Portal: Optimize security helper by removing unnecessary MetaModel::GetObject() call as the check was already done by the scope query. This as significative impact on some pages.

SVN:trunk[4714]
2026-04-23 02:28:44 +02:00 · 2017-04-28 08:31:30 +00:00
parent 7bbe907edc
commit 1fe0ce5640
1 changed files with 12 additions and 31 deletions
--- a/datamodels/2.x/itop-portal-base/portal/src/helpers/securityhelper.class.inc.php
+++ b/datamodels/2.x/itop-portal-base/portal/src/helpers/securityhelper.class.inc.php
@@ -1,6 +1,6 @@
 <?php

-// Copyright (C) 2010-2015 Combodo SARL
+// Copyright (C) 2010-2017 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -68,7 +68,7 @@ class SecurityHelper
 		// Checking the scopes layer
 		// - Transforming scope action as there is only 2 values
 		$sScopeAction = ($sAction === UR_ACTION_READ) ? UR_ACTION_READ : UR_ACTION_MODIFY;
-		// - Retrieving the query
+		// - Retrieving the query. If user has no scope, it can't access that kind of objects
 		$oScopeQuery = $oApp['scope_validator']->GetScopeFilterForProfiles(UserRights::ListProfiles(), $sObjectClass, $sScopeAction);
 		if ($oScopeQuery === null)
 		{
@@ -94,34 +94,17 @@ class SecurityHelper
 				$aQueryParams['object_id'] = $sObjectId;
 				$oScopeQuery->SetInternalParams($aQueryParams);
 				unset($aQueryParams);
-			}

-			// - Checking if query result is null
-			$oSet = new DBObjectSet($oScopeQuery);
-			// Note : This is to address a bug (#R-011452). We creating an object that is the first of its class, this would failed as the scope query always return an empty set
-			//if ($oSet->Count() === 0)
-			if (($oSet->Count() === 0) && ($sObjectId !== null))
-			{
-				if ($oApp['debug'])
-				{
-					IssueLog::Info($sDebugTracePrefix . ' as there was no result for the following scope query : ' . $oScopeQuery->ToOQL(true));
-				}
-				return false;
-			}
-
-			// Checking if the cmdbAbstractObject exists if id is specified
-			if ($sObjectId !== null)
-			{
-				$oObject = MetaModel::GetObject($sObjectClass, $sObjectId, false /* MustBeFound */, $oApp['scope_validator']->IsAllDataAllowedForScope(UserRights::ListProfiles(), $sObjectClass));
-				if ($oObject === null)
-				{
-					if ($oApp['debug'])
-					{
-						IssueLog::Info($sDebugTracePrefix . ' as object doesn\'t exists');
-					}
-					return false;
-				}
-				unset($oObject);
+                // - Checking if query result is null
+                $oSet = new DBObjectSet($oScopeQuery);
+                if ($oSet->Count() === 0)
+                {
+                    if ($oApp['debug'])
+                    {
+                        IssueLog::Info($sDebugTracePrefix . ' as there was no result for the following scope query : ' . $oScopeQuery->ToOQL(true));
+                    }
+                    return false;
+                }
 			}
 		}

@@ -147,5 +130,3 @@ class SecurityHelper
 	}

 }
-
-?>