trial

47997126 · Henrik tom Wörden · e70bbafc · 47997126
Commit 47997126 authored Apr 17, 2022 by Henrik tom Wörden
--- a/src/main/java/org/caosdb/server/query/Query.java
+++ b/src/main/java/org/caosdb/server/query/Query.java
@@ -33,9 +33,9 @@ import java.sql.Statement;
 import java.sql.Types;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Comparator;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
@@ -694,8 +694,6 @@ public class Query implements QueryInterface, ToElementable, TransactionInterfac
      this.cached = true;
    }

-    this.resultSet = filterEntitiesWithoutRetrievePermission(this.resultSet);
-
    // Fill resulting entities into container
    if (this.container != null && this.type == Type.FIND) {
      for (final IdVersionPair p : this.resultSet) {
@@ -749,7 +747,10 @@ public class Query implements QueryInterface, ToElementable, TransactionInterfac

  protected void executeNoCache(final Access access) {
    try {
-      this.resultSet = getResultSet(executeStrategy(this.versioned), this.versioned);
+      final String tabname = executeStrategy(this.versioned);
+      filterEntitiesWithoutRetrievePermission(tabname);
+
+      this.resultSet = getResultSet(tabname, this.versioned);
    } finally {
      cleanUp();
    }
@@ -793,66 +794,77 @@ public class Query implements QueryInterface, ToElementable, TransactionInterfac
   * @throws SQLException
   * @throws TransactionException
   */
-  public void filterEntitiesWithoutRetrievePermission(final String resultSet)
-      throws SQLException, TransactionException {
+  public void filterEntitiesWithoutRetrievePermission(final String resultSet) {
    if (!filterEntitiesWithoutRetrievePermisions) {
      return;
    }
    cachable = false;
    try (final Statement stmt = this.getConnection().createStatement()) {
-      final ResultSet rs = stmt.executeQuery("SELECT id from `" + resultSet + "`");
+      // final ResultSet rs = stmt.executeQuery("SELECT id from `" + resultSet + "`");
+
+      String logstr = "";
+      final String query =
+          ("SELECT t1.id, entity_acl.acl from (select entities.id, entities.acl from entities where id in (select id from `"
+              + resultSet
+              + "`) ) as t1 inner join entity_acl on t1.acl=entity_acl.id;");
+      logstr += "SQL query: " + query + "\n";
+      long begin_t = System.currentTimeMillis();
+
+      final ResultSet rs = stmt.executeQuery(query);
+      final HashMap<String, Boolean> acl_cache = new HashMap<String, Boolean>();
      final List<Integer> toBeDeleted = new LinkedList<Integer>();
+      final List<Integer> allrs = new ArrayList<Integer>();
+      logstr += "Got rs: " + (System.currentTimeMillis() - begin_t) + " s\n";
+      long count = 0;
+
+      long count2 = 0;
+      // @todo here, we must operate on sql site. only retrieve different permissions
      while (rs.next()) {
        final long t1 = System.currentTimeMillis();
        final Integer id = rs.getInt("id");
-        if (id > 99
-            && !execute(new RetrieveSparseEntity(id, null), this.getAccess())
-                .getEntity()
-                .getEntityACL()
-                .isPermitted(this.getUser(), EntityPermission.RETRIEVE_ENTITY)) {
+        if (id <= 99) {
+          continue;
+        }
+        count2 += 1;
+
+        allrs.add(id);
+        final String acl_str = bytes2UTF8(rs.getBytes("ACL"));
+        if (!acl_cache.containsKey(acl_str)) {
+          count += 1;
+          acl_cache.put(
+              acl_str,
+              EntityACL.deserialize(acl_str)
+                  .isPermitted(this.getUser(), EntityPermission.RETRIEVE_ENTITY));
+        }
+
+        if (!acl_cache.get(acl_str)) {
          toBeDeleted.add(id);
        }
+
        final long t2 = System.currentTimeMillis();
        this.addBenchmark("filterEntitiesWithoutRetrievePermission", t2 - t1);
      }
+      logstr += "done with looking up acl: " + (System.currentTimeMillis() - begin_t) + " s\n";
+
+      allrs.sort(Comparator.naturalOrder());
+      logstr += "iterations: " + count + "\n";
+      logstr += "iterations: " + count2 + "\n";
+
+      logstr += "Full time: " + (System.currentTimeMillis() - begin_t) + "\n";
+
+      this.logger.warn(logstr);
+
      rs.close();
      for (final Integer id : toBeDeleted) {
        stmt.execute("DELETE FROM `" + resultSet + "` WHERE id = " + id);
      }
-    }
-  }
-
-  /**
-   * Filter out all entities which may not be retrieved by this user due to a missing RETRIEVE
-   * permission. This one is for the filtering of the final result set and not for the filtering of
-   * any intermediate results.
-   *
-   * @param entities
-   * @throws TransactionException
-   * @return the filtered list.
-   */
-  private List<IdVersionPair> filterEntitiesWithoutRetrievePermission(
-      final List<IdVersionPair> entities) throws TransactionException {
-    if (!filterEntitiesWithoutRetrievePermisions) {
-      return entities;
-    }

-    final List<IdVersionPair> result = new ArrayList<>();
-    final Iterator<IdVersionPair> iterator = entities.iterator();
-    while (iterator.hasNext()) {
-      final long t1 = System.currentTimeMillis();
-      final IdVersionPair next = iterator.next();
-      if (next.id > 99
-          && execute(new RetrieveSparseEntity(next.id, next.version), getAccess())
-              .getEntity()
-              .getEntityACL()
-              .isPermitted(getUser(), EntityPermission.RETRIEVE_ENTITY)) {
-        result.add(next);
-      }
-      final long t2 = System.currentTimeMillis();
-      addBenchmark("filterEntitiesWithoutRetrievePermission", t2 - t1);
+    } catch (SQLException e1) {
+      // TODO Auto-generated catch block
+      e1.printStackTrace();
+    } catch (final TransactionException e) {
+      this.logger.warn("Error in result filter");
    }
-    return result;
  }

  @Override