0

I am designing a table that has a jsonb column realizing permissions with the following format:

[
    {"role": 5, "perm": "view"},
    {"role": 30, "perm": "edit"},
    {"role": 52, "perm": "view"}
]

TL;DR

How do I convert such jsonb value into an SQL array of integer roles? In this example, it would be '{5,30,52}'::int[]. I have some solutions but none are fast enough. Keep reading...

Each logged-in user has some roles (one or more). The idea is to filter the records using the overlap operator (&&) on int[].

SELECT * FROM data WHERE extract_roles(access) && '{1,5,17}'::int[]

I am looking for the extract_roles function/expression that can also be used in the definition of an index:

CREATE INDEX data_roles ON data USING gin ((extract_roles(access)))

jsonb in Postgres seems to have broad support for building and transforming but less for extracting values - SQL arrays in this case.

What I tried:

create or replace function extract_roles(access jsonb) returns int[]
    language sql
    strict
    parallel safe
    immutable
-- with the following bodies:

-- (0) 629ms
select translate(jsonb_path_query_array(access, '$.role')::text, '[]', '{}')::int[]

-- (1) 890ms
select array_agg(r::int) from jsonb_path_query(access, '$.role') r

-- (2) 866ms
select array_agg((t ->> 'role')::int) from jsonb_array_elements(access) as x(t)

-- (3) 706ms
select f1 from jsonb_populate_record(row('{}'::int[]), jsonb_build_object('f1', jsonb_path_query_array(access, '$.role'))) as x (f1 int[])

When the index is used, the query is fast. But there are two problems with these expressions:

  1. some of the functions are only stable and not immutable; this also applies to cast. Am I allowed to mark my function as immutable? The immutability is required by the index definition.
  2. they are slow; the planner does not use the index in some scenarios, and then the query can become really slow (times above are on a table with 3M records):
explain (analyse)
select id, access
from data
where extract_roles(access) && '{-3,99}'::int[]
order by id
limit 100

with the following plan (same for all variants above; prefers scanning the index associated with the primary key, gets sorted results and hopes that it finds 100 of them soon):

Limit  (cost=1000.45..2624.21 rows=100 width=247) (actual time=40.668..629.193 rows=100 loops=1)
  ->  Gather Merge  (cost=1000.45..476565.03 rows=29288 width=247) (actual time=40.667..629.162 rows=100 loops=1)
        Workers Planned: 2
        Workers Launched: 2
        ->  Parallel Index Scan using data_pkey on data  (cost=0.43..472184.44 rows=12203 width=247) (actual time=25.522..513.463 rows=35 loops=3)
              Filter: (extract_roles(access) && '{-3,99}'::integer[])
              Rows Removed by Filter: 84918
Planning Time: 0.182 ms
Execution Time: 629.245 ms

Removing the LIMIT clause is paradoxically fast:

Gather Merge  (cost=70570.65..73480.29 rows=24938 width=247) (actual time=63.263..75.710 rows=40094 loops=1)
  Workers Planned: 2
  Workers Launched: 2
  ->  Sort  (cost=69570.63..69601.80 rows=12469 width=247) (actual time=59.870..61.569 rows=13365 loops=3)
        Sort Key: id
        Sort Method: external merge  Disk: 3744kB
        Worker 0:  Sort Method: external merge  Disk: 3232kB
        Worker 1:  Sort Method: external merge  Disk: 3160kB
        ->  Parallel Bitmap Heap Scan on data  (cost=299.93..68722.36 rows=12469 width=247) (actual time=13.823..49.336 rows=13365 loops=3)
              Recheck Cond: (extract_roles(access) && '{-3,99}'::integer[])
              Heap Blocks: exact=9033
              ->  Bitmap Index Scan on data_roles  (cost=0.00..292.44 rows=29926 width=0) (actual time=9.429..9.430 rows=40094 loops=1)
                    Index Cond: (extract_roles(access) && '{-3,99}'::integer[])
Planning Time: 0.234 ms
Execution Time: 77.719 ms

Is there any better and faster way to extract int[] from a jsonb? Because I cannot rely on the planner always using the index. Playing with COST of the extract_roles function helps a bit (planner starts using the index for LIMIT 1000) but even an insanely high value does not force the index for LIMIT 100.

