Skip to content

Rework project authorizations and nested groups for better performance

yorickpeterse-staging requested to merge rework-authorizations-performance into master

This MR reworks the queries used for calculating project authorizations, in particular those used for getting nested groups.

TODO

  • Re-use code in Users::RefreshAuthorizedProjectsService between MySQL and PostgreSQL (as much as possible)
  • Add Group.supports_nested_groups? which returns true for PostgreSQL, false otherwise
  • In the UI use Group.supports_nested_groups? to hide nested groups related UI elements
  • Do something similar in controllers or models (depending on what the best place would be)
  • Add a migration which converts nested groups to regular groups for MySQL, making sure the right people still have access
  • Remove hierarchy related methods that use the old routes setup and are no longer necessary
  • Add documentation stating nested groups can not be supported properly on MySQL

Performance Impact

All tests were performed using the GitLab.com database, on a read-only replica.

Method Before After Notes
Namespace#descendants 580 ms ~1 ms Tests performed using the "gitlab-org" group
Namespace#ancestors ~1 ms ~1 ms Tests performed using the "sub-group-test" group. Old query was a regular index scan

Does this MR meet the acceptance criteria?

Edited by yorickpeterse-staging

Merge request reports

Loading