[ARVADOS] updated: 1.3.0-494-g7618631a4
Git user
git at public.curoverse.com
Tue Mar 12 14:59:28 EDT 2019
Summary of changes:
doc/api/methods/groups.html.textile.liquid | 4 +-
services/api/app/models/group.rb | 2 +-
services/api/app/models/link.rb | 2 +-
services/api/app/models/user.rb | 11 ++---
services/api/config/application.default.yml | 8 +---
services/api/lib/refresh_permission_view.rb | 5 +++
services/api/script/permission-updater.rb | 47 ----------------------
.../arvados/v1/groups_controller_test.rb | 14 -------
services/api/test/integration/groups_test.rb | 32 +++++++++++++++
9 files changed, 45 insertions(+), 80 deletions(-)
delete mode 100755 services/api/script/permission-updater.rb
via 7618631a452ffee2bee191ab04ab0b83bd0bc4b7 (commit)
via 9af03429f40bc8c9fcf8f680855c5c5c1fc4b2ad (commit)
via 9d230cdee24f56452dcb25f20f8ae7566167ee5f (commit)
from 653f7d5a99c8e46ff9fe58b8d491f8bd4f3da7a3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 7618631a452ffee2bee191ab04ab0b83bd0bc4b7
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date: Tue Mar 12 15:58:57 2019 -0300
13593: Moves & enhances group creation with async=true test.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>
diff --git a/services/api/lib/refresh_permission_view.rb b/services/api/lib/refresh_permission_view.rb
index f3e1ed6a4..25be3c08d 100644
--- a/services/api/lib/refresh_permission_view.rb
+++ b/services/api/lib/refresh_permission_view.rb
@@ -14,7 +14,11 @@ end
def refresh_permission_view(async=false)
if async and Rails.configuration.async_permissions_update_interval > 0
exp = Rails.configuration.async_permissions_update_interval.seconds
+ need = false
Rails.cache.fetch('AsyncRefreshPermissionView', expires_in: exp) do
+ need = true
+ end
+ if need
# Schedule a new permission update and return immediately
Thread.new do
Thread.current.abort_on_exception = false
diff --git a/services/api/test/functional/arvados/v1/groups_controller_test.rb b/services/api/test/functional/arvados/v1/groups_controller_test.rb
index 564a94d51..55493046e 100644
--- a/services/api/test/functional/arvados/v1/groups_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/groups_controller_test.rb
@@ -403,20 +403,6 @@ class Arvados::V1::GroupsControllerTest < ActionController::TestCase
new_project['name'])
end
- test "create request with async=true returns 202 Accepted" do
- name = "Random group #{rand(1000)}"
- assert_equal nil, Group.find_by_name(name)
- authorize_with :active
- post :create, {
- group: {
- name: name
- },
- async: true
- }
- assert_response :accepted
- assert_not_equal nil, Group.find_by_name(name)
- end
-
test "unsharing a project results in hiding it from previously shared user" do
# remove sharing link for project
@controller = Arvados::V1::LinksController.new
diff --git a/services/api/test/integration/groups_test.rb b/services/api/test/integration/groups_test.rb
index c4ab3cffc..6b1bf795e 100644
--- a/services/api/test/integration/groups_test.rb
+++ b/services/api/test/integration/groups_test.rb
@@ -122,4 +122,36 @@ class GroupsTest < ActionDispatch::IntegrationTest
assert_includes coll_uuids, collections(:foo_collection_in_aproject).uuid
assert_not_includes coll_uuids, collections(:expired_collection).uuid
end
+
+ test "create request with async=true defers permissions update" do
+ Rails.configuration.async_permissions_update_interval = 1 # seconds
+ name = "Random group #{rand(1000)}"
+ assert_equal nil, Group.find_by_name(name)
+ post "/arvados/v1/groups", {
+ group: {
+ name: name
+ },
+ async: true
+ }, auth(:active)
+ assert_response 202
+ g = Group.find_by_name(name)
+ assert_not_nil g
+ get "/arvados/v1/groups", {
+ filters: [["name", "=", name]].to_json,
+ limit: 10
+ }, auth(:active)
+ assert_response 200
+ assert_equal 0, json_response['items_available']
+
+ # Unblock the thread doing the permissions update
+ ActiveRecord::Base.clear_active_connections!
