Invalid Space ID: bo1Vruk7Wr37HHeJe5aVNr
Arrow_left   Arrow_right
 
  #172

Possibility for Access permissions to stay in Session forever

    • Created on: Mon, 05 Apr 2010 (almost 2 years ago)
    • Reported by: Adam Price
    • Assigned to: -
    • Milestone: Version 1.0
    • Resolution: -
    • Status: New
    • Priority: High (2)
    • Component: Access Control
    • Type: Bug
    • Version: 1.0
    Since the access permissions are stored in the session after being calculated it is fine if the session refresh time is set to 2hrs but if it set to forever, the access permissions for the user will never be re-calculated again.
  • Followers
     
    Ico-users Adam Price 
     
    Attachments
    No attachments
    Associations
     
    Ticket No. Relation Summary Status Action
    #149 Related Save Asset Configuration to Session Accepted  
    Activity
     
    User picture

          on Apr 05, 2010 @ 12:10PM UTC * By Adam Price

    Priority changed from Normal (3) to High (2)
    User picture

          on Apr 24, 2010 @ 12:23AM UTC * By Adam Price

    Version set to 1.0
    Updating tickets (#145, #149, #151, #172, #118, #148, #150, #152, #162, #169, #170, #173, #174, #59, #153)
    User picture

          on Apr 24, 2010 @ 09:58AM UTC * By Adam Price

    Possible fix for this:

    Access_permission.php
------------------------------------------------------------------------------------
226
function change_permission()
{
$this->session->unset_userdata('bep_access_permissions');

$group_id = $this->input->post('group_id');
$resource_id = $this->input->post('resource_id');
$action_id = $this->input->post('action_id');
$permission = $this->input->post('permission');
233




Access.php
------------------------------------------------------------------------------------
97                      if(($cached_permission = $this->_get_cached_permission($group_id, $resource, $action)) === TRUE )
136                         $this->_save_cached_permission($group_id, $resource, $action, TRUE);
143                        $this->_save_cached_permission($group_id, $resource, $action, FALSE);

171   function _save_cached_permission($group_id, $resource, $action = NULL, $result = FALSE)
179   $this->cache[$group_id][$resource][$action] = $result;

194     function _get_cached_permission($group_id, $resource, $action = NULL)
208     if(isset($this->cache[$group_id][$resource][$action]))
211     return $this->cache[$group_id][$resource][$action];




Access_model.php
----------------------------------------------------------------------------------------------------
72    if(!is_null($action_id) && is_numeric($action_id))    ??
    Time Expenditure
    Loading