Class IsAuthorizedCache

Description

The IsAuthorizedCache maintains a per-session cache of the boolean

responces to the methods isAuthorized($agent, $function, $qualifier) and isUserAuthorized($function, $qualifier). As these are the most common Authorization functions called, expediacy is of the utmost importance, in which this cache plays an integral part.

The IsAuthorizedCache is a singleton and should be accessed ONLY via: IsAuthorizedCache::instance();

Usage ----- The usage of this cache falls into 2 parts:

  • Queuing nodes for all-at-once AZ loading.
  • Querying as to isUserAuthorized()?
Queuing Methodology ------------------ Ideally, all of the nodes at which AZs will be checked during a page-load will be added to the checking queue so that only one AZ query is needed to fetch them all. In practice the nodes needed may be queued in several chunks. The initial implementation of this caching system will have the NodeIterator adding its member Ids to the queue on its first member access.

Querying Methodology -------------------- When a call to isUserAuthorized() is made the cache is checked. Cache Hit: On a cache it, the result is returned. Cache Miss: On a cache miss the queue is checked. If the Id is in the queue, it is added to the queue. The entire queue is then loaded and the [now cached] result is returned.

Cache Synchronization Methodology --------------------------------- A table, az_node_changed, is maintained containing a timestamped list of all nodes at which AZs may have changed. When node parentage is changed or an Authorization is added or removed from a node, that nodeId and its descendent's Ids are added to that table with the current timestamp.

On page-loading, a SELECT query is made of the node_changed field where the timestamp is greater than the cache-update time. Any nodes found have their caches cleared and the cache-update time is set to now.

Cache Structure --------------- The cache is a two-dimensional array with the outer elements being keyed by nodeId and the inner elements being keyed by FunctionId.

A cache hit is is made when a nodeId exists in the cache. Only TRUE booleans should be considered positive authorization. NULL, FALSE, and non-existant function values in a node array should be considered unauthorized.

  • version: $Id: IsAuthorizedCache.class.php,v 1.8 2007/09/04 20:25:38 adamfranco Exp $
  • license: GNU General Public License (GPL)
  • copyright: Copyright © 2005, Middlebury College
  • since: 12/20/05

Located in /harmoni/core/oki2/authorization/IsAuthorizedCache.class.php (line 74)


	
			
Variable Summary
Method Summary
void dirtyNode (object Id $nodeId)
void dirtyUser ()
array getAgentIdStringArray (string $agentKey)
boolean isAuthorized (object Id $agentId, object Id $functionId, mixed $qualifierId, object Id $qualifierId )
boolean isUserAuthorized (object Id $functionId, mixed $qualifierId, object Id $qualifierId )
void queueAssetArray (array $assetArray)
void queueId (object Id $id)
void queueIdArray (array $idArray)
void queueIdString (string $idString)
void queueIdStringArray (array $idStringArray)
void _loadQueue (mixed $agentIdString)
Variables
array $_agentIdStrings (line 109)
  • since: 12/20/05
  • access: private
object AuthorizationCache $_authorizationManagerObjectCache (line 138)

This is the AuthorizationCache used by the AuthorizationManager that holds the Authorization objects. It is needed as a parameter for the explicit Authorization constructor.

  • since: 12/20/05
  • access: private
object ConfigurationProperties $_configuration (line 127)

The configuration, taken from the AuthorizationManager

  • since: 12/20/05
  • access: private
array $_queue (line 118)

An array of string Ids of nodes which should next have AZs loaded

  • since: 12/20/05
  • access: private
Methods
Constructor IsAuthorizedCache (line 150)

The constructor, use IsAuthorizedCache::instance() to access the object.

  • access: public
void IsAuthorizedCache ()
dirtyNode (line 671)

Update the last-changed timestamp for the node to be now so that the authorization system can sychronize with the new value.

  • since: 12/20/05
  • access: public
void dirtyNode (object Id $nodeId)
  • object Id $nodeId
dirtyUser (line 729)

Unset the cache for the the user as the user has just changed.

  • since: 8/7/06
  • access: public
void dirtyUser ()
getAgentIdStringArray (line 401)

Answer an array of the Agent id strings that correspond to the AgentKey passed. the agent key can be an agent id string or USER.

  • since: 5/25/06
  • access: public
array getAgentIdStringArray (string $agentKey)
  • string $agentKey
instance (line 91)

Get the instance of the IsAuthorizedCache.

The IsAuthorizedCache class implements the Singleton pattern. There is only ever one instance of the IsAuthorizedCache object and it is accessed only via the IsAuthorizedCache::instance() method.

  • static:
  • since: 5/26/05
  • access: public
object Harmoni instance ()
isAuthorized (line 285)

Given an agentId, functionId, and qualifierId returns true if the agent is authorized now to perform the Function with the Qualifier.

  • access: public
  • throws: object AuthorizationException An exception with one of the following messages defined in org.osid.authorization.AuthorizationException may be thrown: OPERATION_FAILED, PERMISSION_DENIED, CONFIGURATION_ERROR, UNIMPLEMENTED, NULL_ARGUMENT, UNKNOWN_ID
boolean isAuthorized (object Id $agentId, object Id $functionId, mixed $qualifierId, object Id $qualifierId )
  • object Id $agentId
  • object Id $functionId
  • object Id $qualifierId
isUserAuthorized (line 235)

Given a functionId and qualifierId returns true if the user is authorized now to perform the Function with the Qualifier.

  • access: public
  • throws: object AuthorizationException An exception with one of the following messages defined in org.osid.authorization.AuthorizationException may be thrown: OPERATION_FAILED, PERMISSION_DENIED, CONFIGURATION_ERROR, UNIMPLEMENTED, NULL_ARGUMENT, UNKNOWN_ID
boolean isUserAuthorized (object Id $functionId, mixed $qualifierId, object Id $qualifierId )
  • object Id $functionId
  • object Id $qualifierId
queueAssetArray (line 383)

Add an array of Assets to the Queue

  • since: 12/20/05
  • access: public
void queueAssetArray (array $assetArray)
  • array $assetArray: An array of Asset or Node objects
queueId (line 317)

Add an Id to the Queue

  • since: 12/20/05
  • access: public
void queueId (object Id $id)
  • object Id $id
queueIdArray (line 355)

Add an array of Ids to the Queue

  • since: 12/20/05
  • access: public
void queueIdArray (array $idArray)
  • array $idArray: An array of Id objects
queueIdString (line 330)

Add an id string to the Queue

  • since: 12/20/05
  • access: public
void queueIdString (string $idString)
  • string $idString
queueIdStringArray (line 369)

Add an array of id strings to the Queue

  • since: 12/20/05
  • access: public
void queueIdStringArray (array $idStringArray)
  • array $idStringArray: An array of string ids
_loadQueue (line 436)

Load all of the Authorizations for the user and cache them

  • since: 11/10/05
  • access: public
void _loadQueue (mixed $agentIdString)
_synchronizeCache (line 634)

Sychronize the cache. Remove any nodes from the cache whose AZs may have changed.

  • since: 12/20/05
  • access: public
void _synchronizeCache ()

Documentation generated on Wed, 19 Sep 2007 10:24:42 -0400 by phpDocumentor 1.3.0RC3