[GitHub] [trafficcontrol] rawlinp commented on a change in pull request #5974: Every endpoint that modifies a CDN, or components related to a CDN, needs to be "lock safe"

[GitBox <gi...@apache.org>]

rawlinp commented on a change in pull request #5974:
URL: https://github.com/apache/trafficcontrol/pull/5974#discussion_r658141805



##########
File path: traffic_ops/traffic_ops_golang/cachegroup/cachegroups.go
##########
@@ -611,12 +611,23 @@ func (cg *TOCacheGroup) Update(h http.Header) (error, error, int) {
 		return userErr, sysErr, errCode
 	}
 
+	cdns, err := dbhelpers.GetCDNsForCachegroup(cg.ReqInfo.Tx.Tx, cg.ID)
+	if err != nil {
+		return nil, err, http.StatusInternalServerError
+	}
+	for cdn, _ := range cdns {
+		userErr, sysErr, statusCode := dbhelpers.CheckIfCurrentUserCanModifyCDN(cg.ReqInfo.Tx.Tx, cdn, cg.ReqInfo.User.UserName)

Review comment:
       Just perusing here, but we generally shouldn't make DB calls in a loop like this. It's better to make a _single_ DB query that gets all the stuff we need to check in memory and check everything in memory at once, as opposed to making a DB query per CDN or per delivery service. Especially for things as numerous as delivery services, that can really slow things down and increase load on the DB.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org