[OPENIDM-11601] OpenIDM Needs to Rework how it Queries the repo for Assignments and Roles Created: 28/Aug/18 Updated: 27/Jul/20 Resolved: 18/May/20
|Affects Version/s:||OpenIDM 5.0.0, OpenIDM 6.0.0|
|Reporter:||Jeremy Barras [X] (Inactive)||Assignee:||Dirk Hogan|
|Σ Remaining Estimate:||Not Specified||Remaining Estimate:||Not Specified|
|Σ Time Spent:||Not Specified||Time Spent:||Not Specified|
|Σ Original Estimate:||Not Specified||Original Estimate:||Not Specified|
|Sprint:||2019.16 - IDM, 2019.17 - IDM, 2020.01 - IDM, 2020.02 - IDM, 2020.03 - IDM, 2020.04 - IDM, 2020.05 - IDM, 2020.06 - IDM, 2020.07 - IDM|
|Support Ticket IDs:|
1. IDM is querying for conditional roles, individual role, and individual assignments hundreds of thousands of times each during the course of a recon (on average 8-10 queries per user). We reviewed the queries with our DBA but he wasn't able to offer any help in speeding this up.
2. When a user is being recon'd from Banner to managed/user, the onRecon.groovy script does not query for all assignments so the implicit syncs that are triggered to the downstream systems like AD have to make an additional query for their assignments.
|Comment by Rachel Louden [ 07/Sep/18 ]|
We have added a call to our update cache script for the role and assignment onPostUpdate, onPostCreate, and onPostDelete events.
|Comment by Dirk Hogan [ 27/Jul/20 ]|
Verified with the relationship_derived_virtual_props functional test suite, and the provisioning_roles test suite which contains enhanced checks to verify the correctness of effectiveRoles and effectiveAssignments, obtained both from /managed and /repo.