Shawn_Moore

CA Tuesday Tip: Attribute Value Protection Performance

Discussion created by Shawn_Moore Employee on Dec 14, 2010
Latest reply on Dec 14, 2010 by Chris_Hackett
CA Clarity Tuesday Tip by Shawn Moore, Sr. Principal Support Engineer for 12/14/2010

Welcome to the "Tuesday's Tips" Message Board. Each week I will share one or more technical tips on using or administering Clarity. Feel free to comment or ask questions about any my posts. Today's tips center around performance.

Occasionally we experience performance issues where a small number of users experience slowness in Clarity, but the general user population is seeing reasonable response times. Sometimes this can be due to residual attribute value protection on custom views.

Attribute value protection per view is turned on by default on object list views. This enables secured sub-pages and display condition based security. However, using these enhanced security features can increase processing and slow the display of pages that use them.

When users customize their list views a copy of the system view is used to define their customized list. The attribute value protection is carried over from the system view at this time.

If the attribute value protection is lessened at the system level to only secured sub-pages or display all records, then any previously configured views would be configured for the original attribute value protection. This can result in reports from users indicating that their list page is slow compared to other users.

i.e.

1) System view is set for secured sub-pages
2) User configures their view. (Behind the scenes a copy of the system view is associated with this user)
3) Administrator configures the system view to show all records. (no attribute value protection)
4) The configured view for the user in step 2 is still configured for secured sub-pages, since they have a copy of the original system view.

To perform a mass scan for these situations, you can run a select query against the cmn_grids table looking for customized versions of our out of box portlets.

select cg.id, cg.principal_id, csu.user_name, cg.code,cg.use_display_conds_for_security from cmn_grids cg, cmn_sec_users csu
where cg.principal_type = 'USER' and cg.use_display_conds_for_security < 2
and cg.code is not null
and cg.principal_id = csu.id

The "use_display_conds_for_security" field in cmn_grids has the following values:

0 = Use only secured sub-pages to protect attribute values on this list
1 = Use display conditions and secured sub-pages to protect attribute values on this list
2 = Display all attribute values on this list

There are a couple of options to reset the user's view to inherit the currently configured system view's value.

1) From the user's configured view, access the view's [Actions] link -> Configure -> General and choose the "Restore Defaults" option. This will only reset the one user's view.
2) To mass update all users' views, you can re-publish the view by accessing the Clarity Studio -> Objects link, then accessing the object, accessing the views link and choosing the publish option. (Note: the publish option will delete all user's customized views, so verify that this is truly what you want to do.)
3) If there are many records to reset, and neither option 1 or 2 are feasible, please contact CA Technologies Clarity Support.

After the user's view has been reset based on either of the 2 methods above, the record in the cmn_grids for the user for the view will no longer be present. However, if any new configurations to the view are done then an new copy of the system view is performed and the user will now have a view in the cmn_grids table with the attribute value protection setting of the system view.

Outcomes