jerqi commented on issue #9170: URL: https://github.com/apache/gravitino/issues/9170#issuecomment-3550403411
> Also, in https://github.com/apache/gravitino/blob/main/server-common/src/main/java/org/apache/gravitino/server/authorization/jcasbin/JcasbinAuthorizer.java#L520 It is called twice per privilege in a tight loop: > > ``` > for (SecurableObject securableObject : roleEntity.securableObjects()) { > for (Privilege privilege : securableObject.privileges()) { > // Called TWICE for same object! > denyEnforcer.addPolicy(..., MetadataIdConverter.getID(securableObject, metalake), ...); > allowEnforcer.addPolicy(..., MetadataIdConverter.getID(securableObject, metalake), ...); > } > } > ``` > > LMK if I can help with adding this per-request cache to avoid extra database reads cc [@jerqi](https://github.com/jerqi) We have the similar abstraction AuthorizationContext. But we can optimize this further. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
