[go: up one dir, main page]
Skip to content

Draft: Refactor build permissions to be explicit instead of delegated

Furkan Ayhanrequested to merge
549069-adjusting-build-policies into master

What does this MR do and why?

Refactor build permissions to be explicit instead of delegated

Previously, build permissions were implicitly calculated by delegating to commit status permissions through CommitStatusPolicy. This approach required recalculating commit status permissions every time build permissions were checked, leading to performance overhead.

Changes made:

  • Remove delegation logic from CommitStatusPolicy
  • Add explicit build permission rules directly in ProjectPolicy and BuildPolicy

References

Related to #549069

Screenshots or screen recordings

require 'benchmark'

ActiveRecord::Base.logger = nil

query = <<~QUERY
query getPipelineDetails($projectPath: ID!, $iid: ID!) {
  project(fullPath: $projectPath) {
    pipeline(iid: $iid) {
      stages {
        nodes {
          groups {
            nodes {
              jobs {
                nodes {
                  name
                  status: detailedStatus {
                    action {
                      buttonTitle
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  }
}
QUERY

variables = {
  "projectPath" => "root/gitlab-mirror",
  "iid" => 350
}

context = {
  current_user: User.find(1),
  is_sessionless_user: false,
  current_organization: Organizations::Organization.find(1)
}

operation_name = "getPipelineDetails"

n = 100

# Run with old code

Benchmark.bm do |benchmark|
  2.times do
    Gitlab::SafeRequestStore.ensure_request_store do
      GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
    end
  end

  benchmark.report("OLD") do
    n.times do
      Gitlab::SafeRequestStore.ensure_request_store do
        GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
      end
    end
  end
end

# Run with new code

Benchmark.bm do |benchmark|
  2.times do
    Gitlab::SafeRequestStore.ensure_request_store do
      GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
    end
  end

  benchmark.report("NEW") do
    n.times do
      Gitlab::SafeRequestStore.ensure_request_store do
        GitlabSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
      end
    end
  end
end
#          user     system      total        real
# OLD 16.869322   0.189465  17.058787 ( 17.135477)
# NEW 10.500969   0.130029  10.630998 ( 10.704464)

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports