MCPcopy Index your code
hub / github.com/coder/coder / BenchmarkRBACAuthorize

Function BenchmarkRBACAuthorize

coderd/rbac/authz_test.go:152–176  ·  view source on GitHub ↗

BenchmarkRBACAuthorize benchmarks the rbac.Authorize method. go test -run=^$ -bench '^BenchmarkRBACAuthorize$' -benchmem -memprofile memprofile.out -cpuprofile profile.out

(b *testing.B)

Source from the content-addressed store, hash-verified

150//
151// go test -run=^$ -bench '^BenchmarkRBACAuthorize$' -benchmem -memprofile memprofile.out -cpuprofile profile.out
152func BenchmarkRBACAuthorize(b *testing.B) {
153 benchCases, user, orgs := benchmarkUserCases()
154 users := append([]uuid.UUID{},
155 user,
156 uuid.MustParse("4ca78b1d-f2d2-4168-9d76-cd93b51c6c1e"),
157 uuid.MustParse("0632b012-49e0-4d70-a5b3-f4398f1dcd52"),
158 uuid.MustParse("70dbaa7a-ea9c-4f68-a781-97b08af8461d"),
159 )
160
161 // There is no caching that occurs because a fresh context is used for each
162 // call. And the context needs 'WithCacheCtx' to work.
163 authorizer := rbac.NewStrictCachingAuthorizer(prometheus.NewRegistry())
164 // This benchmarks all the simple cases using just user permissions. Groups
165 // are added as noise, but do not do anything.
166 for _, c := range benchCases {
167 b.Run(c.Name, func(b *testing.B) {
168 objects := benchmarkSetup(orgs, users, b.N)
169 b.ResetTimer()
170 for i := 0; i < b.N; i++ {
171 allowed := authorizer.Authorize(context.Background(), c.Actor, policy.ActionRead, objects[b.N%len(objects)])
172 _ = allowed
173 }
174 })
175 }
176}
177
178// BenchmarkRBACAuthorizeGroups benchmarks the rbac.Authorize method and leverages
179// groups for authorizing rather than the permissions/roles.

Callers

nothing calls this directly

Calls 5

benchmarkUserCasesFunction · 0.85
benchmarkSetupFunction · 0.85
RunMethod · 0.65
AuthorizeMethod · 0.65

Tested by

no test coverage detected