[$200] Normal user does not have permission to Challenge discussions(registered and displayed in the CHALLENGE DISCUSSIONS page)

[sdgun]

Steps
Log in from a normal user (ex- sdguntcqa/T0pc0der@123)
Go to https://vanilla.topcoder-dev.com/groups/mine?filter=challenge
Click on the listed challenge forums

The user doesn't have permission but user is registered to them

Ex group - https://vanilla.topcoder-dev.com/group/310
Above challenge's challenge details page - https://www.topcoder-dev.com/challenges/f65f8ffa-d698-4348-8213-61d5ebe8ac63

Also in the https://vanilla.topcoder-dev.com/categories/challenges-forums, it shows some number of discussions/comments but inside the categories no challenges are available

[sdgun]

This behavior is a bit weird, then I created a new challenge and registered to it from the same user, after which all the challenge forums listed in the https://vanilla.topcoder-dev.com/groups/mine?filter=challenge were accessible to this user.

However for the user sdgunvfor/T0pc0der@123 who is a copilot user still has this issue. This user sees a challenge discussion here https://vanilla.topcoder-dev.com/groups/mine?filter=challenge but doesn't have permission to it.(Challenge - https://www.topcoder-dev.com/challenges/c14c541f-c61f-4bca-ac7e-4d199f157913)

[jmgasper]

Challenge https://www.topcoder.com/challenges/79ecd8cc-0e4e-4025-b8c5-c505ff79e427 has been created for this ticket.

This is an automated message for ghostar via Topcoder X

[jmgasper]

Challenge https://www.topcoder.com/challenges/79ecd8cc-0e4e-4025-b8c5-c505ff79e427 has been assigned to obog.

This is an automated message for ghostar via Topcoder X

[atelomycterus]

@jmgasper I've checked PROD.

PROD

1. Guests. Go to Guest Role and uncheck 'Discussions.View' for default Category. 'Challenge Discussions' should be hidden.
   

[atelomycterus]

@jmgasper 2. Also check Permissions for 'Challenge Discussions' category for Guest.

[jmgasper]

@atelomycterus - Done, thanks.

[atelomycterus]

@jmgasper Please flush cache in PROD.

#DEV

1. Issue - 1
   Reason: a develop branch with Issues-381 was deployed first. GroupID is hash key in UserGroup cache, checking isMemberOf - constant-time performance O(1), not O(N).

The user doesn't have permission but user is registered to them
Ex group - https://vanilla.topcoder-dev.com/group/310
Above challenge's challenge details page - https://www.topcoder-dev.com/challenges/f65f8ffa-d698-4348-8213-61d5ebe8ac63

Now you should see:

FIX: flush cache.

[atelomycterus]

@jmgasper '/cache/flush' - Debug plugin should be enabled. ☝️

[jmgasper]

@atelomycterus - Done.

[atelomycterus]

@jmgasper

Issue -2:

Also in the https://vanilla.topcoder-dev.com/categories/challenges-forums, it shows some number of discussions/comments but inside the categories no challenges are available

I was able to reproduce it in my local env. We disabled 'FollowingCategory' (#372).
As a result, another flow is performed to determine which categories to show.
In #418 , I mentioned 'Vanilla.Categories.QueryLimit=300'.
Now it gets only the 300 records of Development Challenges. I've changed limit and tested locally, 'Development forums' has 615 categories:

Testing DEV

Logged in as 'obogtop' (normal user). I can't see some challenge categories in DEV.

[rootelement]

@atelomycterus is this issue fixed then?

[rootelement]

@sdgun please retest

[atelomycterus]

@rootelement

1. Issue-1 due to cache. @jmgasper Has flushed cache in PROD.
2. Issue-2: Need to fix Categories Controller because it displays 300 categories ( Vanilla.Categories.QueryLimit=300).
   This problem can be seen if you click on 'Development Forums' in the breadcrumbs. If you don't have access permissions for the first 300 categories in 'Development Forums', then 'no categories' is displayed. This problem has not been noticed before. There is no paging in Categories Controller.

User can see his/her challenges from 'CHALLENGE DISCUSSIONS' because it supports paging.

Temporary solution: $Configuration['Vanilla']['Categories']['QueryLimit'] = 450; The user will have access to the categories he has access to.

'450' - because 'Development Forums' has '406' categories in PROD.
I've checked PROD. Stats from PROD:
[
{
"CategoryID": 3,
"CountCategories": 406,
"Name": "Development Forums",
},
{
"CategoryID": 4,
"CountCategories": 76,
"Name": "Design Forums",
},
{
"CategoryID": 5,
"CountCategories": 42,
"Name": "Data Science Forums",
}
]

We cannot increase QueryLimit indefinitely, need to implement paging for Categories.

[atelomycterus]

@jmgasper I am trying to fix Issue-2.

The main problem is to display the categories correctly. The calculation of what permissions the user has on the category are calculated all in code, not in DB. There is a lot of logic here, because categories can be nested + users can have multiple roles.

I understand why they've added 'QueryLimit', since all calculations are done in the code. This option is good when there is very little category 10-1000 in the system. In our case, the number of categories is much larger. I remember that in the documentation or on the Vanilla blog they wrote that if there is a large number of categories, then it is recommended to use Flat (Category type= Flat). I already found it and checked how it works. The category page with paging is displayed, but checking permissions is ignored.

User doesn't have permission to view, but it's displayed.

[jmgasper]

@atelomycterus - Ok, thanks for the update.

[atelomycterus]

@jmgasper Please apply PR-#431.

Need to change category type to 'Flat' for 'Development Forums', 'Data Science Forums', and 'Design Forums'.
I fixed SQL query to support paging and Group permissions . Assuming that we have all challenge categories created by a challenge processor and tied to Group. It'll also work with regular groups.

Out category tree structure:
-Challenge Discussions (Nested)
--Development Forums (Flat).
---Challenge 1 (Nested),
---Challenge 2 (Nested)
---Challenge 3 (Nested)
---Challenge N (Nested)
--Data Science Forums (Flat)
...
--Design Forums (Flat)
....

No changes for Roundtables or other categories:
-General (Nested). The category has several categories, paging support is not required.
--Gig Work Discussions (type=discussions, paging support out of the box)
--General Discussion (type=discussions)

After changing category types, you should see a paging nav, 30 records by default,

Let me know if you have any questions.

Thanks!

[jmgasper]

@atelomycterus - I've deploy the PRs and update the settings in dev for the category type.

[jmgasper]

Payment task has been updated: https://www.topcoder.com/challenges/79ecd8cc-0e4e-4025-b8c5-c505ff79e427
Payments Complete
Winner: obog
Copilot: ghostar
Challenge 79ecd8cc-0e4e-4025-b8c5-c505ff79e427 has been paid and closed.

This is an automated message for ghostar via Topcoder X

[atelomycterus]

@jmgasper I've tested as a normal user (obogtop). It works as expected.

@atelomycterus - I've deploy the PRs and update the settings in dev for the category type.

[sdgun]

Verified from below users, and challenge forums were visible without permission issues.

sdguntcqa
sdgunvfor
pshah_customer
TopConnCustomer

[sdgun]

Verified in production.