search

comic / grand-challenge.org

A platform for end-to-end development of machine learning solutions in biomedical imaging
https://grand-challenge.org
Apache License 2.0
167 stars 49 forks source link

Inefficient permission checking when using row templating #3388

Closed chrisvanrun closed 1 week ago

chrisvanrun commented 1 week ago

Nearly all PaginatedTableListView use a construct like this to retrieve the permissions:

{% get_obj_perms request.user for object as "object_perms" %}

This entails that every row render hits the database. This inefficiency is hidden from the debug toolbar because the rows are rendered in a secondary query from the initial loading page.

An easy fix would be to add a checker that gets to prefetch the permissions, much like used here:

https://github.com/comic/grand-challenge.org/blob/c548f50ffdd4e449e435487f83ac509b09b48775/app/grandchallenge/publications/views.py#L42-L50

chrisvanrun commented 1 week ago

Having looked at it a bit more, I've concluded it is only the CIVSet list view that does a permission check per row.

chrisvanrun commented 1 week ago

I have a branch ready that builds on:

Waiting for that PR to be merged and rebasing the branch + creating a PR then.