Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve isolation segments performance #2449

Merged
merged 8 commits into from Aug 16, 2021
Merged

Improve isolation segments performance #2449

merged 8 commits into from Aug 16, 2021

Conversation

philippthun
Copy link
Member

@philippthun philippthun commented Jul 29, 2021
edited

Improve performance of isolation segments endpoints by removing unnecessary calls (can_read_from_space?) and combining the loading of data with the permissions check.

Please also see the commit messages.

  • I have reviewed the contributing guide

  • I have viewed, signed, and submitted the Contributor License Agreement

  • I have made this pull request to the main branch

  • I have run all the unit tests using bundle exec rake

  • I have run CF Acceptance Tests

@philippthun
Compare space/org guids with list of readable_space|org_guids
bc51920
@philippthun
Only compare with list of readable_org_guids
09dd987 
IsolationSegmentsController.index does the same, i.e. it uses
readable_org_guids. This calls org_guids_for_roles with
ROLES_FOR_ORG_READING which contains ORG_USER.
@philippthun
Get rid of can_read_from_isolation_segment in controller
d4d22ce 
Instead of first fetching the isolation segment and then checking
permissions, do everything at once, i.e. include readable_org_guids in
the where condition.
@philippthun
Adjust specs for the isolation_segments_controller
6fafaf4 
- Remove a test that only worked due to mocking a response that would
  not have been returned otherwise.
- Add (optional) spaces parameter to stub_readable_org_guids_for; all
  parent orgs are readable as well.
@philippthun philippthun force-pushed the improve-isolation-segments-performance branch from 1981605 to 6fafaf4 Compare July 29, 2021 15:11
@philippthun philippthun marked this pull request as ready for review July 29, 2021 15:51
@philippthun
Rename readable_org_guids_for_domains to readable_org_guids_for_domai…
9bfb159 
…ns_query
@philippthun
Add readable_org_guids_query and readable_supporter_space_guids_query
4631cf2
@philippthun
Single query for fetching data and permission check
3682437 
- Include subquery for readable org guids in where condition instead of
  list of guids.
- Do the same for readable (supporter) space guids.
- Revert changes done in UserHelpers (allow_user_read_access_for and
  stub_readable_org_guids_for).
- Don't mock Permissions completely; original _query methods are
  required.
- Use set_current_user_as_role in tests instead of mocking multiple
  permission checks.
@philippthun
Fix unrelated tests by removing redundant code
f0f72c9
@sethboyles
Copy link
Member

LGTM! Thanks for the PR!

@tjvman: I did some basic acceptance to ensure reading from roles such as SpaceDeveloper still worked. Also confirmed that this change 09dd987 is not an issue as you cannot add a user as a SpaceDeveloper unless you add them as an OrgUser (or above) and you cannot remove the OrgUser role if the user has Space roles still active.

@sethboyles sethboyles merged commit 3ab48cc into cloudfoundry:main Aug 16, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@philippthun @sethboyles @cf-gitbot