time to create the ACP modules necessary to handle the new permissions.
Indeed.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫

User avatar
gn#36
Translator
Posts: 185
Joined: Fri Oct 13, 2006 1:16 pm
Contact:

Re: permission cache storage

Post by gn#36 » Fri Nov 18, 2016 4:57 pm

3Di wrote:As a matter of fact I tought the best way to do that is to extend the auth class with a Service replacement.

The "same method" is named and used in 3.2.x as Service decoration.
If changes to auth are necessary and must be used in core parts, then agree. But if the permissions are separate from forums, then I don't think this would be necessary. It would be sufficient to pass the service replacement or decoration to ones own modules only. I would rather avoid changing the auth class that is used everywhere in the board and only use the adjusted one where it is really needed. But since the board itself will never check the app_ permissions by itself, I doubt that is necessary, because you can pass your adapted auth class to all your own modules easily.
Actually, I don't really think any changes to auth are necessary at all for an additional permission type unless you need special handling (like: apply all app_ permissions if u_app is there or something like that).
German Support Team Member • http://www.phpbb.de • My Extensions in the CDB • My Extensions on Github • Contact with caos is inavoidable but no catastrophy if you keep an overview.

Post Reply

Return to “Extension Writers Discussion”