[JSDSERVER-5959] ServiceDesk sd.use.search.by.permissions feature flag might cause slow user picker search

Type: Bug
Resolution: Unresolved
Priority: Low
Fix Version/s: None
Affects Version/s: 3.3.2, 3.6.2, 3.9.6, 4.5.5
Component/s: Issue View
Labels:

Support reference count:
10
Symptom Severity:
Severity 2 - Major
UIS:
4
Bug Fix Policy:
View Atlassian Server bug fix policy

Summary

Closed Access Service Desks with sd.use.search.by.permissions feature flag set (default), might have slow user picker search.
see KB for more details: Closed Access Service Desks, slow user picker search

Environment

a large number of users 10k+
The dark feature sd.use.search.by.permissions.disabled is not activated.
Closed Access ServiceDesks
- Who can raise requests? set to Customers who are added to the project.

Expected Results

User picker search is fast and doesn't have extra memory/SQL pressure

Actual Results

User picker search can be slow and have extra memory (see JSDSERVER-5958)/SQL pressure

Notes

In case of Closed Servicedesk, code takes users by permission and does additional filtering. Unfortunately, increased memory consumption (and interoperability with lazy user cache) wasn't taken into account.
Overall disabling of this feature flag doesn't affect search results but has an effect on performance. With it disabled open and closed servicedesk will go through the same execution path.

Workaround

Disable "sd.use.search.by.permissions" feature flag, see KB Closed Access Service Desks, slow user picker search

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

image-2021-05-11-16-29-05-394.png
153 kB
11/May/2021 6:29 AM

is related to

JSDSERVER-5958 High memory usage for Closed Service Desk projects with Group Anyone permission

Gathering Impact

relates to

JSDSERVER-6889 Typing query into JSD "Alert user" automation "THEN" action causes constant GC and service instability

Gathering Impact

links to

Internal ticket

mentioned in: Page Failed to load; Page Failed to load; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(4 mentioned in)

Form Name

Tripta Kaur made changes - 05/Feb/2025 12:25 AM

Remote Link

New: This issue links to "Page (Confluence)" [ 985249 ]

Craig Castle-Mead added a comment - 03/Feb/2025 3:22 AM - edited

While sd.use.search.by.permissions.disabled being enabled definitely addresses the significant performance issue for user searching, it changes the behavior of the Reporter search in an unexpected fashion, it only seems to have been tested with the Request Participant user search.

System setup:

Dark Feature "sd.use.search.by.permissions.disabled" enabled - we need this as we have numerous JSM Projects with 100,000+ customers (global service desks) and without the flag set, it takes 25+ seconds to get search results when adding a Request Participant.

With this setting:

The search that is triggered by Request Participants works as expected - the URL being /rest/servicedesk/1/servicedesk/sd-user-search/participants?projectId=12345&query=namegoeshere
However, when trying to change the Reporter, the API used is /rest/internal/2/users/reporter?maxResults=100&projectKeys=PROJ&query=namegoeshere - and this only shows users who have the "Browse Project" permission, which for us is only JSM Agents. We cannot give this permission to customers, as it'd mean they'd be able to see all of the issues, even if they weren't the reporters.

So, we are left with the choice of:

sd.use.search.by.permissions.disabled on
1. Benefit
  1. Have usable performance on SD's when customers are trying to search for participants (as expected)
2. Downside
  1. Any SD project will require entering the complete email address to change the reporter unless the user you're searching for is also a JSM Agent on that project
sd.use.search.by.permissions.disabled off
1. Benefit
  1. In SD projects, you can change reporter using the standard User search, and it'll show all customers (as expected)
2. Downside
  1. Every SD project with a "large number of users" (10K+ is the value stated on this ticket) will have unusable user search for customers due to horrifically designed SQL queries

Given JSM is constantly advertised to Enterprises, 10,000 users is so far from an expected number of users that the product should support in a much better fashion than this.

For a pretty standard use case, we shouldn't have to be picking between bad performance and bad UX,

CCM

Craig Castle-Mead added a comment - 03/Feb/2025 3:22 AM - edited While sd.use.search.by.permissions.disabled being enabled definitely addresses the significant performance issue for user searching, it changes the behavior of the Reporter search in an unexpected fashion, it only seems to have been tested with the Request Participant user search. System setup: Dark Feature "sd.use.search.by.permissions.disabled" enabled - we need this as we have numerous JSM Projects with 100,000+ customers (global service desks) and without the flag set, it takes 25+ seconds to get search results when adding a Request Participant. With this setting: The search that is triggered by Request Participants works as expected - the URL being /rest/servicedesk/1/servicedesk/sd-user-search/participants?projectId=12345&query=namegoeshere However, when trying to change the Reporter, the API used is /rest/internal/2/users/reporter?maxResults=100&projectKeys=PROJ&query=namegoeshere - and this only shows users who have the "Browse Project" permission, which for us is only JSM Agents. We cannot give this permission to customers, as it'd mean they'd be able to see all of the issues, even if they weren't the reporters. So, we are left with the choice of: sd.use.search.by.permissions.disabled on Benefit Have usable performance on SD's when customers are trying to search for participants (as expected) Downside Any SD project will require entering the complete email address to change the reporter unless the user you're searching for is also a JSM Agent on that project sd.use.search.by.permissions.disabled off Benefit In SD projects, you can change reporter using the standard User search, and it'll show all customers (as expected) Downside Every SD project with a "large number of users" (10K+ is the value stated on this ticket) will have unusable user search for customers due to horrifically designed SQL queries Given JSM is constantly advertised to Enterprises, 10,000 users is so far from an expected number of users that the product should support in a much better fashion than this. For a pretty standard use case, we shouldn't have to be picking between bad performance and bad UX, CCM

SET Analytics Bot made changes - 16/Dec/2024 2:15 AM

UIS

Original: 5

New: 4

Marc Dacanay made changes - 14/Oct/2024 10:53 PM

Labels

Original: deltaUserCache performance pse-request

New: deltaUserCache performance pse-request ril

Marc Dacanay made changes - 14/Oct/2024 10:53 PM

Remote Link

New: This issue links to "Internal ticket (Web Link)" [ 955093 ]

SET Analytics Bot made changes - 17/Aug/2024 4:05 AM

Support reference count

Original: 9

New: 10

SET Analytics Bot made changes - 20/Feb/2024 2:53 AM

UIS

Original: 6

New: 5

SET Analytics Bot made changes - 29/Nov/2023 4:03 AM

Support reference count

Original: 8

New: 9

SET Analytics Bot made changes - 12/Jan/2023 2:14 AM

UIS

Original: 7

New: 6

SET Analytics Bot made changes - 07/Dec/2022 2:12 AM

UIS

Original: 6

New: 7

Assignee:: Unassigned

Reporter:: Andriy Yakovlev [Atlassian]

Affected customers:: 14 This affects my team

Watchers:: 16 Start watching this issue

Created:: 08/Aug/2018 12:17 PM

Updated:: 05/Feb/2025 12:25 AM

Details

Description

Summary

Environment

Expected Results

Actual Results

Notes

Workaround

Attachments

Attachments

Issue Links

Forms

Activity

Collapse comment: Craig Castle-Mead added a comment - 03/Feb/2025 3:22 AM, Edited by Craig Castle-Mead - 03/Feb/2025 3:31 AM

Expand comment: Craig Castle-Mead added a comment - 03/Feb/2025 3:22 AM, Edited by Craig Castle-Mead - 03/Feb/2025 3:31 AM

People

Dates