caching and user permissions xperience 13

Lawrence, adding a cache key per user would be normal here if you have item level security. In terms of the size of the memory required to handle that, you should most likely be fine. But if your query does return 1,000s of items at a time, or 100,000s of items and you have 1,000s or 100,000s of users that it could be something to worry about. Do you know your typical amounts for number of pages and number of users?

Per user caching works but will not easily scale. Ideally, cached data should be something that can be used by more than one user.

Is there any way you can make your content permissions based on roles? That way you can cache content based on roles instead on a per user basis.

How would i get the role info into the cache key?

this might help Reference Document Query methods see section on CheckPermissions.

Since you can't create a CMSActionContext based on a role (AFAIK), you can create a dummy user for a role, e.g. Role: Writer, DummyUser: DummyWriter and add DummyWriter to the Writer role. You can then retrieve based on the context of the DummyWriter.

It gets complicated when a user is a member of more than 1 role. You can create a DummyUser for each Role combination and then just use it.

Hi Lawrence,

I will double Brian's voice here, you should likely be okay with the memory consumption, but there are couple of extra options to consider when optimizing the memory consumed by cache:

• The main thing is to cache only necessary fields, therefore it's better to cache dry POCO objects instead of CMS objects requested via API (TreeNodes and Info objects contain a lot of system fields that you aren't using but those are cached)
• When caching info per user, consider shorter time periods for storing this cached information. The recommendation is to align this closer to the average session duration. So than when the user finishes their session, their cached information doesn't stay in memory for too long.