Changeset 45

Timestamp:

08/26/06 10:30:22 (2 years ago)

Author:

johnbywater

Message:

Added major performance improvement to dm/accesscontroller.py.

• eliminated for statements (see new isRoleAuthorised() method for details)
  
  • performance of the access controller is now far more scalable
    

Changed various minor details whilst tuning performance.

Files:

• trunk/bin/domainmodel-profiletest (added)
• trunk/etc/domainmodel.conf.new (modified) (3 diffs)
• trunk/src/dm/accesscontrol.py (modified) (5 diffs)
• trunk/src/dm/db.py (modified) (9 diffs)
• trunk/src/dm/dictionary.py (modified) (1 diff)
• trunk/src/dm/dom/accesscontrol.py (modified) (6 diffs)
• trunk/src/dm/dom/base.py (modified) (3 diffs)
• trunk/src/dm/dom/builder.py (modified) (2 diffs)
• trunk/src/dm/dom/meta.py (modified) (2 diffs)
• trunk/src/dm/dom/plugin.py (modified) (1 diff)
• trunk/src/dm/dom/state.py (modified) (1 diff)
• trunk/src/dm/dom/stateful.py (modified) (1 diff)
• trunk/src/dm/testrunner.py (added)
• trunk/src/dm/view/manipulator.py (modified) (2 diffs)

trunk/etc/domainmodel.conf.new

@@ -1 +1 @@
-## Please Note: This file is a meant as a starting point for a configuration file for a
-
+#
-
-[DEFAULT]
@@ -20 +20 @@
-# plugin_data_dir:
-#  * path to plugin filesystems
-tmp/domainmodel_testing
+path/to/domainmdoel/var
-
-# domain_name:
@@ -30 +30 @@
-# log_file:
-#  * service log file
-%(system_name)s
+/path/to/domainmodel/var/log/domainmodel
-
-# level:

trunk/src/dm/accesscontrol.py

@@ -1 +1 @@
-from dm.ioc import RequiredFeature
-from dm.exceptions import *
+from dm.dictionarywords import VISITOR_NAME
-
-class AbstractAccessController(object):
@@ -10 +11 @@
-    debug      = RequiredFeature('Debug')
-
+    def __init__(self):
+        self.visitor = None
+        
+    def getVisitor(self):
+        if self.visitor == None:
+            visitorName = self.dictionary[VISITOR_NAME]
+            self.visitor = self.registry.persons[visitorName]
+        return self.visitor
+            
-    def isAuthorised(self, person=None, actionName='', protectedObject=None):
+        if not actionName:
+            return False
+        if not protectedObject:
+            return False
-        self.setPerson(person)
-
-
-
-
-
-
+
+
-        if self.hasAuthorisedRole():
-            if self.debug:
@@ -34 +44 @@
-            return False
-
-
-=
-personName = self.dictionary['visitor']
-    person = self.registry.persons[personName]
-self.person = person
+=None
+!
+self.person = person
+else:
+    self.person = self.getVisitor()
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
-        self.action = self.registry.actions[self.actionName]
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
-
-    def hasAuthorisedRole(self):
-        message = "Abstract method not implemented on: %s" % str(self)
-        raise Exception(message)
-    
+
-    def isRoleAuthorised(self, role):
+        permission = self.protectionObject.permissions[self.action]
+        if role in permission.grants:
+            if self.debug:
+                msg = "Access by role authorised: '%s' to '%s' with '%s'." % (role.name, self.actionName, self.protectedObject)
+                self.logger.debug(msg)
+            return True
+        else:
+            if self.debug:
+                msg = "Access by role not authorised: '%s' to '%s' with '%s'." % (role.name, self.actionName, self.protectedObject)
+                self.logger.debug(msg)
+            return False
+        
+    def ____isRoleAuthorised(self, role):
-        for grant in role.grants:
-            permission = grant.permission
@@ -90 +88 @@
-        return False
-        
+    def makeProtectedNames(self):
+        self.protectedNames = []
+        if self.protectedObject.__class__ == type:
+            className = self.protectedObject.__name__
+            self.protectedNames.append(className)
+        else:
+            className = self.protectedObject.__class__.__name__
+            keyValue = self.protectedObject.getRegisterKeyValue()
+            self.protectedNames.append(className + "." + str(keyValue))
+            self.protectedNames.append(className)
+        if not self.protectedNames:
+            raise "No protected names derived from protection object."
+
+    def setProtectionObject(self):
+        protectionObjects = self.registry.protectionObjects
+        for name in self.protectedNames:
+            if name in protectionObjects:
+                self.protectionObject = protectionObjects[name]
+                return
+        raise "No protection object available for %s" % self.protectedNames
+
-
-class SystemAccessController(AbstractAccessController):
@@ -95 +114 @@
-
-    def hasAuthorisedRole(self):
-        if self.isPersonBarred():
-            return False
-        if self.isPersonAuthorised():
-            return True
-        if self.isSystemRoleAuthorised():
-            return True
+        #if self.isPersonAuthorised():
+        #    return True
+        #if self.isPersonBarred():
+        #    return False
-        return False
-

