Are this package support user specific permission #2285
Answered
by
erikn69
CircleCurve
asked this question in
Q&A
-
$user->can('...') If we execute "can directives" ( policy ) , i have checked in query log and show this two query every time but not in subsequece call. This two query basically find the user permission and role. How we can cache this behaviour select `permissions`.*, `model_has_permissions`.`model_id` as `pivot_model_id`, `model_has_permissions`.`permission_id` as `pivot_permission_id`, `model_has_permissions`.`model_type` as `pivot_model_type` from `permissions` inner join `model_has_permissions` on `permissions`.`id` = `model_has_permissions`.`permission_id` where `model_has_permissions`.`model_id` = ? and `model_has_permissions`.`model_type` = ? {"bindings":[13,"App\\User"],"time":8.67}
select `roles`.*, `model_has_roles`.`model_id` as `pivot_model_id`, `model_has_roles`.`role_id` as `pivot_role_id`, `model_has_roles`.`model_type` as `pivot_model_type` from `roles` inner join `model_has_roles` on `roles`.`id` = `model_has_roles`.`role_id` where `model_has_roles`.`model_id` = ? and `model_has_roles`.`model_type` = ? {"bindings":[13,"App\\User"],"time":8.31}
//some example code
class Policy {
public function view(User $user)
{
//
if ($user->can('list-accs')) { //this
return true;
} else {
return false;
}
}
}There is some reference but it does not re-cache again when we change permission ...etc Reference Is there any idea of caching user specific permission and good fit in policy ? |
Beta Was this translation helpful? Give feedback.
Answered by
erikn69
Dec 26, 2022
Replies: 2 comments 5 replies
-
That is an expected behavior Maybe this PR helps you |
Beta Was this translation helpful? Give feedback.
5 replies
-
|
Also, i made that code a long time ago, package change a lot since that, maybe you have to change something for make it work |
Beta Was this translation helpful? Give feedback.
-
|
Try this change #1833 (comment) |
Beta Was this translation helpful? Give feedback.
-
|
Seems like still no luck. I also copy it public function load($relations)
{
Log::debug("Load relation in user.php : " . $relations);
$relations = is_string($relations) ? func_get_args() : $relations;
foreach ($relations as $i => $relation) {
$method = 'forgetModelCached' . ucfirst((string) $relation);
if (in_array($relation, ['roles', 'permissions']) && method_exists($this, $method)) {
$this->$method();
$this->loadCachedRelation($relation);
unset($relations[$i]);
}
}
return empty($relations) ? $this : parent::load($relations);
}
public function loadMissing($relations)
{
Log::debug($relations);
$relations = is_string($relations) ? func_get_args() : $relations;
foreach ($relations as $i => $relation) {
$method = 'forgetModelCached' . ucfirst((string) $relation);
Log::debug("Load missing relation inside loop: " . $relation . " method :" . $method);
if (in_array($relation, ['roles', 'permissions'])) {
Log::debug("Loading missing relation inside if : " . $relation . " method :" . $method);
$this->loadCachedRelation($relation);
unset($relations[$i]);
}
}
return empty($relations) ? $this : parent::loadMissing($relations);
}[2022-12-27 00:39:01] local.ERROR: Call to undefined method App\User::loadCachedRelation() {"userId":10,"exception":"[object] (BadMethodCallException(code: 0): Call to undefined method App\\User::loadCachedRelation() at /var/www/app/vendor/laravel/framework/src/Illuminate/Support/Traits/ForwardsCalls.php:71)
[stacktrace]
#0 /var/www/app/vendor/laravel/framework/src/Illuminate/Support/Traits/ForwardsCalls.php(36): Illuminate\\Database\\Eloquent\\Model::throwBadMethodCallException()
#1 /var/www/app/vendor/laravel/framework/src/Illuminate/Database/Eloquent/Model.php(2132): Illuminate\\Database\\Eloquent\\Model->forwardCallTo()
#2 /var/www/app/app/User.php(180): Illuminate\\Database\\Eloquent\\Model->__call()
#3 /var/www/app/vendor/spatie/laravel-permission/src/Traits/HasRoles.php(192): App\\User->loadMissing()
#4 /var/www/app/vendor/spatie/laravel-permission/src/Traits/HasPermissions.php(275): App\\User->hasRole()
#5 /var/www/app/vendor/spatie/laravel-permission/src/Traits/HasPermissions.php(167): App\\User->hasPermissionViaRole()
#6 /var/www/app/vendor/spatie/laravel-permission/src/Traits/HasPermissions.php(220): App\\User->hasPermissionTo()
#7 /var/www/app/vendor/spatie/laravel-permission/src/PermissionRegistrar.php(141): App\\User->checkPermissionTo()
#8 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(554): Spatie\\Permission\\PermissionRegistrar->Spatie\\Permission\\{closure}()
#9 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(427): Illuminate\\Auth\\Access\\Gate->callBeforeCallbacks()
#10 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(396): Illuminate\\Auth\\Access\\Gate->raw()
#11 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(342): Illuminate\\Auth\\Access\\Gate->inspect()
#12 /var/www/app/vendor/laravel/framework/src/Illuminate/Collections/Traits/EnumeratesValues.php(282): Illuminate\\Auth\\Access\\Gate->Illuminate\\Auth\\Access\\{closure}()
#13 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(343): Illuminate\\Support\\Collection->every()
#14 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Auth/Access/Authorizable.php(18): Illuminate\\Auth\\Access\\Gate->check()
#15 /var/www/app/app/Policies/CloudServiceAccPolicy.php(36): Illuminate\\Foundation\\Auth\\User->can()
#16 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(799): App\\Policies\\CloudServiceAccPolicy->view()
#17 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(752): Illuminate\\Auth\\Access\\Gate->callPolicyMethod()
#18 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(536): Illuminate\\Auth\\Access\\Gate->Illuminate\\Auth\\Access\\{closure}()
#19 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(431): Illuminate\\Auth\\Access\\Gate->callAuthCallback()
#20 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(396): Illuminate\\Auth\\Access\\Gate->raw()
#21 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(383): Illuminate\\Auth\\Access\\Gate->inspect()
#22 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Auth/Access/AuthorizesRequests.php(23): Illuminate\\Auth\\Access\\Gate->authorize()
#23 /var/www/app/app/Http/Controllers/CloudServiceAccController.php(36): App\\Http\\Controllers\\Controller->authorize()
#24 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): App\\Http\\Controllers\\CloudServiceAccController->index()
#25 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction()
#26 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\\Routing\\ControllerDispatcher->dispatch()
#27 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\\Routing\\Route->runController()
#28 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\\Routing\\Route->run()
#29 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}()
#30 /var/www/app/app/Http/Middleware/Auth/WriteToLog.php(25): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#31 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\Auth\\WriteToLog->handle()
#32 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(50): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#33 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle()
#34 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(127): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#35 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(63): Illuminate\\Routing\\Middleware\\ThrottleRequests->handleRequest()
#36 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle()
#37 /var/www/app/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(44): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#38 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Auth\\Middleware\\Authenticate->handle()
#39 /var/www/app/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php(33): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#40 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful->Laravel\\Sanctum\\Http\\Middleware\\{closure}()
#41 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#42 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle()
#43 /var/www/app/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#44 /var/www/app/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest()
#45 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Session\\Middleware\\StartSession->handle()
#46 /var/www/app/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#47 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle()
#48 /var/www/app/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#49 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle()
#50 /var/www/app/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#51 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful->Laravel\\Sanctum\\Http\\Middleware\\{closure}()
#52 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#53 /var/www/app/vendor/laravel/sanctum/src/Http/Middleware/EnsureFrontendRequestsAreStateful.php(34): Illuminate\\Pipeline\\Pipeline->then()
#54 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Laravel\\Sanctum\\Http\\Middleware\\EnsureFrontendRequestsAreStateful->handle()
#55 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#56 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\\Pipeline\\Pipeline->then()
#57 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\\Routing\\Router->runRouteWithinStack()
#58 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRoute()
#59 /var/www/app/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\\Routing\\Router->dispatchToRoute()
#60 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\\Routing\\Router->dispatch()
#61 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}()
#62 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#63 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php(31): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#64 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull->handle()
#65 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#66 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#67 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle()
#68 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#69 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle()
#70 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#71 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle()
#72 /var/www/app/vendor/fruitcake/laravel-cors/src/HandleCors.php(52): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#73 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fruitcake\\Cors\\HandleCors->handle()
#74 /var/www/app/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#75 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle()
#76 /var/www/app/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#77 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\\Pipeline\\Pipeline->then()
#78 /var/www/app/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter()
#79 /var/www/app/public/index.php(59): Illuminate\\Foundation\\Http\\Kernel->handle()
#80 {main}
"} |
Beta Was this translation helpful? Give feedback.
-
Did you add the trait? or maybe you are mixing instructions from another comment
I test it without problems |
Beta Was this translation helpful? Give feedback.
