Hi all, Currently in AppFactory when the user logs in to Gitblit and view the repositories, Gitblit will authorize the user for each and every repo available in Gitblit server and display only the repos user is authorized to view. This authorization is performed with the use of AppFactory Gitblit plugin [1] and it makes a service call to AF (RepositoryAuthenticationService.hasAccess [2]) per each repo available in the server.
However this operation seems to be costly because we make a service call per each repo and also when the no of repos grows, it can lead to timeouts in the web view of Gitblit because of the high no of service calls (i.e repositories page). AFAIU Gitblit is calling canAccess method in AppFactoryGitBlitUserModel [3] per each repo, and therefore we will not have control over that (i.e To limit Gitblit to check access permission for only a particular set of repos)(Please correct me if I am wrong). However when doing the authorization, if we obtain the tenants that the user belongs, we can use that info to filter out the repos that should be authorized, therefore we can reduce the service calls that has to be made. WDYT..? [1] https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/appfactory/2.0.0/modules/webapps/gitbilit/appfactory-gitblit-plugin/ [2] https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/appfac/org.wso2.carbon.appfactory.repository/2.0.0/src/main/java/org/wso2/carbon/appfactory/repository/mgt/service/RepositoryAuthenticationService.java [3] https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/appfactory/2.0.0/modules/webapps/gitbilit/appfactory-gitblit-plugin/src/main/java/org/wso2/carbon/appfactory/git/AppFactoryGitBlitUserModel.java Thanks SumedhaS -- *Sumedha Kodithuwakku* Software Engineer WSO2 Inc. : wso2.com lean . enterprise . middleware Email: [email protected]; Mobile: +94 71 808 1124 Blog: http://sumedhask.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
