perf: Requesting less db columns when calculating collection permissions (#3498)

perf: Not looping collection documentStructure for unpublish permission calculation
2022-05-15 06:46:24 -07:00
parent 36a3ae4b01
commit 8815a58ff5
5 changed files with 43 additions and 30 deletions
--- a/server/routes/api/documents.ts
+++ b/server/routes/api/documents.ts
@@ -175,7 +175,7 @@ router.post("documents.archived", auth(), pagination(), async (ctx) => {
  const { user } = ctx.state;
  const collectionIds = await user.collectionIds();
  const collectionScope: Readonly<ScopeOptions> = {
-    method: ["withCollection", user.id],
+    method: ["withCollectionPermissions", user.id],
  };
  const viewScope: Readonly<ScopeOptions> = {
    method: ["withViews", user.id],
@@ -221,7 +221,7 @@ router.post("documents.deleted", auth(), pagination(), async (ctx) => {
    paranoid: false,
  });
  const collectionScope: Readonly<ScopeOptions> = {
-    method: ["withCollection", user.id],
+    method: ["withCollectionPermissions", user.id],
  };
  const viewScope: Readonly<ScopeOptions> = {
    method: ["withViews", user.id],
@@ -359,7 +359,7 @@ router.post("documents.drafts", auth(), pagination(), async (ctx) => {
  }

  const collectionScope: Readonly<ScopeOptions> = {
-    method: ["withCollection", user.id],
+    method: ["withCollectionPermissions", user.id],
  };
  const documents = await Document.scope([
    "defaultScope",
@@ -710,7 +710,7 @@ router.post("documents.search_titles", auth(), pagination(), async (ctx) => {
      method: ["withViews", user.id],
    },
    {
-      method: ["withCollection", user.id],
+      method: ["withCollectionPermissions", user.id],
    },
  ]).findAll({
    where: {
@@ -1219,6 +1219,11 @@ router.post("documents.unpublish", auth(), async (ctx) => {
  });
  authorize(user, "unpublish", document);

+  const childDocumentIds = await document.getChildDocumentIds();
+  if (childDocumentIds.length > 0) {
+    throw InvalidRequestError("Cannot unpublish document with child documents");
+  }
+
  await document.unpublish(user.id);
  await Event.create({
    name: "documents.unpublish",
--- a/server/routes/api/shares.ts
+++ b/server/routes/api/shares.ts
@@ -17,7 +17,7 @@ router.post("shares.info", auth(), async (ctx) => {
  const { user } = ctx.state;
  const shares = [];
  const share = await Share.scope({
-    method: ["withCollection", user.id],
+    method: ["withCollectionPermissions", user.id],
  }).findOne({
    where: id
      ? {
@@ -58,13 +58,17 @@ router.post("shares.info", auth(), async (ctx) => {
  }

  if (documentId) {
-    const document = await Document.scope("withCollection").findByPk(
-      documentId
-    );
+    const document = await Document.unscoped()
+      .scope("withCollection")
+      .findOne({
+        where: {
+          id: documentId,
+        },
+      });
    const parentIds = document?.collection?.getDocumentParents(documentId);
    const parentShare = parentIds
      ? await Share.scope({
-          method: ["withCollection", user.id],
+          method: ["withCollectionPermissions", user.id],
        }).findOne({
          where: {
            documentId: parentIds,
@@ -177,7 +181,7 @@ router.post("shares.update", auth(), async (ctx) => {

  // fetch the share with document and collection.
  const share = await Share.scope({
-    method: ["withCollection", user.id],
+    method: ["withCollectionPermissions", user.id],
  }).findByPk(id);

  authorize(user, "update", share);