Bug #2877


access checks performed after query

Added by krileon over 12 years ago. Updated over 12 years ago.

Target version:
Start date:
07 October 2011
Due date:
% Done:


Estimated time:


Access checks are being performed after the query has been made. This results in empty returns when there shouldn't be an empty return. The fix proposed is to recourse through and remove the groups they're not allowed to access, but instead taking an array of those IDs removed and re-do the query with them omitted. This causes a 2 queries where only 1 would previously be used in SOME cases, but is much more reliable.

Related issues 1 (0 open1 closed)

Related to CB GroupJive - Feature proposal #2839: display regardless of access in moduleClosedkrileon29 September 2011

Actions #1

Updated by krileon over 12 years ago

Seams most efficient proposed fix is to apply Limit AFTER query so a full list is prepared. Otherwise a loop-through is going to be needed to keep rechecking for permissions and such, which is extremely inefficient and resulting in 2-3 times more queries. The query is broken down significantly thanks to $filtering changed to WHERE statements so performance hit should be non-existent or insignificant.

Actions #2

Updated by krileon over 12 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Fixed by moving limits outside of the query. This will cause larger queries, but they're broken down significantly by WHERE clauses so should be fine. Am also reviewing further additions that can be made to make the queries that much smaller.

Actions #3

Updated by krileon over 12 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF