Performance Issue in Statamic CMS Admin Dashboard's Asset Library for Non-Super Admin Roles

[jonrcarey]

Bug description

We have identified a critical performance issue in the Statamic CMS, particularly affecting the admin dashboard's asset library. Users assigned roles other than Super Admin experience significant delays when accessing the asset library, with load times exceeding one minute. This issue does not impact super admin users. Changing the affected user's role to Super User mitigates the problem, indicating that the issue is intricately linked to user roles and permissions.

The assets container, which employs an Amazon S3 bucket for storage, comprises approximately x folders and x files, signifying a substantial volume of data being managed. The delay has been traced back to the /admin/assets/browse/folders/assets/product-images?page=1&perPage=50&search= URL, which shows a considerable increase in response time for users without super admin privileges.

The suspected source of this delay is identified within the vendor/statamic/cms/routes/cp.php file:

Route::get('assets/browse/folders/{asset_container}/{path?}', [BrowserController::class, 'folder'])->where('path', '.*');

How to reproduce

• Log in to the Statamic CMS as a user with a role distinct from Super Admin.
• Proceed to the admin dashboard and navigate to the asset library section.
• Note the time required for the assets to load within the library interface.

Logs

No response

Environment

Environment
Application Name: xxx
Laravel Version: 10.45.1
PHP Version: 8.2.5
Composer Version: 2.7.1
Environment: local
Debug Mode: ENABLED
URL: xxx
Maintenance Mode: OFF

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED

Drivers
Broadcasting: log
Cache: chain
Database: mysql
Logs: stack / single
Mail: smtp
Queue: redis
Session: redis

Sentry
Enabled: MISSING DSN
Environment: local
Laravel SDK Version: 3.8.2
PHP SDK Version: 3.22.1
Release: 22de93c5fd5
Sample Rate Errors: 100%
Sample Rate Performance Monitoring: 100%
Sample Rate Profiling: NOT SET
Send Default PII: ENABLED

Statamic
Addons: 6
Antlers: runtime
Stache Watcher: Enabled
Static Caching: Disabled
Version: 4.40.0 PRO

Statamic Addons
aryehraber/statamic-captcha: 1.10.0
withcandour/aardvark-seo: 3.0.1
withcandour/statamic-anonymous-uploads: 0.0.4
withcandour/statamic-blog-helpers: 0.1.3
withcandour/statamic-imgix: 0.1.5
withcandour/statamic-toasty: 0.0.1

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

None

Additional details

No response

[jasonvarga]

Thanks for the info!

[strebl]

any news on this issue?

[jasonvarga]

Sorry, none yet. We'll open a PR or reply when there is. You can subscribe to the issue for updates.

[strebl]

Thank you very much for the fast response

[jasonvarga]

You can say that when the issue is resolved. 😊

[strebl]

Maybe to save you some time. After debugging it for a while, I think it's this line slowing everything down: https://github.com/statamic/cms/blob/5.x/src/Actions/ActionRepository.php#L29

[jacksleight]

Started investigating this as TV2 are experiencing the same issue. I've found the problem but I don't know what the fix is.

With asset folders four actions apply: Delete, DownloadAssetFolder, MoveAssetFolder, RenameAssetFolder, and those check the related asset folder policies. Of these the delete, move and rename policies not only check the folder's permission but also the permission of every asset inside that folder (which makes sense). For the root folder that means three permissions for every asset in the container have to be checked when loading the list. When you have a lot of assets this is obviously slow.

It's not an issue for super users as the Gate::before() closure in AuthServiceProvider immediately returns true when the root folder permission is checked, avoiding any assets being checked.

[jackmcdade]

Maybe we can defer those checks to be inside the Dropdown, modal, and batch selection states?