perf(permissions): drop duplicate role query; index message list #100

Merged
icub3d merged 1 commit from feature/86-perm-queries-index into main 2026-07-09 02:54:22 +00:00
Owner

Summary

Fixes #86 — two independent perf wins in the permission/message hot path.

1. Duplicate role query
effective_permissions called compute_base_permissions (which already runs list_member_roles) and then ran list_member_roles a second time just to get role ids for channel-override matching. Every message send/list/reaction paid two identical role queries plus the everyone fetch.

compute_base_permissions now also returns the member role ids; effective_permissions reuses them. One role query instead of two.

2. Missing message index
The channel list query filters on (channel_id, thread_id IS NULL) and paginates by id (ORDER BY id DESC, id < ?). The only prior index was (channel_id, created_at), covering neither — SQLite filtered then sorted. Migration 011 adds idx_messages_channel_thread_id (channel_id, thread_id, id).

EXPLAIN QUERY PLAN confirms the paginated query now does SEARCH messages USING INDEX idx_messages_channel_thread_id instead of a scan+sort.

Tests

  • member_role_channel_override_is_applied: a channel override targeting a non-everyone role the user holds still denies correctly — exercises the reused role-id path.
  • Existing channel_override_can_deny_sending_messages (everyone path) still passes.

Full server suite green (116 tests); clippy -D warnings clean.

Closes #86

## Summary Fixes #86 — two independent perf wins in the permission/message hot path. **1. Duplicate role query** `effective_permissions` called `compute_base_permissions` (which already runs `list_member_roles`) and then ran `list_member_roles` a *second* time just to get role ids for channel-override matching. Every message send/list/reaction paid two identical role queries plus the `everyone` fetch. `compute_base_permissions` now also returns the member role ids; `effective_permissions` reuses them. One role query instead of two. **2. Missing message index** The channel list query filters on `(channel_id, thread_id IS NULL)` and paginates by `id` (`ORDER BY id DESC`, `id < ?`). The only prior index was `(channel_id, created_at)`, covering neither — SQLite filtered then sorted. Migration `011` adds `idx_messages_channel_thread_id (channel_id, thread_id, id)`. `EXPLAIN QUERY PLAN` confirms the paginated query now does `SEARCH messages USING INDEX idx_messages_channel_thread_id` instead of a scan+sort. ## Tests - `member_role_channel_override_is_applied`: a channel override targeting a non-`everyone` role the user holds still denies correctly — exercises the reused role-id path. - Existing `channel_override_can_deny_sending_messages` (everyone path) still passes. Full server suite green (116 tests); `clippy -D warnings` clean. Closes #86
perf(permissions): drop duplicate role query; index message list
Some checks failed
Security Audit / Gitleaks (Secrets) (pull_request) Successful in 10s
Security Audit / PNPM Audit (JS SCA) (pull_request) Failing after 22s
Security Audit / Trivy (SCA & IaC) (pull_request) Failing after 26s
CI / Client — test & lint (pull_request) Successful in 46s
Security Audit / Semgrep (SAST) (pull_request) Failing after 53s
CI / Server — test & lint (pull_request) Successful in 2m55s
Security Audit / Cargo Audit (Rust SCA) (pull_request) Failing after 5m52s
05fd11e5f5
effective_permissions called compute_base_permissions (which already runs
list_member_roles) and then ran list_member_roles a second time just to get
role ids for channel-override matching. Every message send/list/reaction
paid two identical role queries.

- compute_base_permissions now also returns the member role ids, and
  effective_permissions reuses them for override matching (one role query
  instead of two).
- Add index idx_messages_channel_thread_id (channel_id, thread_id, id).
  The channel list query filters on (channel_id, thread_id IS NULL) and
  paginates by id; the only prior index was (channel_id, created_at), which
  forced a filter-then-sort. EXPLAIN QUERY PLAN confirms the new index is
  used.

Test: a channel override targeting a non-everyone role the user holds still
applies (exercises the reused role-id path).

Closes #86

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
icub3d merged commit 6e13e3dd2a into main 2026-07-09 02:54:22 +00:00
icub3d deleted branch feature/86-perm-queries-index 2026-07-09 02:54:22 +00:00
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
icub3d/decentcom!100
No description provided.