perkeep

History

mpl 4fc061e8a2 pkg/server/app: refresh cached domain blobs on 403 To decide whether a search submitted to the app search proxy is allowed, we compare its results to the domain blobs, result of the master query, that we cache when the master query is set. However, since the results of the master query are liable to change when new blobs arrive (e.g. a new camliMember is added to the set that is published), that cache may need to be invalidated. Otherwise, we might reply with a 403 to search query that is actually allowed. Therefore, this CL adds a refresh of the cache on two instances: -When the app handler gets a search query that seems to be forbidden. Before replying with a 403, we refresh the cache with the master query, and recheck whether the search query is allowed. -When the publisher gets a request for a "members" page, or the "file" page, it preemptively asks the app handler to refresh. Now that a lot of the client workflow has been moved to javascript/the browser, these kinds of requests should not happen too often, so it seems a reasonable place to ask for a refresh. But this might change, so we should of course be careful not to flood the app handler with refresh requests in the future. In any case, the app handler is suppressing the refresh requests, so that it does not perform refreshes at more that one per minute. As a smarter approach, we could later imagine a way for the app handler to be aware of when new blobs get to the blobserver (akin to the blob hub that the sync handler uses?), so that it only ever refreshes when needed. Fixes #851 Change-Id: Idc14cce5018053deac01ec454e5c936ed93e5a05	2016-09-02 18:40:42 +02:00
..
app.go	pkg/server/app: refresh cached domain blobs on 403	2016-09-02 18:40:42 +02:00
app_test.go	pkg/server/app: improve app handling	2016-07-04 22:21:16 +02:00

mpl 4fc061e8a2 pkg/server/app: refresh cached domain blobs on 403

To decide whether a search submitted to the app search proxy is allowed,
we compare its results to the domain blobs, result of the master query,
that we cache when the master query is set.

However, since the results of the master query are liable to change when
new blobs arrive (e.g. a new camliMember is added to the set that is
published), that cache may need to be invalidated. Otherwise, we might
reply with a 403 to search query that is actually allowed.

Therefore, this CL adds a refresh of the cache on two instances:

-When the app handler gets a search query that seems to be forbidden.
Before replying with a 403, we refresh the cache with the master query,
and recheck whether the search query is allowed.

-When the publisher gets a request for a "members" page, or the "file"
page, it preemptively asks the app handler to refresh. Now that a lot of
the client workflow has been moved to javascript/the browser, these
kinds of requests should not happen too often, so it seems a reasonable
place to ask for a refresh. But this might change, so we should of
course be careful not to flood the app handler with refresh requests in
the future.

In any case, the app handler is suppressing the refresh requests, so
that it does not perform refreshes at more that one per minute.

As a smarter approach, we could later imagine a way for the app handler
to be aware of when new blobs get to the blobserver (akin to the blob
hub that the sync handler uses?), so that it only ever refreshes when
needed.

Fixes #851

Change-Id: Idc14cce5018053deac01ec454e5c936ed93e5a05

2016-09-02 18:40:42 +02:00

app.go

pkg/server/app: refresh cached domain blobs on 403

2016-09-02 18:40:42 +02:00

app_test.go

pkg/server/app: improve app handling

2016-07-04 22:21:16 +02:00