Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-27737

Inline permission check causes exception with a high number of resource blocks

    Details

      Description

      E.g. when displaying bookmarks or documents, inline permission checking can construct queries that cause error at the database level, if there are a lot of resource blocks.

      For example when using Oracle, the below custom queries from custom-sql/portal.xml will cause "ORA-01795: maximum number of expressions in a list is 1000" if [$USER_RESOURCE_BLOCK_IDS$] or [$OWNER_RESOURCE_BLOCK_IDS$] is a list of more than 1000 resource block IDs:

      <sql id="com.liferay.portal.security.permission.InlineSQLHelper.filterByResourceBlockId">
      <![CDATA[
      WHERE
      (resourceBlockId IN ([$USER_RESOURCE_BLOCK_IDS$]))
      ]]>
      </sql>
      <sql id="com.liferay.portal.security.permission.InlineSQLHelper.filterByResourceBlockIdOwner">
      <![CDATA[
      WHERE
      (
      resourceBlockId IN ([$USER_RESOURCE_BLOCK_IDS$]) OR
      (
      ([$USER_ID_FIELD$] = [$USER_ID$]) AND
      (resourceBlockId IN ([$OWNER_RESOURCE_BLOCK_IDS$]))
      )
      )
      ]]>
      </sql>

      Solution would be to replace these lists with inline select statements.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              michael.saechang Michael Saechang
              Reporter:
              gergely.mathe Gergely Mathe (Inactive)
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                8 years, 51 weeks, 5 days ago

                  Packages

                  Version Package
                  6.1.1 CE GA2
                  6.1.20 EE GA2
                  6.2.0 CE M2