Create DB Performance improvements (#234)

In Multi DB mode, as the number of databases increases, so does the time to create the next new DB. This is because we create three internal roles for each new DB and internally when run the DB subcommands, multiple calls to roles_is_member_of("sysadmin") is made. Now that output of this list contains all the three roles of every db created. This is the major reason for the perfomance degradation of CREATE DB command. We fix this in three different places. getAvailDbid - this functions makes a call to nextval function, which by default checks for current user's permission and makes a call to roles_is_member_of. Instead we could call the nextval_internal which is the same function but with the additional option of check permissions flag which we will set to false. To double check we can just ensure that the current user is "sysadmin" when getAvailDbid is called. (Currently we only call this when user is sysadmin) Set temporary user when creating schema - when we create the dbo and guest schema for the new database, the create schema function fetches all the roles that current role is member of (recursively) to check if if current role can actually become the target schema owner role. To bypass this we can assume the newdb_dbo role when creating these schemas. In this case all the roles that newdb_dbo is member of will be fetched, but this list is much smaller than sysadmin. Select best grantor - Select best grantor first fetches the roles_list that sysadmin is member of and then start checking for permissions. But sysadmin is always the first to be checked. That is sysadmin is always top of the roles_list. We can add a quick check to this. That is, first check if current role is sysadmin and can it give us all the permission needed. If yes, simply return. Note** This does not change any behaviour since this will anyway be done in the first loop after fetching roles_list. We are instead running the first loop before fetching the whole list. Engine PR: #234 Extension PR: babelfish-for-postgresql/babelfish_extensions#1899 Extension PR: (cache sysadmin oid) babelfish-for-postgresql/babelfish_extensions#1942 Task: BABEL-4438 Signed-off-by: Tanzeel Khan <[email protected]>
babelfish-for-postgresql · Oct 24, 2023 · cc4936b · cc4936b
1 parent a43212e
commit cc4936b
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
@@ -117,6 +117,8 @@ static AclResult pg_role_aclcheck(Oid role_oid, Oid roleid, AclMode mode);
 
 static void RoleMembershipCacheCallback(Datum arg, int cacheid, uint32 hashvalue);
 
+bbf_get_sysadmin_oid_hook_type bbf_get_sysadmin_oid_hook = NULL;
+
 
 /*
  * getid
@@ -5120,6 +5122,21 @@ select_best_grantor(Oid roleId, AclMode privileges,
 		return;
 	}
 
+	if (bbf_get_sysadmin_oid_hook && roleId == (*bbf_get_sysadmin_oid_hook)())
+	{
+		AclMode		sysadmin_privs;
+
+		sysadmin_privs = aclmask_direct(acl, roleId, ownerId,
+										needed_goptions, ACLMASK_ALL);
+		if (sysadmin_privs == needed_goptions)
+		{
+			/* Found a suitable grantor */
+			*grantorId = roleId;
+			*grantOptions = sysadmin_privs;
+			return;
+		}
+	}
+
 	/*
 	 * Otherwise we have to do a careful search to see if roleId has the
 	 * privileges of any suitable role.  Note: we can hang onto the result of

diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
@@ -333,4 +333,7 @@ extern bool has_bypassrls_privilege(Oid roleid);
 typedef bool (*tsql_has_linked_srv_permissions_hook_type) (Oid roleid);
 extern PGDLLIMPORT tsql_has_linked_srv_permissions_hook_type tsql_has_linked_srv_permissions_hook;
 
+typedef Oid (*bbf_get_sysadmin_oid_hook_type) (void);
+extern PGDLLIMPORT bbf_get_sysadmin_oid_hook_type bbf_get_sysadmin_oid_hook;
+
 #endif							/* ACL_H */