Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-8772

Performance hotspot in verification of project permissions

    Details

      Description

      When checking the permissions of a user on a project, all the permissions granted on all projects are loaded in memory. That was initially done on purpose in order to speed-up consecutive verifications on other projects in the same HTTP request. That does not make sense now. The web services involving multiple projects usually rely on the authorization mechanism implemented in Elasticsearch indices. When it's not the case, they should check permissions of the specified projects in a single shot.

      That implies to drop the method AuthorizationDao#selectAuthorizedRootProjectsUuids().

        Attachments

          Activity

            People

            • Assignee:
              simon.brandhof Simon Brandhof
              Reporter:
              simon.brandhof Simon Brandhof
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved: