Fix and re-enable keyset pagination

Review changes
Download
Patches
Plain diff

Andreas Brandl requested to merge ab/keyset-two-step into master Jan 03, 2020

Overview 23
Commits 7
Pipelines 11
Changes 17

What does this MR do?

This MR addresses what has been reverted with !21698 (merged). The revert disabled keyset pagination completely.

This change:

re-enables keyset pagination for the project API, re-adds request specs
removes an optimization for signalling the last page in a collection has been reached
splits keyset pagination into two steps.

Optimization for signalling the last page, split pagination into two steps

We had an optimization in place that was already "peeking ahead" of the current page and was able to notice that the last page of a collection has been reached. As a result, the pagination header with a link to the next page was not rendered anymore (signalling the last page).

Now this makes it difficult to implement keyset pagination in a way that is compatible with the existing assumptions around pagination. In particular, "peeking ahead" means using a larger LIMIT (+1) to retrieve the first record from the next page (if any). This record has to be removed prior to delivering the payload for the current page.

This led to all kinds of problems, in particular because the implementation had to already execute the query to figure out the pagination information (for the next page).

In this MR, we split keyset pagination into two simple steps:

Apply a LIMIT to the query (very similar to offset pagination, but only a LIMIT, no OFFSET)
Once the query has been built fully and shortly before rendering JSON, use the last record of the page to render the pagination header information (a link to the next page).

We also remove the last page optimization here in order to make both pagination implementations compatible and make it easier (and less dangerous) to use both pagination strategies across various endpoints (which may have their own assumptions).

Does this MR meet the acceptance criteria?

Conformity

Changelog entry
Documentation (if required)
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited May 31, 2022 by 🤖 GitLab Bot 🤖

Merge request reports

Assignee

Select assignees

Reviewers

Request review from

Time tracking