On 11.08.2014 18:37, Stefan Fuhrmann wrote:
> On Sun, Aug 10, 2014 at 7:05 PM, Branko Čibej <brane_at_wandisco.com
> <mailto:brane_at_wandisco.com>> wrote:
>
> On 10.08.2014 18:57, Branko Čibej wrote:
>> On 10.08.2014 16:00, stefan2_at_apache.org
>> <mailto:stefan2_at_apache.org> wrote:
>>> Author: stefan2
>>> Date: Sun Aug 10 14:00:08 2014
>>> New Revision: 1617108
>> [...]
>>> (has_matching_rule): Update to new data model - just iterate over all
>>> ACEs and handle generic ACEs as well.
>>
>> Or just use svn_authz__acl_get_access?
>
> When I wrote that code a week ago, this function didn't exist, yet :)
Ha. Maybe you should commit more often. :)
>>
>> FWIW, you should even have the get_memberships function any more.
>
> To clarify: I plan to get rid of svn_authz_tng_t::groups at some
> point. That hash is completely redundant.
>
>
> Careful! This might get us into scalability troubles. But I reserve
> judgement until you actually came forth with an implementation.
The authz_ace_t::members contains exactly the same info, except that you
don't have to look up the group name in svn_authz_tng_t::groups. Since
it both your and my way require one hash lookup to determine if a
(group) ACE pertains to a user, reversing the current groups hash to get
memberships is just a waste of cycles. The groups hash in the authz
structure actually only costs a bit of memory for the hash structure in
the result pool, but otherwise it doesn't give any benefit and I don't
believe there's any use for it. Note that I'm of course not copying
hashes around; the group hashes, user and group names are all singletons.
-- Brane
--
Branko Čibej | Director of Subversion
WANdisco | Realising the impossibilities of Big Data
e. brane_at_wandisco.com
Received on 2014-08-11 20:03:30 CEST