Jon Stevens wrote:
> on 6/18/01 10:02 AM, "Dan Diephouse" <[EMAIL PROTECTED]> wrote:
>
>
>>One problem that we have run in to doing this is the large amount of
>>groups we must have. Having 500 groups with the corresponding roles and
>>permissions takes FOREVER to load from the database when the user logs
>>in. Which is why we haven't implemented it yet. We could write a fix
>>to that, but it hasn't made it high enough on the TODO list. :)
>>
>
> Yea, CollabNet has taken the roles/permissions/groups concept even further
> with several other join tables and the amount of complexity is insane.
>
> Leonard and DLR had to do all sort of "cooking" and "caching" to get any
> decent speed out of the system. I don't think it is entirely a design
> problem with the system though.
>
> -jon
I am a bit hesitant to reply without knowing too much about the system,
but would it be possible to write an ACL implementation that did not
load permissions from the database until a check was needed? That is
only when it needs to know whether I'm in group "project10001" with role
"staff" and permission "project_modify" does it check the database.
Thanks,
Dan Diephouse <http://www.compassarts.org/>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
