admin/39948-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Speed up authenticated API queries

Browse Source
This commit is contained in:
Flatlogic Bot 2026-05-11 13:43:30 +03:00
parent 027af5082b
commit 4d30442a5b
5 changed files with 123 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/auth/auth.js
View File

@ -19,7 +19,7 @@ passport.use(
},
async (req, token, done) => {
try {
const user = await UsersDBApi.findBy({ email: token.user.email });
const user = await UsersDBApi.findForAuth({ email: token.user.email });
if (user && user.disabled) {
return done(new Error(`User '${user.email}' is disabled`));

45
backend/src/db/api/base.api.js
View File

@ -403,26 +403,37 @@ class GenericDBApi {
}
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options.transaction,
};
if (!options.countOnly) {
queryOptions.limit = limit ? Number(limit) : undefined;
queryOptions.offset = offset ? Number(offset) : undefined;
}
try {
if (options.countOnly) {
const count = await this.MODEL.count({
where,
include: include.filter((entry) => entry.required || entry.where),
distinct: true,
transaction: options.transaction,
});
return {
rows: [],
count,
};
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options.transaction,
limit: limit ? Number(limit) : undefined,
offset: offset ? Number(offset) : undefined,
};
const { rows, count } = await this.MODEL.findAndCountAll(queryOptions);
return {
rows: options.countOnly ? [] : rows,
rows,
count,
};
} catch (error) {

45
backend/src/db/api/projects.js
View File

@ -187,26 +187,37 @@ class ProjectsDBApi extends GenericDBApi {
where.slug = runtimeProjectSlug;
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options.transaction,
};
if (!options.countOnly) {
queryOptions.limit = limit ? Number(limit) : undefined;
queryOptions.offset = offset ? Number(offset) : undefined;
}
try {
if (options.countOnly) {
const count = await this.MODEL.count({
where,
include,
distinct: true,
transaction: options.transaction,
});
return {
rows: [],
count,
};
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options.transaction,
limit: limit ? Number(limit) : undefined,
offset: offset ? Number(offset) : undefined,
};
const { rows, count } = await this.MODEL.findAndCountAll(queryOptions);
return {
rows: options.countOnly ? [] : rows,
rows,
count,
};
} catch (error) {

76
backend/src/db/api/users.js
View File

@ -290,6 +290,35 @@ module.exports = class UsersDBApi {
return output;
}
static async findForAuth(where, options) {
const transaction = (options && options.transaction) || undefined;
const users = await db.users.findOne({
where,
transaction,
include: [
{ association: 'avatar' },
{
association: 'app_role',
include: [{ association: 'permissions' }],
},
{ association: 'custom_permissions' },
],
});
if (!users) {
return users;
}
const output = users.get({ plain: true });
if (output.app_role) {
output.app_role_permissions = output.app_role.permissions || [];
}
return output;
}
static async findAll(filter, options) {
const limit = filter.limit || 0;
let offset = 0;
@ -533,28 +562,39 @@ module.exports = class UsersDBApi {
}
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options?.transaction,
};
if (!options?.countOnly) {
queryOptions.limit = limit ? Number(limit) : undefined;
queryOptions.offset = offset ? Number(offset) : undefined;
}
try {
if (options?.countOnly) {
const count = await db.users.count({
where,
include: include.filter((entry) => entry.required || entry.where),
distinct: true,
transaction: options?.transaction,
});
return {
rows: [],
count,
};
}
const queryOptions = {
where,
include,
distinct: true,
order:
filter.field && filter.sort
? [[filter.field, filter.sort]]
: [['createdAt', 'desc']],
transaction: options?.transaction,
limit: limit ? Number(limit) : undefined,
offset: offset ? Number(offset) : undefined,
};
const { rows, count } = await db.users.findAndCountAll(queryOptions);
return {
rows: options?.countOnly ? [] : rows,
count: count,
rows,
count,
};
} catch (error) {
console.error('Error executing query:', error);

9
backend/src/services/search.js
View File

@ -21,7 +21,14 @@ async function getUserPermissions(currentUser) {
throw new ValidationError('auth.forbidden');
}
const rolePermissions = await currentUser.app_role.getPermissions();
let rolePermissions = [];
if (typeof currentUser.app_role.getPermissions === 'function') {
rolePermissions = await currentUser.app_role.getPermissions();
} else {
rolePermissions = currentUser.app_role.permissions || [];
}
for (const permission of rolePermissions) {
if (permission?.name) {
permissions.add(permission.name);