Skip to content

Security should not reload files that haven't changed  #50063

New issue
New issue
Closed
#50207
Closed
Security should not reload files that haven't changed #50063
#50207
Labels
:Security/SecuritySecurity issues without another labelgood first issuelow hanging fruithelp wantedadoptme
@tvernum

Description

@tvernum
tvernum
opened on Dec 11, 2019

In security we currently monitor a set of files for changes

  • config/role_mapping.yml (or alternative configured path)
  • config/roles.yml
  • config/users
  • config/users_roles

We use the ResourceWatcherService to detect changes and then reload structures and/or clear caches.

In some cases we detect that a "file change" has resulted in no actual changes to the stored content, and do nothing, but there are cases where simply touching a file will clear caches.

It would be preferable to only clear caches if the file change actually caused some internal structure to change (e.g a user was added/removed/modified).

Metadata

Metadata

Assignees

No one assigned

    Labels

    :Security/SecuritySecurity issues without another labelgood first issuelow hanging fruithelp wantedadoptme

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions