jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tobias Bocanegra <tri...@apache.org>
Subject Re: permission store & rep:modCount
Date Wed, 05 Mar 2014 15:22:36 GMT

I looked at the problem again. Removing the mod-count improves
concurrency when writing ACLs a lot (about 2 times faster with mongo
and 20 threads). the read-performance does not suffer much with the
current tests - but then the tests might not be accurate. the
permission cache is only used to the everyone permissions, so it will
show on systems with many of those.

I also looked at jukkas approach of storing the ACLs in
content/:permissions, and it improves concurrency even more (about 3
faster times), but the read performance dropped by 50%. but this was
with a stupid algorithm.

I think that we can improve the :permissions approach, but also would
need to change the way the permissions are exposed in the API/SPI.
currently they are orthogonally provided by the PermissionProvider in
so called TreePermissions. I think it could simplify a lot, if they
would be part of the Tree API with something like
Tree.getPermissions(). but this requires more refactoring.

bottom line: for now, I'll remove the everyone cache and the mod-count
again. after the 1.0 release, we should review the permission store
and handling.

regards, toby

View raw message