2021-06-01 12:20:20 +00:00
|
|
|
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
|
|
|
|
|
2021-04-22 07:17:01 +00:00
|
|
|
class SessionTimeoutJob < ApplicationJob
|
|
|
|
def perform
|
|
|
|
sessions.find_each do |session|
|
|
|
|
perform_session(session)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def perform_session(session)
|
|
|
|
return if !session.data['user_id']
|
|
|
|
|
|
|
|
user = User.find(session.data['user_id'])
|
|
|
|
return if !user
|
|
|
|
|
|
|
|
timeout = get_timeout(user)
|
|
|
|
return if session.data['ping'] > Time.zone.now - timeout.seconds
|
|
|
|
|
|
|
|
self.class.destroy_session(user, session)
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.destroy_session(user, session)
|
|
|
|
PushMessages.send_to(user.id, { event: 'session_timeout' })
|
|
|
|
session.destroy
|
|
|
|
end
|
|
|
|
|
|
|
|
def sessions
|
|
|
|
ActiveRecord::SessionStore::Session.where('updated_at < ?', Time.zone.now - config.values.map(&:to_i).min.seconds)
|
|
|
|
end
|
|
|
|
|
|
|
|
def config
|
|
|
|
Setting.get('session_timeout')
|
|
|
|
end
|
|
|
|
|
|
|
|
def get_timeout(user)
|
|
|
|
permissions = Permission.where(id: user.permissions_with_child_ids).pluck(:name)
|
|
|
|
|
|
|
|
timeout = -1
|
|
|
|
config.each do |key, value|
|
|
|
|
next if key == 'default'
|
|
|
|
next if permissions.exclude?(key)
|
|
|
|
next if value.to_i < timeout
|
|
|
|
|
|
|
|
timeout = value.to_i
|
|
|
|
end
|
|
|
|
|
|
|
|
if timeout == -1
|
|
|
|
timeout = config['default'].to_i
|
|
|
|
end
|
|
|
|
|
|
|
|
timeout
|
|
|
|
end
|
|
|
|
end
|