fix(media-protection): invalidate authorization cache when media is protected#3194
Open
faisalahammad wants to merge 1 commit into
Open
fix(media-protection): invalidate authorization cache when media is protected#3194faisalahammad wants to merge 1 commit into
faisalahammad wants to merge 1 commit into
Conversation
…rotected - Switch wp_cache_add to wp_cache_set in is_authorized_to_view() to overwrite stale sentinel values from persistent object caches like Object Cache Pro. - Add invalidate_authorization_cache() helper and call it from add_authorization_meta_to_media_post() to clear the current user's cache immediately when protection state changes. - Call invalidation from classic editor save (move_attachment_to_protected_dir) and REST API update callback for belt-and-suspenders. - Ensure 'null' sentinel cache uses the same expiration filter as boolean results. Fixes gocodebox#3167
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Media protection URL rewriting was broken when a persistent object cache (like Object Cache Pro) is active. The authorization result for an attachment is cached per
(media_id, user_id)withwp_cache_add(), so once an unprotected attachment is viewed its'null'sentinel stays in cache and never gets overwritten when the file is later protected. This fix switches the writes towp_cache_set()and explicitly invalidates the current user's cache whenever a media file is moved into the protected directory.Fixes #3167
Changes
includes/class-llms-media-protector.phpBefore:
After:
Why:
wp_cache_add()only writes when the key is missing. With a persistent object cache the'null'sentinel from the first unprotected view survives across requests, sois_authorized_to_view()keeps returning the old value after the file is protected.wp_cache_set()overwrites the cache with the current state.Also added
invalidate_authorization_cache()and hooked it intoadd_authorization_meta_to_media_post()so the cache is cleared when the protection meta is added.includes/admin/class-llms-admin-media-protection-attachment-settings.phpAfter: after a successful move to the protected directory, call
$protector->invalidate_authorization_cache( $attachment_id ).Why: clears the current user's cached authorization immediately so the next
wp_get_attachment_url()call returns the protected URL.includes/class-llms-rest-fields.phpAfter: in the REST
update_callbackfor_llms_media_protection_product_id, after a successful move call$protector->invalidate_authorization_cache( $object->ID ).Why: the block-editor protection modal uses the REST endpoint, so the classic-admin path alone did not cover it.
tests/phpunit/unit-tests/class-llms-test-media-protector.phpNew tests covering:
invalidate_authorization_cache()deletes the cache for the supplied user and defaults to the current user.add_authorization_meta_to_media_post()clears the cached authorization.is_authorized_to_view()overwrites a stale'null'cache entry..changelogs/3167.ymlPatch-level changelog entry for the fix.
Testing
Test 1: Protect an unprotected image with Object Cache Pro active
/wp-content/uploads/...URL.https://example.com/?llms_media_id={ID}.Result: Works as expected.
Test 2: Re-protect an already protected media file
Result: Works as expected.
Test 3: Without object cache
object-cache.phpdrop-in.Result: Same behavior, no regression.
Automated tests
Result: OK (4 tests, 10 assertions).