The UserSitemapBuilder needs to check that the current user has permission to access a page before adding it to the UserSitemap.
This is done via the UserSitemapNodeModifier and PageController.
However, each authorisation check calls the realm for the user's permissions. This is unnecessary, and could slow things down significantly when permissions need to be retrieved from an external source.
It could also cause confusion if the permissions change while the UserSitemap is being built
The
UserSitemapBuilderneeds to check that the current user has permission to access a page before adding it to theUserSitemap.This is done via the
UserSitemapNodeModifierandPageController.However, each authorisation check calls the realm for the user's permissions. This is unnecessary, and could slow things down significantly when permissions need to be retrieved from an external source.
It could also cause confusion if the permissions change while the
UserSitemapis being built