N+1 in EpicsFinder due to access check
In EpicsFinder#groups_user_can_read_epics
, we iterate over all the related groups to check for access. We do a preload with Gitlab::GroupPlansPreloader
here but there is still an N+1 due to #11539 (closed).
The read_epic
permission is basically 2 parts:
- can read group
- group has epics feature (license check)
Since related_groups
here is always part of the hierarchy, I think we can simplify this. We know that licenses can only be applied at the top level namespace and group access is also inherited (and you automatically get read access to parent groups when you're a member of a child group).
EDIT: we are hitting this N+1 issue also when getting epic descendant counts because we need to check every group permission there too - https://gitlab.com/gitlab-org/gitlab/blob/master/ee/app/models/ee/epic.rb#L203