+
+ sleep(3)
+ get "/arvados/v1/groups", {
+ filters: [["name", "=", name]].to_json,
+ limit: 10
+ }, auth(:active)
+ assert_response 200
+ assert_equal 1, json_response['items_available']
+ end
end
commit 9af03429f40bc8c9fcf8f680855c5c5c1fc4b2ad
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date: Tue Mar 12 12:04:49 2019 -0300
13593: Cleans up old experimental code.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>
diff --git a/services/api/app/models/group.rb b/services/api/app/models/group.rb
index f4d5ec589..46bb447d1 100644
--- a/services/api/app/models/group.rb
+++ b/services/api/app/models/group.rb
@@ -40,7 +40,7 @@ class Group < ArvadosModel
def invalidate_permissions_cache
# Ensure a new group can be accessed by the appropriate users
# immediately after being created.
- User.invalidate_permissions_cache db_current_time.to_i, self.async_permissions_update
+ User.invalidate_permissions_cache self.async_permissions_update
end
def assign_name
diff --git a/services/api/app/models/link.rb b/services/api/app/models/link.rb
index bf21cf4b6..ac3efe310 100644
--- a/services/api/app/models/link.rb
+++ b/services/api/app/models/link.rb
@@ -68,7 +68,7 @@ class Link < ArvadosModel
# permissions for head_uuid and tail_uuid, and invalidate the
# cache for only those users. (This would require a browseable
# cache.)
- User.invalidate_permissions_cache db_current_time.to_i
+ User.invalidate_permissions_cache
end
end
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 2f3c6c89c..8ed97e6b1 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -141,16 +141,11 @@ class User < ArvadosModel
true
end
- def self.invalidate_permissions_cache(timestamp=nil, async=false)
- if Rails.configuration.async_permissions_update
- timestamp = DbCurrentTime::db_current_time.to_i if timestamp.nil?
- connection.execute "NOTIFY invalidate_permissions_cache, '#{timestamp}'"
- else
- refresh_permission_view(async)
- end
+ def self.invalidate_permissions_cache(async=false)
+ refresh_permission_view(async)
end
- def invalidate_permissions_cache(timestamp=nil)
+ def invalidate_permissions_cache
User.invalidate_permissions_cache
end
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index b75202282..8f0dbf4e4 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -496,12 +496,6 @@ common:
# (included in vendor packages).
package_version: false
- # Enable asynchronous permission graph rebuild. Must run
- # script/permission-updater.rb as a separate process. When the permission
- # cache is invalidated, the background process will update the permission
- # graph cache. This feature is experimental!
- async_permissions_update: false
-
# Default value for container_count_max for container requests. This is the
# number of times Arvados will create a new container to satisfy a container
# request. If a container is cancelled it will retry a new container if
diff --git a/services/api/script/permission-updater.rb b/services/api/script/permission-updater.rb
deleted file mode 100755
index 985aa0542..000000000
--- a/services/api/script/permission-updater.rb
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/usr/bin/env ruby
-# Copyright (C) The Arvados Authors. All rights reserved.
-#
-# SPDX-License-Identifier: AGPL-3.0
-
-ENV["RAILS_ENV"] = ARGV[0] || ENV["RAILS_ENV"] || "development"
-require File.dirname(__FILE__) + '/../config/boot'
-require File.dirname(__FILE__) + '/../config/environment'
-include DbCurrentTime
-
-def update_permissions
- timestamp = DbCurrentTime::db_current_time.to_i
- Rails.logger.info "Begin updating permission cache"
- User.all.each do |u|
- u.calculate_group_permissions
- end
- Rails.cache.write "last_updated_permissions", timestamp
- Rails.logger.info "Permission cache updated"
-end
-
-ActiveRecord::Base.connection_pool.with_connection do |connection|
- conn = connection.instance_variable_get(:@connection)
- begin
- conn.async_exec "LISTEN invalidate_permissions_cache"
-
- # Initial refresh of permissions graph
- update_permissions
-
- while true
- # wait_for_notify will block until there is a change
- # notification from Postgres about the permission cache,
- # and then rebuild the permission cache.
