[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: The value argument to access_allowed, acl_mask, etc.




Mark Valence wrote:
> 
> Julio-
> 
> This parameter is used in a few places.  First, if is needed when
> checking "self" rights in ACLs.

Oh, yes, "self"...

We are paying a lot for this aren't we?  I mean, send_search_entry
is going to loop over every value at every search and each of these
calls is going over the whole ACL set just to get to the precise
same <who> term in the precise same <what> access clause just so
we can do "self"...  Not that is has been a cause for worry, but
seems an area for possible optimization.  Unless we find more use
for this, of course.  Anyway, it seems a little bit overkill for
searches.

Sorry, just disgressing, I am just trying to understand all this.

> Second, it is used in ACIs that
> control access to attributes with certain values.

I am not spending much time on ACIs for the time being.

Thanks for the info,

Julio