yetitwo
05/21/2025, 9:01 PMyetitwo
05/21/2025, 9:01 PMJoey
05/21/2025, 9:18 PMzed
tabTim
05/21/2025, 9:33 PMJoey
05/21/2025, 10:28 PMTim
05/21/2025, 10:59 PMJoey
05/21/2025, 10:59 PMTim
05/21/2025, 11:13 PMread
permission and read_by_territory
.
How do i merge them into a single permission?
I tried using caveats but didn't succeed. Any help is greatly appreciated.
definition user {}
definition account {
relation location: territory
relation reader: user
permission read = reader
permission read_by_territory = read & location->assigned
}
definition territory {
relation assigned_to: user
permission assigned = assigned_to
}Nixon
05/22/2025, 4:18 AMJoey
05/22/2025, 4:40 AMJoey
05/22/2025, 4:41 AMNixon
05/22/2025, 1:14 PMLuckyBaymax
05/22/2025, 4:35 PMgsimas
05/22/2025, 5:58 PMv.k
05/23/2025, 9:24 AMGuillaume Berche
05/23/2025, 2:33 PMdemonslayer134
05/26/2025, 6:28 AMBee
05/27/2025, 5:35 AMcaifu
05/27/2025, 6:52 AMcaifu
05/27/2025, 6:53 AMdemonslayer134
05/27/2025, 7:14 AMdemonslayer134
05/27/2025, 9:05 AMpepegar
05/27/2025, 9:10 AMzed permission lookup-resources document can_comment user:$uuid --page-limit 100
(can comment is a permission backed by a relation that allows for user:*, just in case it makes any difference)
We get a flamegraph that looks like this (see attached). The strange thing is that the sql queries occur during the 1st ~10ms of the request, but then the request hangs for 30s, until it times out on server side.
Do you know what can be causing this? should we just discourage the use of lookup resources for wildcard-backed relations?
https://cdn.discordapp.com/attachments/844600078948630559/1376849986460979313/CleanShot_2025-05-27_at_10.08.06.png?ex=6836d2f9&is=68358179&hm=d7e08c9480a952fb7138c84293967c4f0e5026cece0c7090bdc934ba636fa971&Tom C
05/27/2025, 2:05 PMrpc error: code = DeadlineExceeded desc = received context error while waiting for new LB policy update: context deadline exceeded
We have the gRPC shutdown grace period set to 5s currently.yetitwo
05/27/2025, 2:26 PMyetitwo
05/27/2025, 2:26 PMat_exact_snapshot
, postgres needs to keep around rows that have been deleted, so deletes don't actually remove rows from the databaseyetitwo
05/27/2025, 2:26 PMdeleted_xid
columnB
05/27/2025, 3:41 PMyetitwo
05/27/2025, 3:48 PMToi
05/27/2025, 5:25 PM