Project

General

Profile

Actions

Bug #2877

closed

access checks performed after query

Added by krileon almost 11 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Start date:
07 October 2011
Due date:
% Done:

100%

Estimated time:

Description

Access checks are being performed after the query has been made. This results in empty returns when there shouldn't be an empty return. The fix proposed is to recourse through and remove the groups they're not allowed to access, but instead taking an array of those IDs removed and re-do the query with them omitted. This causes a 2 queries where only 1 would previously be used in SOME cases, but is much more reliable.


Related issues 1 (0 open1 closed)

Related to CB GroupJive - Feature proposal #2839: display regardless of access in moduleClosedkrileon29 September 2011

Actions
Actions #1

Updated by krileon almost 11 years ago

Seams most efficient proposed fix is to apply Limit AFTER query so a full list is prepared. Otherwise a loop-through is going to be needed to keep rechecking for permissions and such, which is extremely inefficient and resulting in 2-3 times more queries. The query is broken down significantly thanks to $filtering changed to WHERE statements so performance hit should be non-existent or insignificant.

Actions #2

Updated by krileon almost 11 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Fixed by moving limits outside of the query. This will cause larger queries, but they're broken down significantly by WHERE clauses so should be fine. Am also reviewing further additions that can be made to make the queries that much smaller.

Actions #3

Updated by krileon over 10 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF