2017-12-07 17:01 GMT+01:00 Tom Lane <t...@sss.pgh.pa.us>:

> =?UTF-8?Q?Ulf_Lohbr=C3=BCgge?= <ulf.lohbrue...@gmail.com> writes:
> > I could reproduce part of the things I described earlier in this thread.
> A
> > guy named Andriy Senyshyn mailed me after reading this thread here (he
> > could somehow not join the mailing list) and observed a difference when
> > issuing "SET ROLE" as user postgres and as a non-superuser.
>
> This isn't particularly surprising in itself.  When we know that the
> session user is a superuser, SET ROLE just succeeds immediately.
> Otherwise we have to determine whether the SET is allowed, ie, is
> the session user a member of the specified role.
>
> It looks like the first time such a question is asked within a session,
> we build and cache a list of all the roles the session user is a member
> of (directly or indirectly).  That's what's taking the time here ---
> apparently in your test case, the "admin" role is a member of a whole lot
> of roles?
>

Yes, the user "admin" is member of more than 1k roles.

So this cache will not invalidate during the lifetime of the session unless
a new role is added, I guess?

Is there any locking involved when this cache gets invalidated? Could this
be a source for my earlier observed slow executions?

Regards,
Ulf

Reply via email to