[web2py] Re: session always written if auth.user_groups is accessed

Mon, 14 Mar 2016 15:16:33 -0700 

On Monday, March 14, 2016 at 10:08:34 PM UTC+1, Anthony wrote:
>
> On Monday, March 14, 2016 at 4:14:42 PM UTC-4, Alex wrote:
>>
>> no, I don't have response.toolbar in my view. The issue should be 
>> reproducible with the code snippet above - assuming you are logged in and 
>> have a membership (i.e. auth.user_groups has at least one item).
>>
>
> It's true that you code does result in the two pickles not being 
> equivalent. However, at least for me, merely iterating over 
> auth.user_groups does *not* result in the session file being overwritten 
> on each request. However, the session file is overwritten on each request 
> when response.toolbar() is included (more specifically, when 
> BEAUTIFY(session) is serialized in the view -- no idea why that has an 
> effect, though).
>
> Anthony
>

If the two pickles are different it should result in the session being 
written. If you try this code:

if auth.user_id:

    import cPickle as pickle

    unchanged1 = session._unchanged(response)

    session_pickled1 = pickle.dumps(session, pickle.HIGHEST_PROTOCOL)
    for role in auth.user_groups.itervalues():
        continue
    session_pickled2 = pickle.dumps(session, pickle.HIGHEST_PROTOCOL)
    eq = (session_pickled1 == session_pickled2)

    unchanged2 = session._unchanged(response)


unchanged1 should be True and unchanged2 False. And if the session is not 
unchanged it will be written (gluon/globals.py), depending on the session 
type. E.g. in _try_store_in_file for file sessions there is the following 
check

if (not response.session_id or self._forget
        or self._unchanged(response)):


which returns False, thus the session will be written

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to