Skip to content

server: optimize account creation by pre-loading the role permissions #11137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: 4.20
Choose a base branch
from
Draft

server: optimize account creation by pre-loading the role permissions #11137

wants to merge 1 commit into from

Conversation

weizhouapache
Copy link
Member

Description

This PR optimizes the process of #5879

prior to this PR

2025-07-03 13:14:34,940 DEBUG [c.c.a.ApiServlet] (qtp1390913202-23:[ctx-8349b2ec]) (logid:9c370102) ===START===  10.0.112.203 -- GET  accounttype=0&email=test%40test.com&firstname=Test&lastname=User&username=test-TestInternalLb-ZS4QJR&command=createAccount&response=json&apiKey=LIN6rqXuaJwMPfGYFh13qDwYz5VNNz1J2J6qIOWcd3oLQOq0WtD4CwRundBL6rzXToa3lQOC_vKjI3nkHtiD8Q&signature=kOcCU%2FcXP5NU8GEb6i0L%2FifXfu0%3D

2025-07-03 13:14:41,506 DEBUG [c.c.a.ApiServlet] (qtp1390913202-23:[ctx-8349b2ec, ctx-0b145e08, ctx-bf249291]) (logid:9c370102) ===END===  10.0.112.203 -- GET  accounttype=0&email=test%40test.com&firstname=Test&lastname=User&username=test-TestInternalLb-ZS4QJR&command=createAccount&response=json&apiKey=LIN6rqXuaJwMPfGYFh13qDwYz5VNNz1J2J6qIOWcd3oLQOq0WtD4CwRundBL6rzXToa3lQOC_vKjI3nkHtiD8Q&signature=kOcCU%2FcXP5NU8GEb6i0L%2FifXfu0%3D

with this PR, it is reduced to less than 1 second

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • build/CI
  • test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

@codecov Codecov
Copy link

codecov bot commented Jul 3, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 4.65116% with 41 lines in your changes missing coverage. Please review.

Project coverage is 4.00%. Comparing base (1a251c8) to head (e5848ac).
Report is 2 commits behind head on 4.20.

Files with missing lines Patch % Lines
...c/main/java/com/cloud/user/AccountManagerImpl.java 0.00% 16 Missing ⚠️
...oudstack/acl/DynamicRoleBasedAPIAccessChecker.java 15.38% 11 Missing ⚠️
...oudstack/acl/ProjectRoleBasedApiAccessChecker.java 0.00% 6 Missing ⚠️
.../cloudstack/ratelimit/ApiRateLimitServiceImpl.java 0.00% 6 Missing ⚠️
...loudstack/acl/StaticRoleBasedAPIAccessChecker.java 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@              Coverage Diff              @@
##               4.20   #11137       +/-   ##
=============================================
- Coverage     16.15%    4.00%   -12.16%     
=============================================
  Files          5657      402     -5255     
  Lines        497969    32612   -465357     
  Branches      60389     5791    -54598     
=============================================
- Hits          80463     1305    -79158     
+ Misses       408542    31158   -377384     
+ Partials       8964      149     -8815
Flag Coverage Δ
uitests 4.00% <ø> (ø)
unittests 17.00% <4.65%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

sureshanaparti
sureshanaparti reviewed Jul 4, 2025
View reviewed changes
server/src/main/java/com/cloud/user/AccountManagerImpl.java Outdated

private void checkApiAccess(APIChecker apiChecker, Account caller, Account requested) throws PermissionDeniedException {
Pair<Role, List<RolePermission>> roleAndPermissionsForCaller = apiChecker.getRolePermissions(caller.getRoleId());
Pair<Role, List<RolePermission>> roleAndPermissionsForRequest = apiChecker.getRolePermissions(requested.getRoleId());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Pair<Role, List<RolePermission>> roleAndPermissionsForRequest = apiChecker.getRolePermissions(requested.getRoleId());
Pair<Role, List<RolePermission>> roleAndPermissionsForRequested = apiChecker.getRolePermissions(requested.getRoleId());

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks @sureshanaparti
committed

sureshanaparti
sureshanaparti approved these changes Jul 4, 2025
View reviewed changes
Copy link
Contributor

@sureshanaparti sureshanaparti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor nit, clgtm

@sureshanaparti
Copy link
Contributor

@blueorangutan package

@blueorangutan
Copy link

@sureshanaparti a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

@weizhouapache weizhouapache force-pushed the 4.20-create-account-optimization branch from 3d62538 to e5848ac Compare July 4, 2025 12:34
@blueorangutan
Copy link

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 14033

@weizhouapache
Copy link
Member Author

@blueorangutan test

@blueorangutan
Copy link

@weizhouapache a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

@blueorangutan
Copy link

[SF] Trillian test result (tid-13682)
Environment: kvm-ol8 (x2), Advanced Networking with Mgmt server ol8
Total time taken: 56085 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr11137-t13682-kvm-ol8.zip
Smoke tests completed. 141 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test Result Time (s) Test File

DaanHoogland
DaanHoogland approved these changes Jul 5, 2025
View reviewed changes
Copy link
Contributor

@DaanHoogland DaanHoogland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clgtm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DaanHoogland DaanHoogland DaanHoogland approved these changes

@sureshanaparti sureshanaparti sureshanaparti approved these changes

Assignees
No one assigned
Labels
component:api component:projects
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@weizhouapache @sureshanaparti @blueorangutan @DaanHoogland