hdygxsj commented on code in PR #9812:
URL: https://github.com/apache/gravitino/pull/9812#discussion_r2732072717
##########
server-common/src/main/java/org/apache/gravitino/server/authorization/jcasbin/JcasbinAuthorizer.java:
##########
@@ -84,14 +84,40 @@ public class JcasbinAuthorizer implements
GravitinoAuthorizer {
* loadedRoles is used to cache roles that have loaded permissions. When the
permissions of a role
* are updated, they should be removed from it.
*/
- private Set<Long> loadedRoles = ConcurrentHashMap.newKeySet();
+ private Cache<Long, Boolean> loadedRoles;
- private Map<Long, Long> ownerRel = new ConcurrentHashMap<>();
+ private Cache<Long, Optional<Long>> ownerRel;
private Executor executor = null;
@Override
public void initialize() {
+ long cacheExpirationSecs =
+ GravitinoEnv.getInstance()
+ .config()
+ .get(Configs.GRAVITINO_AUTHORIZATION_CACHE_EXPIRATION_SECS);
+ long roleCacheSize =
+
GravitinoEnv.getInstance().config().get(Configs.GRAVITINO_AUTHORIZATION_ROLE_CACHE_SIZE);
+ long ownerCacheSize =
+
GravitinoEnv.getInstance().config().get(Configs.GRAVITINO_AUTHORIZATION_OWNER_CACHE_SIZE);
+ loadedRoles =
+ Caffeine.newBuilder()
+ .expireAfterWrite(cacheExpirationSecs, TimeUnit.SECONDS)
+ .maximumSize(roleCacheSize)
+ .executor(Runnable::run)
+ .removalListener(
+ (roleId, value, cause) -> {
Review Comment:
Could you add a unit test to verify this scenario?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
