API Call permissions/users results in a bad sql query with slow performance

Hello,

we have a tool which request the permission via api call.

“https://urlasd.com/api/permissions/users?p=1&ps=100&projectKey=xxx”

this call takes around 1.4sec and i found out, that it uses some sql query, one on query is this:

select count(distinct(u.uuid)) 
from users 
  left join user_roles ur on ur.user_uuid = u.uuid  
  left join components p on ur.component_uuid = p.uuid 
WHERE  u.active = $1 

this query take to long, see the explain plan.

BBkl : long running sonarqube query | explain.depesz.com

image1461×538 39.4 KB

Im not sure how we can improve this query, is it really nessecary to use distinct(u.uuid) ?
Because u.uuid should already be unique.

Can we improve the postgres db to get the query run faster?

Sonarqube Version: 9.9.1.69595
Postgres Version: 14

Regards
David

Hi David,

I believe distinct is necessary because each user can have multiple roles / permissions on any given project:

Selection_19161199×524 32.1 KB

When you upgraded to 9.9, did you perform the post-upgrade DB cleanup?

 
Ann

Hallo Ann,

yes i did the vacuum and reindex task, but didnt helped.

But why the api call api/permissions/users?p=1&ps=100&projectKey=
needs to know the how many users exists? the api call would be faster if the sql query would not execute.

Hi,

Without digging into the code, I can’t tell you.

But taking a look at the API docs, I see this is an internal web service, with no expectation it will be called directly by users, and with no warranties for its use.

On a related note, in newer versions, we’ve begun moving to a v2 API for permissions-related functions. I don’t see a comparable service to what you’re using, but you probably want to keep an eye on this.

 
Ann

i think i found a way to improve the call, i add the parameter &permission=user
to the api call, to get only the users which are have permission, now the query runs between 25ms and 90ms. thats fine for me.

thanks for you help and quick response.