-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add permission check for content type filter #12953
Add permission check for content type filter #12953
Conversation
src/OrchardCore/OrchardCore.ContentManagement/ContentItemFactory.cs
Outdated
Show resolved
Hide resolved
Looks like Also the usage of Hmm, I would need to suggest a new PR, will see if I have time. |
@jtkech yes the idea is to prevent having to call all these handler when creating a content item for the sole purpose of doing a permission check. As you can see, we cache a single instance of each content type, then clone it on every request. I don't think we care to remove cache even if the content type definition is changed. Feel free to change the name in a separate PR. or let me know what you want changed and I'll adjust in a new PR |
Okay, I will let you know.
Are we sure of this? Hmm, beyond the owner if only the content type Id is important, why not using a much more simpler component without calling any handlers to create a very dummy content item. Otherwise if the definition may be important, same invalidation concern. Also maybe another name for the factory as it should be only used for authorisation checking, not in other regular contexts. Will see and let you know. |
yeah sure. we can simplify it by not using
|
Cool I like it, just let me check it a little |
Yes we have a static Okay I agree if the autorisation checking still works |
I don't even think we need to even set an ID to make it even faster |
Okay then, I let you try it and update it |
Fix #12735
In the process I added
IContentItemFactory
that would allow us to reuse dummy content items that are only used for permission check. This should help reducing the cost of events every time we create content item for just to perform a permission check.