Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-20475

Improve performance of DefaultSpacePermissionManager#hasPermissionViaGroups by reversing the way permissions are checked.

    XMLWordPrintable

Details

    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      When Confluence checks permissions at the group level, it retrieves all the groups a user is a member of, then looks for a matching permission against each of those groups. This performs terribly when the user is a member of a large number of groups.

      Performance would almost always be better, or at least be much more predictable if you grab all the group-level permissions for the space, then perform memberOf() checks against the user for each group. (Especially in situations like LDAP where memberOf() is really cheap, but getting all groups for a user is painfully expensive)

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-11926 LDAP performance degrades the more LDAP groups a user belongs too

          • Low - Low priority issues
          • Closed

          Activity

            People

              matt@atlassian.com Matt Ryall
              cmiller CharlesA
              Votes:
              7 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: