I have rather complex requirements for access rights, it will end up with lots of groups and users assigned to the node (folder) without inheritng permissions. I wonder will it affect search and retreival performance? It seems to work fine in dev environemnt with small number of folders and limited number of groups but I would like to know what happens when repository starts to grow? I am worried that permision evaluation may impact performance.
Is there any general recomendation to stay on the safe side?
Yes I think seting up lots of specific permissions for users or groups at a folder level without inheritng permissions will impact performance. You'd better try to optimize your ACL policy, try to re-use your Acls, use inherit and use groups as much as possible.