perf(command): user grant pre-condition check using the search table (#8230)

# Which Problems Are Solved Imporve the performance of user grant addition, especially for import. # How the Problems Are Solved Use the search table to query for the project grant state. This could easily be done by making the search used in `checkProjectGrantPreCondition` reusable. # Additional Changes Chanded event declerations to `const` in the `internal/repository/project` package. # Additional Context - Performance improvements for import are evaluated and acted upon internally at the moment --------- Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 20:47:32 +00:00 · 2024-07-04 19:18:43 +03:00
parent d705cb11b7
commit ecfb9d0d6d
8 changed files with 178 additions and 20 deletions
--- a/internal/command/project_grant.go
+++ b/internal/command/project_grant.go
@@ -259,38 +259,49 @@ func (c *Commands) checkProjectGrantPreCondition(ctx context.Context, projectGra
 	if !authz.GetFeatures(ctx).ShouldUseImprovedPerformance(feature.ImprovedPerformanceTypeProjectGrant) {
 		return c.checkProjectGrantPreConditionOld(ctx, projectGrant)
 	}
+	existingRoleKeys, err := c.searchProjectGrantState(ctx, projectGrant.AggregateID, projectGrant.GrantedOrgID)
+	if err != nil {
+		return err
+	}
+
+	if projectGrant.HasInvalidRoles(existingRoleKeys) {
+		return zerrors.ThrowPreconditionFailed(err, "COMMAND-6m9gd", "Errors.Project.Role.NotFound")
+	}
+	return nil
+}
+
+func (c *Commands) searchProjectGrantState(ctx context.Context, projectID, grantedOrgID string) (existingRoleKeys []string, err error) {
 	results, err := c.eventstore.Search(
 		ctx,
 		// project state query
 		map[eventstore.FieldType]any{
 			eventstore.FieldTypeAggregateType: project.AggregateType,
-			eventstore.FieldTypeAggregateID:   projectGrant.AggregateID,
+			eventstore.FieldTypeAggregateID:   projectID,
 			eventstore.FieldTypeFieldName:     project.ProjectStateSearchField,
 			eventstore.FieldTypeObjectType:    project.ProjectSearchType,
 		},
 		// granted org query
 		map[eventstore.FieldType]any{
 			eventstore.FieldTypeAggregateType: org.AggregateType,
-			eventstore.FieldTypeAggregateID:   projectGrant.GrantedOrgID,
+			eventstore.FieldTypeAggregateID:   grantedOrgID,
 			eventstore.FieldTypeFieldName:     org.OrgStateSearchField,
 			eventstore.FieldTypeObjectType:    org.OrgSearchType,
 		},
 		// role query
 		map[eventstore.FieldType]any{
 			eventstore.FieldTypeAggregateType: project.AggregateType,
-			eventstore.FieldTypeAggregateID:   projectGrant.AggregateID,
+			eventstore.FieldTypeAggregateID:   projectID,
 			eventstore.FieldTypeFieldName:     project.ProjectRoleKeySearchField,
 			eventstore.FieldTypeObjectType:    project.ProjectRoleSearchType,
 		},
 	)
 	if err != nil {
-		return err
+		return nil, err
 	}

 	var (
 		existsProject    bool
 		existsGrantedOrg bool
-		existingRoleKeys []string
 	)

 	for _, result := range results {
@@ -299,34 +310,31 @@ func (c *Commands) checkProjectGrantPreCondition(ctx context.Context, projectGra
 			var role string
 			err := result.Value.Unmarshal(&role)
 			if err != nil {
-				return err
+				return nil, err
 			}
 			existingRoleKeys = append(existingRoleKeys, role)
 		case org.OrgSearchType:
 			var state domain.OrgState
 			err := result.Value.Unmarshal(&state)
 			if err != nil {
-				return err
+				return nil, err
 			}
 			existsGrantedOrg = state.Valid() && state != domain.OrgStateRemoved
 		case project.ProjectSearchType:
 			var state domain.ProjectState
 			err := result.Value.Unmarshal(&state)
 			if err != nil {
-				return err
+				return nil, err
 			}
 			existsProject = state.Valid() && state != domain.ProjectStateRemoved
 		}
 	}

 	if !existsProject {
-		return zerrors.ThrowPreconditionFailed(err, "COMMAND-m9gsd", "Errors.Project.NotFound")
+		return nil, zerrors.ThrowPreconditionFailed(err, "COMMAND-m9gsd", "Errors.Project.NotFound")
 	}
 	if !existsGrantedOrg {
-		return zerrors.ThrowPreconditionFailed(err, "COMMAND-3m9gg", "Errors.Org.NotFound")
+		return nil, zerrors.ThrowPreconditionFailed(err, "COMMAND-3m9gg", "Errors.Org.NotFound")
 	}
-	if projectGrant.HasInvalidRoles(existingRoleKeys) {
-		return zerrors.ThrowPreconditionFailed(err, "COMMAND-6m9gd", "Errors.Project.Role.NotFound")
-	}
-	return nil
+	return existingRoleKeys, nil
 }