2017-12-07 17:01 GMT+01:00 Tom Lane <t...@sss.pgh.pa.us>: > =?UTF-8?Q?Ulf_Lohbr=C3=BCgge?= <ulf.lohbrue...@gmail.com> writes: > > I could reproduce part of the things I described earlier in this thread. > A > > guy named Andriy Senyshyn mailed me after reading this thread here (he > > could somehow not join the mailing list) and observed a difference when > > issuing "SET ROLE" as user postgres and as a non-superuser. > > This isn't particularly surprising in itself. When we know that the > session user is a superuser, SET ROLE just succeeds immediately. > Otherwise we have to determine whether the SET is allowed, ie, is > the session user a member of the specified role. > > It looks like the first time such a question is asked within a session, > we build and cache a list of all the roles the session user is a member > of (directly or indirectly). That's what's taking the time here --- > apparently in your test case, the "admin" role is a member of a whole lot > of roles? >
Yes, the user "admin" is member of more than 1k roles. So this cache will not invalidate during the lifetime of the session unless a new role is added, I guess? Is there any locking involved when this cache gets invalidated? Could this be a source for my earlier observed slow executions? Regards, Ulf
