The IsAuthorizedCache maintains a per-session cache of the boolean
responces to the methods isAuthorized($agent, $function, $qualifier) and isUserAuthorized($function, $qualifier). As these are the most common Authorization functions called, expediacy is of the utmost importance, in which this cache plays an integral part.
The IsAuthorizedCache is a singleton and should be accessed ONLY via: IsAuthorizedCache::instance();
Usage ----- The usage of this cache falls into 2 parts:
Querying Methodology -------------------- When a call to isUserAuthorized() is made the cache is checked. Cache Hit: On a cache it, the result is returned. Cache Miss: On a cache miss the queue is checked. If the Id is in the queue, it is added to the queue. The entire queue is then loaded and the [now cached] result is returned.
Cache Synchronization Methodology --------------------------------- A table, az_node_changed, is maintained containing a timestamped list of all nodes at which AZs may have changed. When node parentage is changed or an Authorization is added or removed from a node, that nodeId and its descendent's Ids are added to that table with the current timestamp.
On page-loading, a SELECT query is made of the node_changed field where the timestamp is greater than the cache-update time. Any nodes found have their caches cleared and the cache-update time is set to now.
Cache Structure --------------- The cache is a two-dimensional array with the outer elements being keyed by nodeId and the inner elements being keyed by FunctionId.
A cache hit is is made when a nodeId exists in the cache. Only TRUE booleans should be considered positive authorization. NULL, FALSE, and non-existant function values in a node array should be considered unauthorized.
Located in /harmoni/core/oki2/authorization/IsAuthorizedCache.class.php (line 74)
This is the AuthorizationCache used by the AuthorizationManager that holds the Authorization objects. It is needed as a parameter for the explicit Authorization constructor.
The configuration, taken from the AuthorizationManager
An array of string Ids of nodes which should next have AZs loaded
The constructor, use IsAuthorizedCache::instance() to access the object.
Update the last-changed timestamp for the node to be now so that the authorization system can sychronize with the new value.
Unset the cache for the the user as the user has just changed.
Answer an array of the Agent id strings that correspond to the AgentKey passed. the agent key can be an agent id string or USER.
Get the instance of the IsAuthorizedCache.
The IsAuthorizedCache class implements the Singleton pattern. There is only ever one instance of the IsAuthorizedCache object and it is accessed only via the IsAuthorizedCache::instance() method.
Given an agentId, functionId, and qualifierId returns true if the agent is authorized now to perform the Function with the Qualifier.
Given a functionId and qualifierId returns true if the user is authorized now to perform the Function with the Qualifier.
Add an array of Assets to the Queue
Add an array of Ids to the Queue
Add an id string to the Queue
Add an array of id strings to the Queue
Load all of the Authorizations for the user and cache them
Sychronize the cache. Remove any nodes from the cache whose AZs may have changed.
Documentation generated on Wed, 19 Sep 2007 10:24:42 -0400 by phpDocumentor 1.3.0RC3