perf: optimize ACL role lookups with Map indexes and caching#2983
Open
msotnikov wants to merge 2 commits intographile:mainfrom
Open
perf: optimize ACL role lookups with Map indexes and caching#2983msotnikov wants to merge 2 commits intographile:mainfrom
msotnikov wants to merge 2 commits intographile:mainfrom
Conversation
Replace O(n) linear scans in getRole(), getRoleByName(), and expandRoles() with Map-based lookups. Add WeakMap caches keyed by introspection object for role-by-id, role-by-name, auth_members-by-member-id indexes, and expandRoles results. This significantly improves performance for schemas with many roles, where these functions are called repeatedly during introspection.
🦋 Changeset detectedLatest commit: 86aab72 The changes in this PR will be included in the next version bump. This PR includes changesets to release 6 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replace O(n) linear scans in
getRole(),getRoleByName(), andexpandRoles()with Map-based lookups. Add WeakMap caches keyed by introspection object for role-by-id, role-by-name,auth_members-by-member-id indexes, and
expandRolesresults. This significantly improves performance for schemas with many roles, where these functions are called repeatedly during introspection.Description
During PostGraphile introspection,
getRole(),getRoleByName(), andexpandRoles()are called repeatedly for every entity's ACL resolution. The original implementation usesArray.find()andArray.includes()which are O(n) per call, andexpandRoles()iterates the fullauth_membersarray for each role. For schemas with many roles this becomes a significant bottleneck.This PR introduces:
expandRoles)expandRoles(O(1) membership check instead ofArray.includes)expandRolescalls (the common path) via WeakMapAll caches use
WeakMap<Introspection, ...>so they are automatically garbage-collected when the introspection object is no longer referenced. The public API is unchanged.Performance impact
Significant improvement for schemas with many roles. Role lookups go from O(n) to O(1).
expandRolesavoids redundant full scans ofauth_membersand caches results for repeated calls with the same role.The overhead of building indexes is amortized over the many calls that use them during a single introspection cycle.
Security impact
None. This is a purely internal optimization with no changes to the public API or behavior.
Checklist
yarn lint:fixpasses.yarn testpasses.RELEASE_NOTES.mdfile (if one exists).Notes on checklist:
expandRoles,aclContainsRole, andresolvePermissions(37/37 pass), covering role inheritance, NOINHERIT, caching, and circular membership.RELEASE_NOTES.mddoes not exist forpg-introspection.