Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-60538

Performance improvement in request access operation on a restricted page

XMLWordPrintable

      Issue Summary

      Performance improvement in request access operation on a restricted page

      Steps to Reproduce

      1. When a user click on Request access on a restricted page, Confluence runs the following query for each group that has been assgined space admin permissions 
        2020-11-25 19:59:01,775 DEBUG [http-nio-8094-exec-8] [org.hibernate.SQL] logStatement select internalus1_.user_name as col_0_0_ from cwd_membership hibernatem0_ cross join cwd_user internalus1_ cross join cwd_group internalgr2_ where hibernatem0_.child_user_id=internalus1_.id and hibernatem0_.parent_id=internalgr2_.id and (hibernatem0_.child_group_id is null) and internalgr2_.lower_group_name=? and internalgr2_.directory_id=? and internalgr2_.group_type=? order by internalus1_.lower_user_name
      2. If there are multiple very large groups added, it can result in a higher CPU utilization on the instance and DB
      3. Looking at the thread dump, the thread is busy with flushing and loading the user caches 
        http-nio-8080-exec-96 url:/confluence/res...48942/request/view username:HOE1IMB" #446 daemon prio=5 tid=0x00007f23480b2800 nid=0x72b2 runnable [0x00007f1d9b075000]
   java.lang.Thread.State: RUNNABLE
    at sun.reflect.GeneratedMethodAccessor1160.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.hibernate.property.access.spi.GetterMethodImpl.get(GetterMethodImpl.java:41)
    at org.hibernate.tuple.entity.AbstractEntityTuplizer.getPropertyValues(AbstractEntityTuplizer.java:604)
    at org.hibernate.tuple.entity.PojoEntityTuplizer.getPropertyValues(PojoEntityTuplizer.java:215)
    at org.hibernate.persister.entity.AbstractEntityPersister.getPropertyValues(AbstractEntityPersister.java:4707)
    at org.hibernate.event.internal.DefaultFlushEntityEventListener.getValues(DefaultFlushEntityEventListener.java:178)
    at org.hibernate.event.internal.DefaultFlushEntityEventListener.onFlushEntity(DefaultFlushEntityEventListener.java:135)
    at org.hibernate.event.internal.AbstractFlushingEventListener.flushEntities(AbstractFlushingEventListener.java:216)
    at org.hibernate.event.internal.AbstractFlushingEventListener.flushEverythingToExecutions(AbstractFlushingEventListener.java:85)
    at org.hibernate.event.internal.DefaultAutoFlushEventListener.onAutoFlush(DefaultAutoFlushEventListener.java:44)
    at org.hibernate.internal.SessionImpl.autoFlushIfRequired(SessionImpl.java:1389)
    at org.hibernate.internal.SessionImpl.list(SessionImpl.java:1882)
    at org.hibernate.internal.CriteriaImpl.list(CriteriaImpl.java:366)
    at org.hibernate.internal.CriteriaImpl.uniqueResult(CriteriaImpl.java:388)
    at com.atlassian.crowd.embedded.hibernate2.HibernateUserDao.lambda$internalFindUser$21(HibernateUserDao.java:559)
    at com.atlassian.crowd.embedded.hibernate2.HibernateUserDao$$Lambda$1777/720364257.doInHibernate(Unknown Source)
    at org.springframework.orm.hibernate5.HibernateTemplate.doExecute(HibernateTemplate.java:385)
    at org.springframework.orm.hibernate5.HibernateTemplate.execute(HibernateTemplate.java:337)
    at com.atlassian.crowd.embedded.hibernate2.HibernateUserDao.internalFindUser(HibernateUserDao.java:556)
    at com.atlassian.crowd.embedded.hibernate2.HibernateUserDao.internalFindByName(HibernateUserDao.java:470)
    at com.atlassian.crowd.embedded.hibernate2.HibernateUserDao.findByName(HibernateUserDao.java:457)
    at com.atlassian.confluence.user.crowd.CachedCrowdUserDao.findUserInternal(CachedCrowdUserDao.java:95)
    at com.atlassian.confluence.user.crowd.CachedCrowdUserDao.lambda$findUser$0(CachedCrowdUserDao.java:131)
    at com.atlassian.confluence.user.crowd.CachedCrowdUserDao$$Lambda$1776/501151391.get(Unknown
      4. Since request mail has to be sent to only 5 users,its seems a waste to load all the users

      This will affect our largest customers with a huge no. of groups and users

      Expected Results

      Confluence shouldn't load all users from the groups to determine 5 users to send notification to

      Actual Results

      Confluence loads all users from all the groups that have been assigned admin space permission

      Workaround

      Currently, there is no known workaround for this behavior. A workaround will be added here when available

          Form Name

            [CONFSERVER-60538] Performance improvement in request access operation on a restricted page

            Carlin added a comment -

            A fix for this issue is available to Server and Data Center customers in Confluence 7.13.3
            Upgrade now or check out the Release Notes to see what other issues are resolved.

            Carlin added a comment - A fix for this issue is available to Server and Data Center customers in Confluence 7.13.3 Upgrade now or check out the Release Notes to see what other issues are resolved.

            Sinan Yildirim added a comment -

            Why there is no fix in LTS version? Is there a plan for backwarding to 7.13?

            Sinan Yildirim added a comment - Why there is no fix in LTS version? Is there a plan for backwarding to 7.13?

            James Whitehead added a comment -

            A fix for this issue is available to Server and Data Center customers in Confluence 7.15 Upgrade now or check out the Release Notes to see what other issues are resolved.

            James Whitehead added a comment - A fix for this issue is available to Server and Data Center customers in Confluence 7.15 Upgrade now or check out the Release Notes to see what other issues are resolved.

            Minh Tran added a comment -

            A fix for this issue is available to Server and Data Center customers in Confluence 7.14.1
            Upgrade now or check out the Release Notes to see what other issues are resolved.

            Minh Tran added a comment - A fix for this issue is available to Server and Data Center customers in Confluence 7.14.1 Upgrade now or check out the Release Notes to see what other issues are resolved.

            Taco added a comment -

            The plugin already preferred contributors over space admins, so in case there were enough contributors, this would not surface. For the space admin selection I now select 100 space admins of which it will randomly take one to fill up the list to 5 or less if no available space could be found.

            the default 100 can be overridden with the property 

            confluence.request.access.space.admin.limit

            however, increasing this too much would bring the issue back.

            Taco added a comment - The plugin already preferred contributors over space admins, so in case there were enough contributors, this would not surface. For the space admin selection I now select 100 space admins of which it will randomly take one to fill up the list to 5 or less if no available space could be found. the default 100 can be overridden with the property  confluence.request.access.space.admin.limit however, increasing this too much would bring the issue back.

              3a2b001dbd04 Taco
              akotha@atlassian.com Ashish Kotha
              Affected customers:
              1 This affects my team
              Watchers:
              13 Start watching this issue

                Created:
                Updated:
                Resolved: