The GetEffectiveEntries method of PermissionEvaluator may cause a LockRecursionException. The reason is that the caller application may try to evaluate permissions during a callback to the application.

LockRecursionException: Recursive read lock acquisitions not allowed in this mode.
   at System.Threading.ReaderWriterLockSlim.TryEnterReadLockCore(TimeoutTracker timeout)
   at System.Threading.ReaderWriterLockSlim.TryEnterReadLock(TimeoutTracker timeout)
   at SenseNet.Security.PermissionEvaluator.GetEffectiveEntries(Int32 entityId, IEnumerable`1 relatedIdentities, Nullable`1 entryType)
   at SenseNet.ContentRepository.Storage.Security.SecurityHandler.GetPermittedLevel(Int32 nodeId, IEnumerable`1 identities) in E:\BuildAgent\_work\63\s\src\Storage\Security\SecurityHandler.cs:line 761
   at SenseNet.ContentRepository.Storage.Node.GetUserAccessLevel(NodeHead head) in E:\BuildAgent\_work\63\s\src\Storage\Node.cs:line 2070
   at SenseNet.ContentRepository.Storage.Node.LoadNode(NodeHead head, VersionNumber version) in E:\BuildAgent\_work\63\s\src\Storage\Node.cs:line 1965
   at SenseNet.Portal.Virtualization.PortalContext.LoadContextNode(NodeHead head, String versionRequest) in E:\BuildAgent\_work\63\s\src\Services\Virtualization\PortalContext.cs:line 1176

Possible solutions

1. check whether we can eliminate the recursive call in sensenet
2. allow one thread to enter the read lock recursively by creating the ReaderWriterLockSlim object using the LockRecursionPolicy parameter in the constructor.

It is a valid setup when a messaging actor only wants to receive messages, not send them - for example because it cannot access other channels and it does not want to send messages anyway. An example is the search service that should receive security messages (entity changes) but does not send anything.

In this case the system should accept a single queue configuration. Currently an exception is thrown if there is only 1 queue configured.

MsmqMessageProvider, line 53

Acceptance

It should be OK to configure only a receiver queue. In this case when the system tries to send a message, it still should result in an exception so that the operator/developer knows that something is not right.

<add key="SecurityMsmqChannelQueueName" value=".\private$\security" />

• Public API extension: subtree filtering by EntryType (HasPermission filtering is done but HasSubtreePermission filtering is missing).
• Substitute all PermissionQuery method with LINQ queries.
• Documentation with examples. See the uses cases in the unit tests of the SecurityQueryTests.cs

Create predefined all-purpose permission queries that can substitute the old queries minimally for these methods:

• GetRelatedIdentities
• GetRelatedPermissions
• GetRelatedItems
• GetRelatedIdentitiesByPermissions
• GetRelatedItemsOneLevel

• raise version numbers in projects that have changed since the last release
• update the RabbitMQ message provider nuspec file to reference the new version

When starting the search service with an empty database, we get the following error:

SqlException (0x80131904): Invalid object name 'EFMessages'
...
at System.Data.Common.DbCommand.ExecuteReader()
   at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReader(RelationalCommandParameterObject parameterObject)
   at Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.QueryingEnumerable`1.Enumerator.MoveNext()
   at System.Collections.Generic.EnumerableHelpers.ToArray[T](IEnumerable`1 source, Int32& length)
   at System.Linq.OrderedEnumerable`1.ToArray()
   at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
   at SenseNet.Security.EFCSecurityStore.SecurityStorage.GetUnprocessedActivityIds()

This is because the security system is trying to start and load permissions from the db. This should be a warning only, and the service should start anyway, because the repository install process will create those tables later.

EF Core 3.0 is needed when we use this provider in a .net core 3 environment.

Create a part of a patch for installing the feature.

• Database script that extends the security entry.
• Ensure that the original permissions are not lost but are extended by a "Normal" category.
• Ensure that the script can run only once.

Currently Storage is a static property in the MemoryDataProvider class which prevents us having multiple inmem dbs at the same time. Refactor this and the related tests so that we can use inmem dbs in parallel later.

Extend the permission entry with a predefined category.

• Every permission is in one and only one category.
• An entry can be Normal or Sharing.
• The permission evaluator methods (Assert, HasPermission...) ignores the categories.
• Query methods should use one or more categories and "both" and "none" terms.
• The component needs to be as compatible as possible with earlier versions of SenseNet.Security.

A large db size (2M entities, entries, etc.) makes system start really slow. Investigate and fix.

The cause is most likely the initial loading process and Entity Framework. (LoadAllAces)

• SecurityContext (StartTheSystem, ShutDown)
• DataHandler
• CommunicationMonitor
• SecurityActivityQueue

• SecurityContext (StartTheSystem, ShutDown)
• DataHandler
• CommunicationMonitor
• SecurityActivityQueue
• add and use new extension methods for registering services

Upgrade the main security library to netstandard, all others to .net 4.6.1.

Create queryable collections for permission entries.

• Linq queries can be used on the collections.
• There is a collection that can be used in a parent chain.
• There is a collection that can be used in a subtree.
• Each query as fast as possible.
• Queriable collections can only be used with proper permissions.
• The original PermissionQuery predefined methods need to work with EntryType.Normal only.

Add a more convenient static shutdown API, a counterpart of the StartTheSystem method.

Implement the security messaging interface (IMessageProvider) on top of the RabbitMQ service.

• Refactor current generic messaging logic to a base provider class
• RabbitMQMessageProvider project
• nuget package and TFS build
• documentation

Create predefined permission queries for the content sharing feature.

Add async methods to the security API so that implementations and clients may be more scalable.
This issue deals with the startup and db operations. Activity execution and queue are in a different story.

The security activity queue currently is not optimal, we need to make it more parallel and async so that db operations do not block threads in the application.

Integrate the SAQ prototype into the security code base.

Symptom: AclEditor's Apply method throws an exception because the used AclInfo enumerable is not serializable under the netstandard 2.0.

Bug source: AclEditor.cs line 262: _acls.Values

Hint: use .ToArray()

To convert the project to .net standard, we have to deal with the Entity Framework dependency.

Solution

Create a new db provider built on EF Core. This is a new .Net Standard project.

Stuff to read:

• https://docs.microsoft.com/en-us/ef/efcore-and-ef6/porting/
• https://docs.microsoft.com/en-us/ef/efcore-and-ef6/features

Options

• modify the current project to use EF Core (that supports NetStandard 2.0)
• keep the current project on .Net Framework and create a new project (SenseNet.Security.EFCoreSecurityStore) that uses EF Core.
• remove EF dependency (or create a new project) and substitue it with custom SQL.