Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable role and profile caching #2533

Merged
merged 7 commits into from
May 31, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,7 @@ lib/core/backend/backendSubscription.js
lib/core/backend/backendVault.js
lib/core/backend/index.js
lib/core/backend/internalLogger.js
lib/core/cache/cacheDbEnum.js
lib/core/debug/kuzzleDebugger.js
lib/core/plugin/pluginContext.js
lib/core/realtime/channel.js
Expand All @@ -135,10 +136,12 @@ lib/core/realtime/subscription.js
lib/core/security/profileRepository.js
lib/core/security/tokenRepository.js
lib/core/shared/KoncordeWrapper.js
lib/core/shared/repository.js
lib/core/shared/ObjectRepository.js
lib/core/shared/sdk/embeddedSdk.js
lib/core/shared/sdk/funnelProtocol.js
lib/core/shared/store.js
lib/core/storage/indexCache.js
lib/core/storage/storeScopeEnum.js
lib/kerror/errors/*.js
lib/kerror/errors/badRequestError.js
lib/kerror/errors/externalServiceError.js
Expand Down Expand Up @@ -208,6 +211,7 @@ lib/types/realtime/RoomList.js
lib/types/RequestPayload.js
lib/types/ResponsePayload.js
lib/types/RoleDefinition.js
lib/types/shared/StoreCollectionsDefinition.js
lib/types/StrategyDefinition.js
lib/types/Target.js
lib/types/Token.js
Expand Down
83 changes: 28 additions & 55 deletions lib/core/security/profileRepository.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ import { JSONObject } from "kuzzle-sdk";
import { OptimizedPolicy, Policy } from "../../../index";
import * as kerror from "../../kerror";
import { Profile } from "../../model/security/profile";
import { cacheDbEnum } from "../cache/cacheDbEnum";
import { ObjectRepository } from "../shared/ObjectRepository";

/** @internal */
Expand Down Expand Up @@ -59,19 +58,14 @@ type UpdateOptions = {
*/
export class ProfileRepository extends ObjectRepository<Profile> {
private module: any;
private profiles: Map<string, Profile>;

/**
* @constructor
*/
constructor(securityModule) {
super({
cache: cacheDbEnum.NONE,
store: global.kuzzle.internalIndex,
});
super({ store: global.kuzzle.internalIndex });

this.module = securityModule;
this.profiles = new Map();

this.collection = "profiles";
this.ObjectConstructor = Profile;
Expand Down Expand Up @@ -129,7 +123,7 @@ export class ProfileRepository extends ObjectRepository<Profile> {
* @param {String} [id] - profile identifier
*/
global.kuzzle.onAsk("core:security:profile:invalidate", (id) =>
this.invalidate(id),
this.deleteFromCache(id),
);

/**
Expand Down Expand Up @@ -191,15 +185,29 @@ export class ProfileRepository extends ObjectRepository<Profile> {
* @returns {Promise.<Promise>}
* @throws {NotFoundError} If the corresponding profile doesn't exist
*/
async load(id: string): Promise<Profile> {
if (this.profiles.has(id)) {
return this.profiles.get(id);
}
override async load(
id: string,
options: { key?: string } = {},
): Promise<Profile> {
const profile = await this.loadFromCache(id, options);

if (profile === null) {
const profileFromDatabase = await this.loadOneFromDatabase(id);

if (profileFromDatabase !== null) {
await this.persistToCache(profileFromDatabase);

profileFromDatabase.optimizedPolicies = this.optimizePolicies(
profileFromDatabase.policies,
);
}

const profile = await super.load(id);
return profileFromDatabase;
}

profile.optimizedPolicies = this.optimizePolicies(profile.policies);
this.profiles.set(id, profile);

await this.refreshCacheTTL(profile);

return profile;
}
Expand Down Expand Up @@ -232,16 +240,7 @@ export class ProfileRepository extends ObjectRepository<Profile> {
}

for (const id of profileIds) {
let profile: Profile | Promise<Profile> = this.profiles.get(id);

if (!profile) {
profile = this.loadOneFromDatabase(id).then((p) => {
p.optimizedPolicies = this.optimizePolicies(p.policies);
this.profiles.set(id, p);
return p;
});
}

const profile: Profile | Promise<Profile> = this.load(id);
profiles.push(profile);
}

Expand Down Expand Up @@ -443,7 +442,7 @@ export class ProfileRepository extends ObjectRepository<Profile> {

await this.deleteFromDatabase(profile._id, { refresh });

this.profiles.delete(profile._id);
await this.deleteFromCache(profile._id);
}

/**
Expand Down Expand Up @@ -502,12 +501,12 @@ export class ProfileRepository extends ObjectRepository<Profile> {
});

const updatedProfile = await this.loadOneFromDatabase(profile._id);
await this.persistToCache(updatedProfile);

// Recompute optimized policies based on new policies
updatedProfile.optimizedPolicies = this.optimizePolicies(
updatedProfile.policies,
);

this.profiles.set(profile._id, updatedProfile);
return updatedProfile;
}

Expand Down Expand Up @@ -538,32 +537,6 @@ export class ProfileRepository extends ObjectRepository<Profile> {
return profile;
}

/**
* @override
*/
async truncate(opts: JSONObject) {
try {
await super.truncate(opts);
} finally {
// always clear the RAM cache: even if truncate fails in the middle of it,
// some of the cached profiles might not be valid anymore
this.invalidate();
}
}

/**
* Invalidate the cache entries for the given profile. If none is provided,
* the entire cache is emptied.
* @param {string} [profileId]
*/
invalidate(profileId?: string) {
if (!profileId) {
this.profiles.clear();
} else {
this.profiles.delete(profileId);
}
}

/**
* Optimize each policy to get a O(1) index access time
* and a O(log(n)) collection search time.
Expand Down Expand Up @@ -636,11 +609,11 @@ export class ProfileRepository extends ObjectRepository<Profile> {
// Otherwise we cannot stub them
// ============================================

async toDTO(dto: Profile): Promise<JSONObject> {
toDTO(dto: Profile): JSONObject {
return super.toDTO(dto);
}

async deleteFromDatabase(id: string, options: JSONObject) {
deleteFromDatabase(id: string, options: JSONObject) {
return super.deleteFromDatabase(id, options);
}

Expand Down
2 changes: 1 addition & 1 deletion lib/core/security/roleRepository.js
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ class RoleRepository extends ObjectRepository {
*/
constructor(securityModule) {
super({
cache: cacheDbEnum.NONE,
cache: cacheDbEnum.INTERNAL,
store: global.kuzzle.internalIndex,
});

Expand Down
2 changes: 1 addition & 1 deletion lib/core/shared/ObjectRepository.ts
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ export class ObjectRepository<TObject extends { _id: string }> {
try {
response = await global.kuzzle.ask(`core:cache:${this.cacheDb}:get`, key);

if (response === null) {
if (response === null || response === undefined) {
return null;
}

Expand Down
Loading
Loading