-
|
I found that relationLoaded ("roles"). It always getRelationValue($relaton) but not in relationLoaded ("permissions") Ordering in roles relation
Ordering in permissions relation
//HasPermissionsCache.php
private function getCachedPermissions(string $relation)
if ($this->relationLoaded($relation)) {
return $this->getRelationValue($relation);
}
}select `roles`.*, `model_has_roles`.`model_id` as `pivot_model_id`, `model_has_roles`.`role_id` as `pivot_role_id`, `model_has_roles`.`model_type` as `pivot_model_type` from `roles` inner join `model_has_roles` on `roles`.`id` = `model_has_roles`.`role_id` where `model_has_roles`.`model_id` in (10) and `model_has_roles`.`model_type` = ? {"bindings":["App\\User"],"time":10.3} //User.php
class User extends Authenticatable {
use HasRoles;
use HasPermissionsCache;
public function loadMissing($relations)
{
$relations = is_string($relations) ? func_get_args() : $relations;
foreach ($relations as $i => $relation) {
$method = 'forgetModelCached' . ucfirst((string) $relation);
if (in_array($relation, ['roles', 'permissions']) && method_exists($this, $method)) {
$this->loadCachedRelation($relation);
unset($relations[$i]);
}
}
return empty($relations) ? $this : parent::loadMissing($relations);
}
} |
Beta Was this translation helpful? Give feedback.
Answer selected by
CircleCurve
-
|
I have integrate with #1833 (comment) . it still hits one of the query select `roles`.*, `model_has_roles`.`model_id` as `pivot_model_id`, `model_has_roles`.`role_id` as `pivot_role_id`, `model_has_roles`.`model_type` as `pivot_model_type` from `roles` inner join `model_has_roles` on `roles`.`id` = `model_has_roles`.`role_id` where `model_has_roles`.`model_id` in (10) and `model_has_roles`.`model_type` = ? {"bindings":["App\\User"],"time":8.98} There is how i intergrate your code //user.php
use App\Traits\HasPermissionsCache;
class User extends Authenticatable
{
use HasPermissionsCache;
//
public function load($relation)
{
$method = 'forgetModelCached' . ucfirst($relation);
if (in_array($relation, ['roles', 'permissions']) && method_exists($this, $method)) {
$this->$method();
return $this->loadCachedRelation($relation);
}
return parent::load($relation);
}
}<?php
namespace App\Traits;
use Illuminate\Database\Eloquent\Collection;
use Log;
use Spatie\Permission\PermissionRegistrar;
trait HasPermissionsCache
{
protected function getPermissionCacheKey(string $relation): string
{
return sprintf(PermissionRegistrar::$cacheKey . '.' . str_replace('\\', '.', $this->getMorphClass()) . '.%d.%d.' . $relation, $this->getKey(), $this->session['empr_id'] ?? session('empr_id'));
}
private function getCachedPermissions(string $relation)
{
Log::debug("relation : " . $relation);
if ($this->relationLoaded($relation)) {
return $this->getRelationValue($relation);
}
$cache = app(PermissionRegistrar::class)->getCacheRepository();
$cacheIsTaggable = $cache->getStore() instanceof \Illuminate\Cache\TaggableStore;
$class = $relation === 'roles' ? $this->getRoleClass() : $this->getPermissionClass();
$collection = $class::hydrate(
collect(($cacheIsTaggable ? $cache->tags(['permissions']) : $cache)->remember($this->getPermissionCacheKey($relation), config('session.lifetime', 120) * 60, function () use ($relation) {
return $this->getRelationValue($relation)->map(function ($data) {
return ['i' => $data->id, 'n' => $data->name, 'g' => $data->guard_name];
})->all();
}))
->map(function ($item) {
return ['id' => $item['i'], 'name' => $item['n'], 'guard_name' => $item['g']];
})->all()
);
Log::debug("Permission key : " . $this->getPermissionCacheKey($relation));
$this->setRelation($relation, $collection);
return $collection;
}
public function getRolesAttribute(): Collection
{
return $this->getCachedPermissions('roles');
}
public function getPermissionsAttribute(): Collection
{
return $this->getCachedPermissions('permissions');
}
public function forgetModelAssignedPermissions()
{
$cache = app(PermissionRegistrar::class)->getCacheRepository();
$cache->forget($this->getPermissionCacheKey('roles'));
$cache->forget($this->getPermissionCacheKey('permissions'));
}
public static function forgetAllModelsAssignedPermissions()
{
$cache = app(PermissionRegistrar::class)->getCacheRepository();
$cacheIsTaggable = $cache->getStore() instanceof \Illuminate\Cache\TaggableStore;
if ($cacheIsTaggable) {
$cache->tags(['permissions'])->flush();
} else {
static::select((new static)->getKeyName())->get()->each(function ($model) use ($cache) {
$cache->forget($model->getPermissionCacheKey('roles'));
$cache->forget($model->getPermissionCacheKey('permissions'));
});
}
}
}This is the screenshot comes from redis
Is that i missing something ? Thanks @erikn69 for your help |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
That is an expected behavior
Maybe this PR helps you
#1392 (comment)
#1833 (comment)
#1760 (comment)