Re: [I] [Improvement] Authorization performance:the create catalog API demonstrates significantly slower performance when authorization is enabled compared to when it is disabled. [gravitino]

[via GitHub]

bharos commented on issue #9170:
URL: https://github.com/apache/gravitino/issues/9170#issuecomment-3549139202

   On Analysing with Copilot agent, it seems like there are duplicate queries 
to database, like:
   ```
   Request: POST /metalakes/test/catalogs
   
   Authorization expression: "METALAKE::CREATE_CATALOG || METALAKE::OWNER"
   
   Queries executed:
   1. getUserEntity("alice", "test")                    ← authorize()
   2. MetadataIdConverter.getID(METALAKE_test, "test")  ← authorize()
   3-7. Load role entities for alice's 5 roles          ← loadRolePrivilege()
   8. MetadataIdConverter.getID(METALAKE_test, "test")  ← isOwner() line 190
   9. loadOwnerPolicy() - DB query for owner rel        ← isOwner()
   10. getUserEntity("alice", "test")                   ← isOwner() - DUPLICATE 
of #1!
   11. MetadataIdConverter.getID(METALAKE_test, "test") ← isOwner() line 196 - 
DUPLICATE of #2 & #8!
   
   Result: 11 queries, with 3 being 100% duplicates
   ```
   
   One idea I'm thinking if adding caching at per-request-scope can help with 
this ?
   
   @danhuawang  Also, is this specific to create_catalog calls or it happens in 
general to all the APIs after enabling authorization ?
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@gravitino.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org