Roundup Tracker - Issues

Message8133

Author schlatterbeck
Recipients rouilj, schlatterbeck
Date 2024-10-17.14:54:16
Message-id <20241017145408.5hdjrb25vkpunxz5@runtux.com>
In-reply-to <20241017033257.364AF6A01A3@pe15.cs.umb.edu> 
On Thu, Oct 17, 2024 at 03:32:58AM +0000, John Rouillard wrote:
> 
> I did a quick instrumentation of hasPermission in my custom tracker.
> I displayed an issue index page logged in as admin with Admin role.

I'm getting things like this:

roundup.hyperdb - DEBUG - SQL 'select _time_project.id,lower(_time_project._name),(lower(_time_project._name) is not NULL) from _time_project   where _time_project.__retired__=0 order by (lower(_time_project._name) is not NULL),lower(_time_project._name),_time_project.id' ()
roundup.security - DEBUG - hasPermission: (View, 44, time_project, None, 762) (1, 5) allow
roundup.security - DEBUG - hasPermission: (View, 44, time_project, None, 199) (1, 5) allow
roundup.security - DEBUG - hasPermission: (View, 44, time_project, None, 664) (1, 5) allow
[250 more lines like this]

roundup.hyperdb - DEBUG - SQL 'select _purchase_request.id,_purchase_request._delivery_deadline,(_purchase_request._delivery_deadline is not NULL) from _purchase_request   where _purchase_request.__retired__=0 order by (_purchase_request._delivery_deadline is not NULL) desc,_purchase_request._delivery_deadline desc,_purchase_request.id' ()
roundup.security - DEBUG - hasPermission: (View, 44, purchase_request, None, 6381) (1, 5) allow
roundup.security - DEBUG - hasPermission: (View, 44, purchase_request, None, 6398) (1, 5) allow
[> 6k lines like this]

This is a user with many permissions. For another user I'm getting many of
roundup.security - DEBUG - hasPermission: (View, 833, purchase_request, None, 5946) (2, 99) deny

But this is intermixed with other SQL queries, probably because the check methods run
other sql checks.

The current problem is that users without many permissions run into uwsgi-configured
timeouts of 10 minutes for about 3000 lines.

More verbose during the purchase_request query:
roundup.hyperdb - DEBUG - SQL 'select _activity,_actor,_charge_to,_continuous_obligation,_contract_term,_creation,_creator,_date_approved,_date_ordered,_date_progress,_delivery_address,_delivery_deadline,_department,_frame_purchase,_frame_purchase_end,_gl_account,_infosec_level,_infosec_project,_intended_duration,_internal_order,_issue_ids,_organisation,_part_of_budget,_payment_type,_pr_currency,_pr_ext_resource,_pr_justification,_pr_risks,_psp_element,_purchase_risk_type,_purchase_type,_renegotiations,_renew_until,_requester,_responsible,_safety_critical,_sap_cc,_sap_reference,_status,_termination_date,_terms_conditions,_time_project,_title,_total_cost from _purchase_request where id=%s' ('5946',)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.hyperdb - DEBUG - SQL 'select _pr_approval.id from _pr_approval   where _pr_approval._purchase_request=%s and _pr_approval.__retired__=0 order by _pr_approval.id' ('5946',)
roundup.hyperdb - DEBUG - SQL 'select _activity,_actor,_by,_creation,_creator,_date,_deputy,_deputy_gets_mail,_description,_msg,_order,_purchase_request,_role,_role_id,_status,_user from _pr_approval where id=%s' ('28897',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_request_nosy where nodeid=%s' ('5946',)
roundup.hyperdb - DEBUG - SQL 'select id from _pr_status where _name=%s and __retired__=%s' ('open', 0)
roundup.security - DEBUG - hasPermission: (View, 833, purchase_request, None, 5946) (2, 99) deny
roundup.hyperdb - DEBUG - SQL 'select _activity,_actor,_charge_to,_continuous_obligation,_contract_term,_creation,_creator,_date_approved,_date_ordered,_date_progress,_delivery_address,_delivery_deadline,_department,_frame_purchase,_frame_purchase_end,_gl_account,_infosec_level,_infosec_project,_intended_duration,_internal_order,_issue_ids,_organisation,_part_of_budget,_payment_type,_pr_currency,_pr_ext_resource,_pr_justification,_pr_risks,_psp_element,_purchase_risk_type,_purchase_type,_renegotiations,_renew_until,_requester,_responsible,_safety_critical,_sap_cc,_sap_reference,_status,_termination_date,_terms_conditions,_time_project,_title,_total_cost from _purchase_request where id=%s' ('5947',)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.hyperdb - DEBUG - SQL 'select _activity,_actor,_allow_gl_account,_confidential,_creation,_creator,_description,_name,_order,_valid from _purchase_type where id=%s' ('6',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_type_pr_edit_roles where nodeid=%s' ('6',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_type_pr_roles where nodeid=%s' ('6',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_type_pr_forced_roles where nodeid=%s' ('6',)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_type_pr_view_roles where nodeid=%s' ('6',)
roundup.hyperdb - DEBUG - SQL 'select _pr_approval.id from _pr_approval   where _pr_approval._purchase_request=%s and _pr_approval.__retired__=0 order by _pr_approval.id' ('5947',)
roundup.hyperdb - DEBUG - SQL 'select _activity,_actor,_by,_creation,_creator,_date,_deputy,_deputy_gets_mail,_description,_msg,_order,_purchase_request,_role,_role_id,_status,_user from _pr_approval where id=%s' ('28898',)
roundup.hyperdb - DEBUG - SQL 'select linkid from purchase_request_nosy where nodeid=%s' ('5947',)
roundup.hyperdb - DEBUG - SQL 'select id from _pr_status where _name=%s and __retired__=%s' ('open', 0)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.hyperdb - DEBUG - SQL 'select _o_permission.id from _o_permission   where _o_permission._user=%s and _o_permission.__retired__=0 order by _o_permission.id' ('833',)
roundup.security - DEBUG - hasPermission: (View, 833, purchase_request, None, 5947) (2, 99) deny

[repeated a lot of times]

Thanks
Ralf
-- 
Dr. Ralf Schlatterbeck                  Tel:   +43/2243/26465-16
Open Source Consulting                  www:   www.runtux.com
Reichergasse 131, A-3411 Weidling       email: office@runtux.com
History
Date User Action Args
2024-10-17 14:54:16schlatterbecksetrecipients: + schlatterbeck, rouilj
2024-10-17 14:54:16schlatterbecklinkissue2551330 messages
2024-10-17 14:54:16schlatterbeckcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020