Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

query improvements #55

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

pbr1111
Copy link

@pbr1111 pbr1111 commented Sep 16, 2024

The following changes are implemented in this PR:

  • The query that retrieves the roles of a user no longer returns all the subjects a role has been assigned to, as this could pose a security risk by exposing unnecessary information.
  • The Mappings property is no longer used outside the query and has been removed.
  • The Role Enabled property has been removed, as stores already return only enabled roles and permissions. If this behavior is incorrect, it would indicate a bug in the current code, as enabled roles are added to claims, but permissions from disabled roles are also being added to claims.
  • The queries are also changed so that they project the properties that are really needed, optimizing data retrieval and reducing memory footprint.

These changes significantly improve query performance by removing four joins (many-to-many relationships) and avoiding a cartesian explosion, which would otherwise degrade performance based on the number of users a role is assigned to.

Potential breaking change:
This could impact those who have implemented their own store and rely on Balea.Models. However, Balea Server itself remains unaffected, as it returns a custom DTO. Since Balea.Models and the DTO share the same property names, the serializer will omit any additional properties, ensuring compatibility.

Resolves #51

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Using implicit joins in FindAuthorizationAsync
1 participant