Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ALS-6235] Investigate: BDC Auth login issue: Explore delays creating the user roles #173

Merged
merged 24 commits into from
May 28, 2024
Merged

[ALS-6235] Investigate: BDC Auth login issue: Explore delays creating the user roles #173

merged 24 commits into from
May 28, 2024

Conversation

Gcolon021
Copy link
Contributor

@Gcolon021 Gcolon021 commented May 28, 2024
edited
Loading

[ALS-6235] Investigate: BDC Auth login issue: Explore delays creating the user roles

  • FenceAuthorization service has been refactored to improve readability and modularity.
  • Fence mapping utility now loads the fence mapping json data on application startup and initializes two maps used by the application. This reduced execution time from ~13.25 minutes to ~9 minutes.
  • AccessRules now uses a cache when creating new AccessRules. This reduces the time spent querying the database as many access rules are reused by privileges. This change reduced execution time from ~9 minutes down to 2.25 - 2.5 minutes.
  • Refactor Role creation to allow for parallelization. This reduced execution time from 2.25 - 2.5 minutes down to ~30seconds.
  • Roles are no longer removed from the user on login. We now update the user roles in place.

@Gcolon021
Refactor all AccessRule creation
8913d50 
Move AccessRule creation out to a separate method. Centralizing this will make it is to optimize more in the near future.
@Gcolon021
Improve logging and add user login time performance tracking
9bf9109
@Gcolon021
Refactor FENCEAuthenticationService
d4b63a5 
The code changes refactor the FENCEAuthenticationService class to enhance code readability and performance. This includes introducing a new `_authZMap` for faster lookups and reorganizing methods for better code reusability.
@Gcolon021
Update FENCEAuthenticationService to fetch FENCE mapping
b6d53f0 
We need to call this at least once in order to load the maps.
@Gcolon021
Refactor FENCE mapping to a separate utility
c052b24 
A new utility class (FenceMappingUtility) has been introduced to handle FENCE mapping operations. The FenceMappingUtility is now used for FENCE mapping in FENCEAuthenticationService and StudyAccessService instead of these classes handling it directly. This change makes the applications more modular, distributes responsibilities better among classes, and improves code readability.
@Gcolon021
Improve thread safety in FenceMappingUtility.java
b27f6a4 
In the FenceMappingUtility class, the data structures have been updated to improve the thread safety of the application. The non-thread-safe HashMap was replaced with ConcurrentHashMap to handle potential concurrency issues. To further strengthen thread safety, the 'volatile' keyword was added to provide the most recent value whenever a variable is called, directly addressing potential issues with thread caching. The method 'initializeFENCEMappings' was also modified to use a parallel stream for efficient data processing.
@Gcolon021
Refactor FENCEAuthenticationService
57cc068 
Refactor upsertTopmedPrivilege to improve readability and make future improvements easier. Refactor getAllowedQueryTypeRules to cache fence_allowed_query_types.
@Gcolon021
Remove duplicate method
d0c713a
@Gcolon021
Refactor FENCEAuthenticationService for clarity and efficiency
f8884d2
@Gcolon021
Refactor addStandardAccessRules method for null safety
2f52314 
A null-check has been added before using the standardAccessRules variable to safeguard against potential NullPointerException. The logic has also been reconsidered, and now it only attempts to populate the standardAccessRules set from the database if it is found to be empty or null. This should enhance efficiency by avoiding unnecessary database calls.
@Gcolon021
Handle string replace up front once
ccb22c7
@Gcolon021
Refactor addFENCEPrivileges method parameters
048af4f
@Gcolon021
Refactor logging statements in FENCEAuthenticationService
2f18bda
@Gcolon021
Refactor role creation and update process for efficiency
cdb7a5b 
The role creation and assignment process has been optimized in the FENCEAuthenticationService. Rather than processing roles one-by-one, the revised code collects all the role names, prepares a list of roles, and commits them all at once to the repository. This is achieved by leveraging Java's parallel streams and the 'persistAll' method added to RoleRepository.
@Gcolon021
Refactor role creation in FENCEAuthenticationService
dd7ff13
@Gcolon021
Add validation for empty role name in createRole method
90cd3c0 
A check has been added in the createRole method to handle the situation when the role name is empty. It prevents the creation of roles with empty names, logging an error message
@Gcolon021
Change extractProject and extractConsentGroup methods to non-static
6702417
@Gcolon021
Update role name assignment logic and reduce error logging
daa8bd8
@Gcolon021
Update RoleRepository to handle existing roles
4424f17 
The persistAll method in the RoleRepository has been updated. This change ensures that if a role already has a UUID, it is merged instead of persisted, preventing any duplicate entries. New roles, which do not yet have a UUID, are persisted as before.
@Gcolon021
Refactor FENCEAuthenticationService for optimized role handling
3277195 
FENCEAuthenticationService.java has been refactored to improve role handling. The logic is now more precise and efficient in checking the existence of roles, adding new ones, and removing obsolete ones. It ensures correct persistence of roles while providing better error handling and logging.
@Gcolon021
Remove redundancy in role handling of FENCEAuthenticationService
7dc4be8 
The previous code used to find roles that aren't present in a user's existing roles, but the following logic left it unused. Thus, this redundancy has been removed, streamlining the process of handling roles in the FENCEAuthenticationService class.
@Gcolon021
Refactor role removal and addition in FENCEAuthenticationService
b6334c4
@Gcolon021 Gcolon021 self-assigned this May 28, 2024
ramari16
ramari16 reviewed May 28, 2024
View reviewed changes
...uth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/utils/FenceMappingUtility.java Outdated
}
}

private synchronized void initializeFENCEMappings() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed, remove synchronized here

@Gcolon021
Remove performance timing from FENCEAuthenticationService
67e3754 
Performance timing for user login within the FENCEAuthenticationService was removed to clean up the code. This logging was unnecessary and did not contribute in any significant manner to the overall functionality.
@Gcolon021
Remove synchronization from initializeFENCEMappings method
2e17cf6
@Gcolon021 Gcolon021 merged commit ce9c376 into fence-integration-release/0005 May 28, 2024
2 checks passed
@Gcolon021 Gcolon021 deleted the ALS-6235-Rewrite branch June 7, 2024 15:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ramari16 ramari16 ramari16 left review comments

Assignees

@Gcolon021 Gcolon021

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Gcolon021 @ramari16