Liferay's permissions.inline.sql.check.enabled property

When searching, guest users are able to see highlighted folders, categories, and threads when they have no permission to view them.

Resolution

During search, Liferay runs a permission check on each of the results to see if the user that is searching has rights to view the result in question. If the user has the right, the result will be shown, otherwise it will not be returned.

This functionality can be configured with the permissions.inline.sql.check.enabled property, which is set to true by default. Setting the property to false, the search will return results even if the user has no view permissions on them. The portal will run a permission check should the user try to open the result, and deny access if the necessary permissions are missing.

Example: Consider executing a search that would return 500 files from the Document Library. With permissions.inline.sql.check.enabled=true, the portal will run a permission check on each of the found documents and only show those to which the user has access. If the property is set to false, all 500 files are returned and shown.

The intent of this property is to make inline permission checks configurable, thereby giving an option to trade performance for added permission checks.

这篇文章有帮助吗?
1 人中有 1 人觉得有帮助