Merge pull request #7973 from abollini/performance-improvements

Performance improvements
2025-10-07 10:04:21 +00:00 · 2021-10-15 14:36:19 -05:00
parent 08de317095 969a29f89e
commit e6b690a5f6
3 changed files with 19 additions and 13 deletions
--- a/dspace-api/src/main/java/org/dspace/authorize/AuthorizeServiceImpl.java
+++ b/dspace-api/src/main/java/org/dspace/authorize/AuthorizeServiceImpl.java
@@ -250,13 +250,8 @@ public class AuthorizeServiceImpl implements AuthorizeService {
        if (e != null) {
            userToCheck = e;

-            // perform isAdmin check to see
-            // if user is an Admin on this object
-            DSpaceObject adminObject = useInheritance ? serviceFactory.getDSpaceObjectService(o)
-                                                                      .getAdminObject(c, o, action) : null;
-
-            if (isAdmin(c, e, adminObject)) {
-                c.cacheAuthorizedAction(o, action, e, true, null);
+            // perform immediately isAdmin check as this is cheap
+            if (isAdmin(c, e)) {
                return true;
            }
        }
@@ -280,13 +275,15 @@ public class AuthorizeServiceImpl implements AuthorizeService {
            ignoreCustomPolicies = !isAnyItemInstalled(c, Arrays.asList(((Bundle) o)));
        }
        if (o instanceof Item) {
-            if (workspaceItemService.findByItem(c, (Item) o) != null ||
-                workflowItemService.findByItem(c, (Item) o) != null) {
+            // the isArchived check is fast and would exclude the possibility that the item
+            // is a workspace or workflow without further queries
+            if (!((Item) o).isArchived() &&
+                    (workspaceItemService.findByItem(c, (Item) o) != null ||
+                    workflowItemService.findByItem(c, (Item) o) != null)) {
                ignoreCustomPolicies = true;
            }
        }

-
        for (ResourcePolicy rp : getPoliciesActionFilter(c, o, action)) {

            if (ignoreCustomPolicies
@@ -322,6 +319,16 @@ public class AuthorizeServiceImpl implements AuthorizeService {
            }
        }

+        if (e != null) {
+            // if user is an Admin on this object
+            DSpaceObject adminObject = useInheritance ? serviceFactory.getDSpaceObjectService(o)
+                                                                      .getAdminObject(c, o, action) : null;
+
+            if (isAdmin(c, e, adminObject)) {
+                c.cacheAuthorizedAction(o, action, e, true, null);
+                return true;
+            }
+        }
        // default authorization is denial
        c.cacheAuthorizedAction(o, action, e, false, null);
        return false;
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/AdminRestPermissionEvaluatorPlugin.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/AdminRestPermissionEvaluatorPlugin.java
@@ -53,8 +53,7 @@ public class AdminRestPermissionEvaluatorPlugin extends RestObjectPermissionEval
        EPerson ePerson = null;

        try {
-            ePerson = ePersonService.findByEmail(context, (String) authentication.getPrincipal());
-
+            ePerson = context.getCurrentUser();
            if (ePerson != null) {

                //Check if user is a repository admin
--- a/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/AuthorizeServicePermissionEvaluatorPlugin.java
+++ b/dspace-server-webapp/src/main/java/org/dspace/app/rest/security/AuthorizeServicePermissionEvaluatorPlugin.java
@@ -76,7 +76,7 @@ public class AuthorizeServicePermissionEvaluatorPlugin extends RestObjectPermiss
                    return false;
                }

-                ePerson = ePersonService.findByEmail(context, (String) authentication.getPrincipal());
+                ePerson = context.getCurrentUser();

                if (dSpaceObjectService != null && dsoId != null) {
                    DSpaceObject dSpaceObject = dSpaceObjectService.find(context, dsoId);