73e3f7d281
After change [1], if the system has a high number of security groups with no associated RBAC entries, a non admin user owning only one security group will experience unacceptable response times when listing her security groups. Change [1] added methods get_object and get_objects to class RbacNeutronDbObjectMixin in neutron.objects.rbac_db, which retrieve with and admin context all the objects (networks, subnets or security groups) in the DB and then decide in memory whether the project that made the query has access to them or not, based on their associated RBAC policies. This change proposes to remove those methods and revert to their counterparts in NeutronDbObject (neutron.objects.base), which use a DB query scoped to the project to retrieve the objects based on their associated RBAC policies by calling [2]. In this way, the potential number of objects that are retrieved from the DB and that have to be converted to OVOs is greatly reduced, improving significantly the response time to the user. [1] https://review.opendev.org/#/c/635311 [2] |
||
---|---|---|
.. | ||
db | ||
extensions | ||
logapi | ||
plugins | ||
port | ||
qos | ||
__init__.py | ||
test_address_scope.py | ||
test_agent.py | ||
test_auto_allocate.py | ||
test_base.py | ||
test_common_types.py | ||
test_flavor.py | ||
test_floatingip.py | ||
test_ipam.py | ||
test_l3_hamode.py | ||
test_l3agent.py | ||
test_metering.py | ||
test_network_segment_range.py | ||
test_network.py | ||
test_objects.py | ||
test_port_forwarding.py | ||
test_ports.py | ||
test_provisioning_blocks.py | ||
test_quota.py | ||
test_rbac_db.py | ||
test_rbac.py | ||
test_router.py | ||
test_securitygroup.py | ||
test_servicetype.py | ||
test_subnet.py | ||
test_subnetpool.py | ||
test_tag.py | ||
test_trunk.py |