Task #2366
closedAuthorization policies - use cache for evaluate permissions (loading permissions for eav attributes is slow)
100%
Description
Authorization policies are evaluated per record (entity). When form attributes are loaded for owner entity, then each attribute can be secured by owner entity permissions (by owner read / edit prmission) - owner permissions are evaluated for each attribute => it's slower by attribute count.
Use cache for evaluate permissions for entity - these will hepl for UC above and generally speed up evaluating permissions for single records.
Clear this cache, when an autorization policy is saved or deleted.
Related issues
Updated by Radek Tomiška over 4 years ago
- Status changed from New to In Progress
Updated by Radek Tomiška over 4 years ago
- Related to Task #1967: Autorization policies - apply distinct configured policies added
Updated by Radek Tomiška over 4 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Radek Tomiška to Vít Švanda
- % Done changed from 0 to 90
I've added cache usage into evaluate logged user authorization policies and permissions.
Commit:
https://github.com/bcvsolutions/CzechIdMng/commit/36bbd555dceba91b63df22950ee11f5de4b6f14f
Doc:
https://github.com/bcvsolutions/CzechIdMng/blob/develop/CHANGELOG.md#1041
Could you provide me a feedback, please?
Updated by Vít Švanda over 4 years ago
- Status changed from Needs feedback to Resolved
- Assignee changed from Vít Švanda to Radek Tomiška
- % Done changed from 90 to 100
I did review and tested it. Work fine. Thanks for that. I like new feature TTL in cache. The impact of expiration the permission cache is described in changelog, but I recomandate highlight this topic on friday presentation.
Updated by Radek Tomiška about 4 years ago
- Related to Task #2574: Local admin can't edit identity right after it's created added