Rework project authorizations and nested groups for better performance
This MR reworks the queries used for calculating project authorizations, in particular those used for getting nested groups.
TODO
-
Re-use code in
Users::RefreshAuthorizedProjectsServicebetween MySQL and PostgreSQL (as much as possible) -
Add
Group.supports_nested_groups?which returnstruefor PostgreSQL, false otherwise -
In the UI use
Group.supports_nested_groups?to hide nested groups related UI elements - Do something similar in controllers or models (depending on what the best place would be)
- Add a migration which converts nested groups to regular groups for MySQL, making sure the right people still have access
-
Remove hierarchy related methods that use the old
routessetup and are no longer necessary - Add documentation stating nested groups can not be supported properly on MySQL
Performance Impact
All tests were performed using the GitLab.com database, on a read-only replica.
| Method | Before | After | Notes |
|---|---|---|---|
Namespace#descendants |
580 ms | ~1 ms | Tests performed using the "gitlab-org" group |
Namespace#ancestors |
~1 ms | ~1 ms | Tests performed using the "sub-group-test" group. Old query was a regular index scan |
Does this MR meet the acceptance criteria?
- Changelog entry added, if necessary
- Documentation created/updated
- API support added
- Tests
- Added for this feature/bug
- All builds are passing
- Conform by the merge request performance guides
- Conform by the style guides
-
Branch has no merge conflicts with
master(if it does - rebase it please) - Squashed related commits together