From 8bc3ded20b4d8957133b498bdbe8930e6f9c69a4 Mon Sep 17 00:00:00 2001
From: Dominique Fournier <dominique@fournier38.fr>
Date: Fri, 21 Aug 2015 08:18:25 +0000
Subject: [PATCH] authzgroups : if the provided object start by a slash, don't
 add it. authzgroups : add a local cache in the object, for the userrightsget,
 to not access to the database each time

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2265 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
---
 authzgroups.php | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/authzgroups.php b/authzgroups.php
index 68a535c..deb5466 100644
--- a/authzgroups.php
+++ b/authzgroups.php
@@ -16,6 +16,8 @@ class authzgroups
   private $dbGroupMember = null;
   private $dbRight = null;
   public $debug = 0;
+  /** A local cache of the rights if multiple tests are needed */
+  private $rightCache = null;
 
   /////////////////////
   //   USER RIGHTS   //
@@ -27,6 +29,8 @@ class authzgroups
   {
 //    if (isset ($_SESSION["domframework"]["authzgroups"][$module][$user]))
 //      return $_SESSION["domframework"]["authzgroups"][$module][$user];
+    if ($this->rightCache !== null)
+      return $this->rightCache;
     if ($this->dbObject == null)
       throw new Exception (dgettext ("domframework",
                                      "DB for Object is not connected"), 500);
@@ -88,6 +92,7 @@ class authzgroups
     }
     if (isset ($_SESSION))
       $_SESSION["domframework"]["authzgroups"][$module][$user] = $res;
+    $this->rightCache = $res;
     return $res;
   }
 
@@ -137,10 +142,11 @@ class authzgroups
     if ($object === null || ! is_string ($object))
       throw new Exception ("Object not provided to authzgroups\\accessRight",
                            500);
-    if ($object === "/") $object = "";
-    $rc = $this->allow ($module, $user, "/$object");
+    if ($object{0} !== "/")
+      $object = "/$object";
+    $rc = $this->allow ($module, $user, "$object");
     if ($this->debug)
-      trigger_error ("authzgroups : accessRight ('$module','$user','/$object')".
+      trigger_error ("authzgroups : accessRight ('$module','$user','$object')".
                    "=$rc", E_USER_NOTICE);
     if ($rc !== "NO")
       return TRUE;
@@ -166,10 +172,11 @@ class authzgroups
     if ($object === null || ! is_string ($object))
       throw new Exception ("Object not provided to authzgroups\\accessWrite",
                            500);
-    if ($object === "/") $object = "";
-    $rc = $this->allow ($module, $user, "/$object");
+    if ($object{0} !== "/")
+      $object = "/$object";
+    $rc = $this->allow ($module, $user, $object);
     if ($this->debug)
-      trigger_error ("authzgroups : accessWrite ('$module','$user','/$object')".
+      trigger_error ("authzgroups : accessWrite ('$module','$user','$object')".
                    "=$rc", E_USER_NOTICE);
     if ($rc === "RW")
       return TRUE;
@@ -196,11 +203,12 @@ class authzgroups
     if ($object === null || ! is_string ($object))
       throw new Exception ("Object not provided to authzgroups\\accessReadOnly",
                            500);
-    if ($object === "/") $object = "";
-    $rc = $this->allow ($module, $user, "/$object");
+    if ($object{0} !== "/")
+      $object = "/$object";
+    $rc = $this->allow ($module, $user, $object);
     if ($this->debug)
       trigger_error ("authzgroups : accessReadOnly ('$module','$user',".
-                   "'/$object')" ."=$rc", E_USER_NOTICE);
+                   "'$object')" ."=$rc", E_USER_NOTICE);
     if ($rc === "RO")
       return TRUE;
     if ($user === "anonymous")