- conn.wait_for_notify do |channel, pid, payload|
- last_updated = Rails.cache.read("last_updated_permissions")
- Rails.logger.info "Got notify #{payload} last update #{last_updated}"
- if last_updated.nil? || last_updated.to_i <= payload.to_i
- update_permissions
- end
- end
- end
- ensure
- # Don't want the connection to still be listening once we return
- # it to the pool - could result in weird behavior for the next
- # thread to check it out.
- conn.async_exec "UNLISTEN *"
- end
-end
commit 9d230cdee24f56452dcb25f20f8ae7566167ee5f
Author: Lucas Di Pentima <ldipentima at veritasgenetics.com>
Date: Tue Mar 12 11:38:09 2019 -0300
13593: Changes default async permission update interval. Clears cache.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima at veritasgenetics.com>
diff --git a/doc/api/methods/groups.html.textile.liquid b/doc/api/methods/groups.html.textile.liquid
index ed74f81d1..9c75fa8ec 100644
--- a/doc/api/methods/groups.html.textile.liquid
+++ b/doc/api/methods/groups.html.textile.liquid
@@ -68,7 +68,7 @@ Arguments:
table(table table-bordered table-condensed).
|_. Argument |_. Type |_. Description |_. Location |_. Example |
|group|object||query||
-|async|boolean (default false)|Defer the permissions graph update by a configured number of seconds. (By default, @async_permissions_update_interval@ is 60 seconds). On success, the response is 202 (Accepted).|query|@true@|
+|async|boolean (default false)|Defer the permissions graph update by a configured number of seconds. (By default, @async_permissions_update_interval@ is 20 seconds). On success, the response is 202 (Accepted).|query|@true@|
h3. delete
@@ -116,7 +116,7 @@ table(table table-bordered table-condensed).
|_. Argument |_. Type |_. Description |_. Location |_. Example |
{background:#ccffcc}.|uuid|string|The UUID of the Group in question.|path||
|group|object||query||
-|async|boolean (default false)|Defer the permissions graph update by a configured number of seconds. (By default, @async_permissions_update_interval@ is 60 seconds). On success, the response is 202 (Accepted).|query|@true@|
+|async|boolean (default false)|Defer the permissions graph update by a configured number of seconds. (By default, @async_permissions_update_interval@ is 20 seconds). On success, the response is 202 (Accepted).|query|@true@|
h3. untrash
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index 0d44ef447..b75202282 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -192,7 +192,7 @@ common:
# Interval (seconds) between asynchronous permission view updates. Any
# permission-updating API called with the 'async' parameter schedules a an
# update on the permission view in the future, if not already scheduled.
- async_permissions_update_interval: 60
+ async_permissions_update_interval: 20
# Maximum characters of (JSON-encoded) query parameters to include
# in each request log entry. When params exceed this size, they will
diff --git a/services/api/lib/refresh_permission_view.rb b/services/api/lib/refresh_permission_view.rb
index cfd7b6ae5..f3e1ed6a4 100644
--- a/services/api/lib/refresh_permission_view.rb
+++ b/services/api/lib/refresh_permission_view.rb
@@ -20,6 +20,7 @@ def refresh_permission_view(async=false)
Thread.current.abort_on_exception = false
begin
sleep(exp)
+ Rails.cache.delete('AsyncRefreshPermissionView')
do_refresh_permission_view
rescue => e
Rails.logger.error "Updating permission view: #{e}\n#{e.backtrace.join("\n\t")}"
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list