continuum-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brent N Atkinson (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CONTINUUM-2761) Users with limited group visibility cause expensive queries when running build reports
Date Sat, 02 May 2015 18:29:06 GMT
Brent N Atkinson created CONTINUUM-2761:
-------------------------------------------

             Summary: Users with limited group visibility cause expensive queries when running
build reports
                 Key: CONTINUUM-2761
                 URL: https://issues.apache.org/jira/browse/CONTINUUM-2761
             Project: Continuum
          Issue Type: Bug
            Reporter: Brent N Atkinson
            Assignee: Brent N Atkinson
             Fix For: 1.5.0


As a user with limited group visibility, when running a report for ALL groups the entire result
set is queried. The results are subsequently loaded into memory and are filtered based on
their permissions. This allows the user to initiate much more expensive queries that can have
a significantly negative effect on service health.

An example: 

The guest user is granted permission to see only the Default Group, which is empty, on a server
with an extremely large number of build results in other groups. An anonymous user visits
the server and runs an open build report (ALL groups, ALL statuses).

What you would expect: The anonymous user finds exactly what is visible to them by browsing
the project group: there are no results. Because there are no results, the query is answered
quickly.

What actually happens: the entire build result table is scanned resulting in an extremely
long query (due to the large number of build results). Also, prior to the work on CONTINUUM-2746,
which uses range queries to load results in batches, this would crash the system with an {{OutOfMemoryError}}.


The essence of the issue is that users can cause an effect that is disproportional to their
privilege. Ideally, users should only be able to affect the system by accessing resources
they actually have permission to see (scanning only rows they have access to).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message