2

I am using django-role-permission in my django project and am controlling access to the views through a decorator as follows:

@canAccessDashboard
def index(request):
    """ Merchant settings main page"""
    try:
        return render(request, 'dashboard/merchantsettings.html')
    except Exception as e:
        return HttpResponse('NOK', status=500)

The decorator `canAccessDashboard is as follows:

def canAccessDashboard(func):
    def func_wrapper(*args):
        user = cache.get('UserObj_' + str(args[0].user.id))
        if user is None:
            user = User.objects.get(id=args[0].user.id)
            cache.set('UserObj_' + str(args[0].user.id), user, 300)
        if has_permission(user, "access_dasboard"):
            if not has_permission(user, "add_merchant_address"):
                return render(args[0], 'dashboard/specify_address.html')
            return func(*args)
        return redirect(settings.VERIFY_REGISTRATION_URL)
    return func_wrapper

The issue is that whenever am using the decorator am getting 8 duplicate queries, Below is an extract of queries from django-debug-toolbar:

SELECT ••• FROM "auth_permission" INNER JOIN "auth_user_user_permissions" ON ("auth_permission"."id" = "auth_user_user_permissions"."permission_id") INNER JOIN "django_content_type" ON ("auth_permission"."content_type_id" = "django_content_type"."id") WHERE "auth_user_user_permissions"."user_id" = 16 ORDER BY "django_content_type"."app_label" ASC, "django_content_type"."model" ASC, "auth_permission"."codename" ASC
Duplicated 8 times.

SELECT ••• FROM "auth_permission" WHERE ("auth_permission"."content_type_id" = 4 AND "auth_permission"."codename" = 'add_merchant_address')
Duplicated 8 times

SELECT ••• FROM "auth_permission" WHERE ("auth_permission"."content_type_id" = 4 AND "auth_permission"."codename" = 'immediate_cashout')
Duplicated 8 times.

SELECT ••• FROM "auth_permission" WHERE ("auth_permission"."content_type_id" = 4 AND "auth_permission"."codename" = 'access_dasboard') Duplicated 8 times

It seems it is querying the database for each Permission defined in the available_permissions

available_permissions = {
        'access_dasboard': False,
        'add_merchant_address': False,
        'immediate_cashout': False,
        'update_merchant_address': False
    }

Is it an issue how am using the django-role-permissions ? How can I reduce the duplicate queries?

Thank you.

Kheshav Sewnundun
  • 1,236
  • 15
  • 37
  • The authentication middleware has already fetched `request.user` from the database. You don’t have to cache it. Try removing that code and seeing what queries you get then. – Alasdair Mar 24 '18 at 18:22
  • Removing the cache result in having the same duplicate queries. – Kheshav Sewnundun Mar 25 '18 at 04:52

0 Answers0