Closed jedwards1211 closed 8 years ago
Have you looked into v2.0 branch? I do not think there is this problem anymore.
I haven't looked into all the details of how you check for roles now, but I like the v2.0 schema a lot better.
I think I will close this. If you have concrete numbers that performance of v2.0 checking is slow, show them.
We cannot change much with v1.0 because this would break backwards compatibility.
Fine with me, thanks!
Call this a premature concern if you want, but if I have 100s of roles representing granular permissions, I don't like the thought of the server having to do 50 string comparisons on average before every user operation. Especially since my app will be running on a Raspberry Pi.
There's a very simple optimization: this package could just just cache maps with the (Flow type) structure
{[userId: string]: {[group: string]: {[role: string]: true}}}
for each user, and only recompute these when a user'sroles
is!==
the last seen value. Then theuserIsInRole
check, when the cache is up-to-date, would be (basically)_.every(roles, role => roleCache[_.isString(user) ? user : user._id][group][role])
.Would you be open to a PR for this?