Roundup Tracker - Issues


Author schlatterbeck
Recipients rouilj, schlatterbeck
Date 2024-04-01.09:13:41
Message-id <>
Hmm: When there are permissions with check methods on a Class, we are checking permissions *in python* not in the database. The consequence is that we do not know at SQL time which items will be displayed.

I do have several classes with permission methods in my trackers. I've often thought about this, if it would make sense to implement permissions that can be checked at SQL time so that we do not need to filter in python. On some of my trackers filtering in python is a real performance killer because the tables are quite big...

So in a first step we may want to use your new optimized implementation only if there are no check methods.

Also the check methods are not sorted: Some users may see everything but we are sometimes checking the low-performance (method-based) checks before the lightweight checks that may permit everything for a certain role. An optimized version of the permission checks that sorts permissions by role and tries permissions without check methods first would be nice here.

Sorry for making this issue into a wishlist :-)

Date User Action Args
2024-04-01 19:55:35adminlinkissue2551330 messages
2024-04-01 09:13:41schlatterbecksetmessageid: <>
2024-04-01 09:13:41schlatterbecksetrecipients: + schlatterbeck, rouilj
2024-04-01 09:13:41schlatterbecklinkissue2551328 messages
2024-04-01 09:13:41schlatterbeckcreate