trunk/src/dm/db.py

@@ -102 +102 @@
-                else:
-                    record = records
+            if debug:
+                logger.debug('Found %s record from database.' % (className))
-            return record
-        
@@ -129 +131 @@
-            recordClass = self.getRecordClass(className)
-            if self.isSelectById(kwds):
-turn
+cords =
-            elif self.isSelectByTimeInterval(kwds):
-turn
+cords =
-            else:    
-
+
+
-
-        def startsWith(self, className, value, attributeName, **kwds):
@@ -154 +157 @@
-            else:
-                records = self.getRecordClass(className).select()
+            if debug:
+                logger.debug('Listed %s records from database.' % (className))
-            return records
-       
@@ -437 +442 @@
-            loadedList = dict()
-        if not self.domainObject:
-            if debug:
-                message = "Rebuilding domain object from db record: %s" % self
-                logger.debug(message)
-            obj = self.createDomainObject() 
-            self.domainObject = obj 
-            self.domainObject.record = self
-            if debug:
-Loading from db record: %s" % self
+Record returned newly instantiated %s." % self.getClassName()
-                logger.debug(message)
-            self.loadDomainObject(loadedList, sync=False)
@@ -451 +453 @@
-                if not self.domainObject in loadedList:
-                    if debug:
-loading from db record: %s" % self
+cord loads existing %s instance with values." % self.getClassName()
-                        logger.debug(message)
-                    self.loadDomainObject(loadedList)
-                else:
-                    if debug:
-Cyclic reload avoided for db record: %s" % self
+Loaded %s record avoids loading loop." % self.getClassName()
-                        logger.debug(message)
-            else: 
-                if debug:
-Using cached db record values: %s" % self
+Record returned %s with existing values." % self.getClassName()
-                    logger.debug(message)
-        return self.domainObject
@@ -473 +475 @@
-        return domainObject
-       
+    def getClassName(self):
+        return self.__class__.__name__
+        
-    def getDomainClass(self):
-        "Returns mapper's synonymous domain model class." 
-__class__.__name__
+getClassName()
-        registry = RequiredFeature('DomainRegistry')
-        return registry.getDomainClass(className)
@@ -483 +488 @@
-        if sync:
-            if debug:
-db record with database. %s" % self
+mapper values with RDBMS."
-                logger.debug(message)
-            self.sync()
+        elif sync:
+            if debug:
+                message = "Not synchronising mapper values with RDBMS."
+                logger.debug(message)
+        if debug:
+            message = "Loading domain object values from mapper."
+            logger.debug(message)
-        self.domainObject.id = self.id
-        for metaAttr in self.meta.attributes:
@@ -501 +513 @@
-                setattr(self.domainObject, domName, mappedValue)
-        loadedList[self.domainObject] = self.domainObject
-        if debug:
-            message = "Updated domain object from db record. %s" % self
-            logger.debug(message)
-
-    def saveDomainObject(self):
-        "Sets attributes of record object from domain object."
+        isChanged = False
-        for metaAttr in self.meta.attributes:
-            isChanged = False
-            if metaAttr.isDomainObjectRef:
-                domainObject = getattr(self.domainObject, metaAttr.domName)
@@ -525 +534 @@
-                    setattr(self, metaAttr.dbName, domValue)
-                    isChanged = True
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
-
-    def coerceKwds(self, kwds):

trunk/src/dm/dictionary.py

@@ -41 +41 @@
-        self[AUTH_COOKIE_NAME]    = '%s_auth' % self[SYSTEM_NAME]
-        self[NO_AUTH_COOKIE_NAME] = '%s_no_auth' % self[SYSTEM_NAME]
+        self[LOG_LEVEL]           = 'INFO'
-
-    def makeConfigFilePath(self):

trunk/src/dm/dom/accesscontrol.py

@@ -5 +5 @@
-    "Registered granted permission. Associates a Role and a Permission."
-
-
+#
-    permission  = HasA('Permission')
-    role        = HasA('Role')
@@ -34 +34 @@
-    isConstant  = True
-    # define aggregates
-Ha
+Aggregate
-    
-    def initialise(self, register):
@@ -41 +41 @@
-        for protectionObject in self.registry.protectionObjects:  
-            self.permissions.create(protectionObject)
-
-    def delete(self):
-        # delete aggregates
-        for permission in self.permissions:  
-            permission.delete()
-        super(Action, self).delete()
-
-
@@ -55 +49 @@
-    """
-
+#    isConstant  = True
-    action           = HasA('Action')
-    protectionObject = HasA('ProtectionObject')
-HasMany('Grant', 'role')  # aggregates  
-HasMany('PersonalGrant', 'person')  # aggregates  
-HasMany('PersonalBar', 'person')  # aggregates  
+AggregatesMany('Grant', 'role')
+AggregatesMany('PersonalGrant', 'person')
+AggregatesMany('PersonalBar', 'person')
-    
-    def delete(self):
-        # delete aggregates
-        for grant in self.grants:  
-            grant.delete()
-        for personalGrant in self.personalGrants:  
-            personalGrant.delete()
-        for personalBar in self.personalBars:  
-            personalBar.delete()
-        super(Permission, self).delete()
-
-    def getLabelValue(self):
-        return "%s-%s" % (
@@ -81 +66 @@
-    "Protects a protected object with a protected name."
-
-
-
-
+
+
-
-    def isProtector(self, protectedObject):
@@ -122 +106 @@
-            self.permissions.create(action)
-
-    def delete(self):
-        # delete aggregates 
-        for permission in self.permissions:  
-            permission.delete()
-        super(ProtectionObject, self).delete()
-

trunk/src/dm/dom/base.py

@@ -124 +124 @@
-        
-    def __repr__(self):
-        count = self.count()
-        className = self.__class__.__name__
-        typeName = self.typeName
-        keyName = self.keyName
-
-
+
+
+
-
-    def retrieveItem(self, key):
@@ -406 +406 @@
-        if self.meta:
-            for attr in self.meta.attributes:
-
+
+
-        className = self.__class__.__name__
-        return "<%s id='%s'%s>" % (className, str(self.id), attrsRepr)
@@ -489 +490 @@
-            self.record = None
-
+    def purgeAggregates(self):
+        for metaAttr in self.meta.attributes:
+            if metaAttr.isAggregation():
+                if metaAttr.isList():
+                    self.purgeAggregateList(metaAttr.name)
+
+    def purgeAggregateList(self, attrName):
+        aggregateRegister = getattr(self, attrName)
+        for aggregateObject in aggregateRegister:
+            aggregateObject.purge()
+
-    def decacheItem(self):
-        for register in self.registerCache.keys():

trunk/src/dm/dom/builder.py

@@ -43 +43 @@
-        self.registry.registerDomainClass(ProtectionObject)
-
+        self.registry.grants = Grant.createRegister()
-        self.registry.roles = Role.createRegister()
-        self.registry.actions = Action.createRegister()
+        self.registry.permissions = Permission.createRegister()
-        self.registry.protectionObjects = ProtectionObject.createRegister()
-
-        self.registry.loadBackgroundRegister(self.registry.roles)
-        self.registry.loadBackgroundRegister(self.registry.actions)
-        self.registry.loadBackgroundRegister(self.registry.protectionObjects)
-
-    def loadPerson(self):
@@ -62 +63 @@
-        self.registry.registerDomainClass(PersonalBar)
-
+
-    def loadSession(self):
-        from dm.dom.session import Session

trunk/src/dm/dom/meta.py

@@ -246 +246 @@
-class DomainObjectAssociation(MetaDomainAttr):
-    "Associates domain objects with other domain objects."
+
+    def countChoices(self, domainObject):
+        if callable(self.getChoices):
+            return len(self.getChoices(domainObject))
+        else:
+            return len(self.getAssociatedObjectRegister(domainObject))
-
-    def getAllChoices(self, domainObject):
@@ -373 +379 @@
-        return True
-
+    def countChoices(self, domainObject):
+        associateRegister = self.getAssociatedObjectRegister(domainObject)
+        return len(associateRegister)
+
-    def getAllChoices(self, domainObject):
-        choices = []

trunk/src/dm/dom/plugin.py

@@ -6 +6 @@
-    return domainRegistry.projects
-
-#class Plugin(SimpleNamedObject):
-class Plugin(StandardObject):
-    "Registered plugin."

trunk/src/dm/dom/state.py

@@ -58 +58 @@
-        def purgeObject(self, object):
-            object.raisePurge()
+            object.purgeAggregates()
-            object.decacheItem()
-            object.state = None 
-            object.destroySelf()
+
+
-
-    def getBehaviour(self):

trunk/src/dm/dom/stateful.py

@@ -222 +222 @@
-        self.page = page
-        self.pageKeys = pageKeys
+
+    def countChoices(self, domainObject):
+        associateRegister = self.getAssociatedObjectRegister(domainObject)
+        return len(associateRegister)
-
-    def getAllChoices(self, domainObject):

trunk/src/dm/view/manipulator.py

@@ -84 +84 @@
-        isFieldRequired = metaAttr.isRequired
-        if metaAttr.isAssociateList:
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
-                    field_name=metaAttr.name,
-                    is_required=isFieldRequired,
-                    choices=choices,
+                    size=4,
-                )
-            else:
-                field = djangoforms.TextField(
-                    field_name=metaAttr.name,
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-                )
-        elif metaAttr.isValueObject():
@@ -109 +118 @@
-                field = djangoforms.LargeTextField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            elif metaAttr.typeName == 'Password':
-                field = djangoforms.PasswordField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            elif metaAttr.typeName == 'Integer':
-                field = djangoforms.IntegerField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            elif metaAttr.typeName == 'Url':
-                field = djangoforms.URLField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            elif metaAttr.typeName == 'DateTime':
-                field = djangoforms.DatetimeField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            elif metaAttr.typeName == 'Date':
-                field = djangoforms.DateField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-            else:
-                field = djangoforms.TextField(
-                    field_name=metaAttr.name,
-metaAttr.is
+isField
-                )
-        if field: