Improve SQL query for "Custom abilities for group memberships"
The following discussions from !125652 (merged) should be addressed:
-
@jessieay started a discussion: (+1 comment) Self-review comment: I removed this line because I could not find any instances of
read_vulnerability
being called on a group. And this line was only recently added in Jarka's refactor MR but I think that was accidental: !113377 (merged)admin_vulnerability
is used for groups, see !66312 (diffs) -
@bwill started a discussion: (+1 comment) Thought (non-blocking): User is an omniscient class. Could this logic be encapsulated somewhere else?
-
@minac started a discussion: suggestion (non-blocking): I think this method should be private as there is no reference to it from outside, right?
-
@krasio started a discussion: namespaces.tracersal_ids
also includesnamespaces.id
as it's last element, I think we can skip this node as the next one will fetch the matching rows anyway, right? -
@krasio started a discussion: (+2 comments) What is the goal of
limit(1)
here? Is it possible this way we exclude a row where one of the columns has TRUE value, and this way end up with the default FALSE? -
@krasio started a discussion: (+4 comments) I think we can rewrite this query like
SELECT groups.id, Bool_or(custom_permissions.read_vulnerability) AS read_vulnerability, Bool_or(custom_permissions.admin_vulnerability) AS admin_vulnerability FROM ( VALUES (60357594, ARRAY[60357594]::integer[]), (65094811, ARRAY[65094811]::integer[]), (60357923, ARRAY[60357923]::integer[]), (9970, ARRAY[9970]::integer[])) AS groups (id, traversal_ids), LATERAL ( (SELECT BOOL_OR(member_roles.read_vulnerability) AS read_vulnerability, BOOL_OR(member_roles.admin_vulnerability) AS admin_vulnerability FROM members LEFT OUTER JOIN member_roles ON member_roles.id = members.member_role_id WHERE members.source_type = 'Namespace' AND "members"."user_id" = 11997412 AND groups.traversal_ids @> ARRAY[members.source_id]::int[] AND (member_roles.read_vulnerability = TRUE OR member_roles.admin_vulnerability = TRUE)) UNION (SELECT FALSE AS read_vulnerability, FALSE AS admin_vulnerability) ) AS custom_permissions GROUP BY groups.id
which should do the same, but I find easier to read?