Improve database response time for listing user activity

What does this MR do?

This MR improves a database query to display activity of a given user to the currently logged in user. It leverages the user_interacted_tables table introduced in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17327.

Are there points in the code the reviewer needs to double check?

1. Please double-check permissions are still respected properly.
2. Also, I ditched the LATERAL join because https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17454#note_61882724 -- anything I'm not seeing?

Why was this MR needed?

For some users, displaying the user activity page times out. That is, the related query runs into the statement timeout.

A URL to test this is https://gitlab.com/ather-embitel (note we fail to show something for 'most recent activity' after a while).

Grafana links: Controller performance

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Review
  • Has been reviewed by Backend
  • Has been reviewed by Database
• Conform by the merge request performance guides
• Conform by the style guides
• Squashed related commits together
• End-to-end tests pass (package-qa manual pipeline job)

What are the relevant issue numbers?

Closes #40525 (closed)

app/finders/user_recent_events_finder.rb

@@ -12,6 +12,8 @@ class UserRecentEventsFinder
 
   attr_reader :current_user, :target_user, :params
 
+  LIMIT = 20
+
   def initialize(current_user, target_user, params = {})
     @current_user = current_user
     @target_user = target_user
@@ -19,15 +21,44 @@ class UserRecentEventsFinder
   end
 
   def execute
-    target_user
-      .recent_events
-      .merge(projects_for_current_user)
-      .references(:project)
+    recent_events(params[:offset] || 0)
+      .joins(:project)
       .with_associations
-      .limit_recent(20, params[:offset])
+      .limit_recent(LIMIT, params[:offset])
+  end
+
+  private
+
+  def recent_events(offset)
+    sql = <<~SQL
+      (#{projects}) AS projects_for_join
+      JOIN (#{target_events.to_sql}) AS #{Event.table_name}
+        ON #{Event.table_name}.project_id = projects_for_join.id
+    SQL
+
+    # Workaround for https://github.com/rails/rails/issues/24193
+    Event.from([Arel.sql(sql)])
   end
 
-  def projects_for_current_user
-    ProjectsFinder.new(current_user: current_user).execute
+  def target_events
+    Event.where(author: target_user)
+  end
+
+  def projects
+    # Compile a list of projects `current_user` interacted with
+    # and `target_user` is allowed to see.
+
+    authorized = target_user
+      .project_interactions
+      .joins(:project_authorizations)
+      .where(project_authorizations: { user: current_user })
+      .select(:id)
+
+    visible = target_user
+      .project_interactions
+      .where(visibility_level: [Gitlab::VisibilityLevel::INTERNAL, Gitlab::VisibilityLevel::PUBLIC])
+      .select(:id)
+
+    Gitlab::SQL::Union.new([authorized, visible]).to_sql
   end
 end