Help

complex ACL and performance impact?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
LiamMichael
Member II
‎10 Nov 2020 2:00 PM

complex ACL and performance impact?

Hello,

I have rather complex requirements for access rights, it will end up with lots of groups and users assigned to the node (folder) without inheritng permissions. I wonder will it affect search and retreival performance? It seems to work fine in dev environemnt with small number of folders and limited number of groups but I would like to know what happens when repository starts to grow? I am worried that permision evaluation may impact performance.

Is there any general recomendation to stay on the safe side?

Thank you!

Tweakbox Appvalley https://vlc.onl/
Labels
0 Kudos
Reply
1 Reply
abhinavmishra14
Moderator
Moderator
‎10 Nov 2020 2:43 PM

Re: complex ACL and performance impact?

"It is a best practice to not break the inheritance as much as possible"

It will eventually impact the search performance as your list grows. Limiting number of users to a group and add groups may be helpful in your case. You should prefer to do a round testing with N set of users/groups and measure the impact before deciding to take this approach to production system. 

Huge number of users/groups without inheritance can even cause acl trackers to fail as well due to heavy payload being sent to solr nodes. 

 @angelborroy   @afaust  Can provide better details

 

~Abhinav
(ACSCE, AWS SAA-C02, GAIQ)
Reply
Alfresco Content Services Forum

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.