new permanent context_temp table. Update for
Oracle added, extra NOT EXISTS cluse to avoid
insertion of duplicate records in potential
concurrency and minor refinements. MDL-11347
A bit of cleanup on the SQL we use for updates. Unfortunately, MySQL
uses non-SQL-standard syntax for updates reading or updating multiple
tables. After much testing across Pg and MySQL, I boiled it down to
the minimal differences -- but we still have different SQL.
The timings for this on a large reference install, calling
build_context_path(true):
- MySQL incompatible 1s
- Petr's fixes 60s -- DB complains of too many writes
- This commit 24s -- DB complains of too many writes
Also - fixed a remaining problem with $emptyclause
Affects MDL-11347
In one tiny patch we do two things.
First, we fix the race condition around dirty context and accessdata
timestamps -- it is saner to offset the check than to offset the
recording of the change (as an earlier patch did).
On a cluster, you still need NTP.
Second, we do away with CAST(). Ideally, the values should be compared
as ints but it's hard to get a CAST() syntax that is portable enough
to work on all our supported DBs. And Eloy pointed out (and I
corroborated testing) that we'll never have problems with the string
length, as our timestamps are always 10 chars as a string... and the
day they go to 11 chars we'll hit the unix Year-2038 bug.
Blocks not on the coursepage should have their context "hanging" from the
site context. get_context_instance() was doing this correctly, but not
build_context_path().
make_context_subobj() was not providing a contextlevel property, and
no callers fetched the field. This comes from its humble origins where
it was only ever called for course objects. These days it's used in
many other situations, so this patch DTRT and
- fixes make_context_subobj() expect a cxtlevel and turn it into
contextlevel
- fixes all callers (accesslib, datalib) to provide it
The SQL query that would fetch rdefs not associated with any ra was
not being executed. Duh! For example, a user with a teacher RA sitewide
would never be affected by a role override at the category
level, because it was not being loaded into accessdata.
get_user_access_bycontext() was narrowing down too much the rdefs it
was fetching. With this patch, it now correctly retrieves the rdefs for
new roles assigned in lower contexts, and also correctly retrieves
rdefs present in the course context (fixing MDL-11220).
This also means that we now do the job in 2 DB queries (instead of 3),
and we move a bit more data, but those rows are actually needed ;-)
The initial implementation of has_cap_fad() just added the permission
values regardless of the locality of the context. This patch adds
support (read: fixes bug) for the "local context wins" rule.
Additionally, it removes a related bug where we were exiting early
if we found a CAP_PROHIBIT, ignoring the $doanything flag.
CAST() target types aren't very portable. Use DECIMAL which works
for MySQL and Pg.
DECIMAL does seem to be supported in Oracle - but the syntax seems
different. We may still need a compat function.
is_siteadmin checks a few key capabilities to suss out if the user is
an admin. The main virtue of the function is that it does not use
the accesslib infrastructure -- it reads directly from the DB, which
is useful for the 1.9 accesslib upgrade.
If we are passed an empty string for $order, still create valid
SQL. Some callers in 1.9 seem to not care about order, passing
an explicit ''. Shocking! ;-)
These references to the deprecated functions were erroring out. Remove
them.
Note however that other role related cleanups done as part of
MDL-10679 "improvement to context_rel table and load_user_capability()"
are kept.
We now populate the context.path only where it's empty,
this means that we take 0.15s instead of 0.6s. More importantly,
we avoid thrashing the DB's indexes pointlessly.
We also support Oracle and its dirty hack here.
And the function now has a $force parameter that can be used to
actually overwrite the paths/depths in case they've been corrupted.
get_assignable_roles() was calling user_can_assign() (cost of 1~2 DBq)
once-per-role. Instead, we can do a single DB query that answers
all our questions in one go.
On a Moodle w 8 roles defined, saves 19 DB queries for the course page
for teachers/admins.
NOTE NOTE NOTE! With this patch we drop the insane strip/escape bit.
Only the caller knows if this is for display on html or for other uses,
so we'll be true and not mangle the data.
A review of all callers in 1.8 shows no problem - the strings were being
strip/escaped already.
When querying capabilities of non-logged-in users, has_capability()
will now load accessdata for the subcontexts as needed.
Without this patch, below-the-course RAs and rdefs were ignored when
checking caps for a user different from $USER. I don't think it is
ever done in current moodle code, so the problem wasn't visible.
In any case - it's fixed ;-)
Both of them are dead code in 18_STABLE and HEAD. And if
role_add_lastaccess_entries() is ever used on a large site it will
hammer the DB to bits.
Remove before anyone is foolish enough to try it.
