Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-18459

OSP role-based authorization is far too inefficient

    Details

    • Type: Bug
    • Status: CLOSED
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 2.6.0, 2.7.0
    • Fix Version/s: 2.7.0
    • Component/s: OSP: Other
    • Labels:
      None

      Description

      When authorizing items such as forms or presentations, the algorithm used can be very inefficient. The WorksiteAwareAuthorizationFacade checks every site to which the viewer belongs by retrieving them from the AuthzGroupService individually. The entire set is retrieved from the database on each check, incurring a large penalty for users who belong to many sites.

      There is a kernel issue recorded as KNL-488 to offer a new method to check the user's roles more efficiently. There is a dependent patch required to OSP to take advantage of this method.

        Gliffy Diagrams

          Zeplin

            Attachments

              Issue Links

                Activity

                  People

                  Assignee:
                  noahbotimer Noah Botimer
                  Reporter:
                  noahbotimer Noah Botimer
                  Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                    Dates

                    Created:
                    Updated:
                    Resolved:

                      Git Integration