Comments:

If there is not, I will probably store the information in another column roles int[], which is fast but takes extra space and requires extra treatment (can be solved using generated columns on Postgres 12+, which Azure still does not provide, or a trigger, or in the application logic).

Looking into the future, will there be any better support in Postgres 15? Maybe JSON_QUERY but I don’t see any immediate improvement because its RETURNING clause probably refers to the whole result and not its elements.

Maybe jsonb_populate_record could also consider non-composite types (its signature allows it) such as:

select jsonb_populate_record(null::int[], '[123,456]'::jsonb)

The two closest questions are:

Reaction to suggested normalization:

Normalization is probably not viable. But let's follow the train of thoughts.

I assume that the extra table would look like this: *_perm (id, role, perm). There would be an index on id and another index on role.

Because a user has multiple roles, it could join multiple records for the same id, which would cause multiplication of the records in the data table and force a group by aggregation.

A group by is bad for performance because it prevents some optimizations. I am designing a building block. So there can be for example two data tables at play:

select pd.*, jsonb_agg(to_jsonb(pp))
from posts_data pd
join posts_perm pp on pd.id = pp.id
where exists(
    select 1
    from comments_data cd on cd.post_id = pd.id
    join comments_perm cp on cp.id = cd.id
    where cd.reputation > 100
    and cp.role in (3,34,52)
    -- no group by needed due to semi-join
)
and cp.role in (3,34,52)
group by pd.id
order by pd.title
limit 10

If I am not mistaken, this query will require the aggregation of all records before they are sorted. No index can help here. That will never be fast with millions of records. Moreover, there is non-trivial logic behind group by usage - it is not always needed.

What if we did not need to return the permissions but only cared about its existence?

select pd.*
from posts_data pd
where exists(
    select 1
    from posts_perm pp on pd.id = pp.id
    where cp.role in (3,34,52)
)
and exists(
    select 1
    from comments_data cd on cd.post_id = pd.id
    where exists(
        select 1
        from comments_perm cp on cp.id = cd.id
        where cp.role in (3,34,52)
    )
    and cd.reputation > 100
)
order by pd.title
limit 10

Then we don't need any aggregation - the database will simply issue a SEMI-JOIN. If there is an index on title, the database may consider using it. We can even fetch the permissions in the projection; something like this:

select pd.*, (select jsonb_agg(to_jsonb(pp)) from posts_perm pp on pd.id = pp.id) perm
...

Where a nested-loop join will be issued for only the few (10) records. I will test this approach.

Another option is to keep the data in both tables - the data table would only store an int[] of roles. Then we save a JOIN and only fetch from the permission table at the end. Now we need an index that supports array operations - GIN.

select pd.*, (select jsonb_agg(to_jsonb(pp)) from posts_perm pp on pd.id = pp.id) perm
from posts_data pd
where pd.roles && '{3,34,52}'::int[]
and exists(
    select 1
    from comments_data cd on cd.post_id = pd.id
    where cd.roles && '{3,34,52}'::int[]
    and cd.reputation > 100
)
order by pd.title
limit 10

Because we always aggregate all permissions for the returned records (their interpretation is in the application and does not matter that we return all of them), we can store the post_perms as a json. Because we never need to work with the values in SQL, storing them directly in the data table seems reasonable.

We will need to support some bulk-sharing operations later that update the permissions for many records, but that is much rarer than selects. Because of this we could favor jsonb instead.

The projection does not need the select of permissions anymore:

select pd.*
...

But now the roles column is redundant - we have the same information in the same table, just in JSON format. If we can write a function that extracts just the roles, we can directly index it.

And we are back at the beginning. But it looks like the extract_roles function is never going to be fast, so we need to keep roles column.

Another reason for keeping permissions in the same table is the possibility of combining multiple indices using Bitmap And and avoiding a join.

There will be a huge bias in the roles. Some are going to be present on almost all rows (admin can edit everything), others will be rare (John Doe can only access these 3 records that were explicitly shared with him). I am not sure how well statistics will work on the int[] approach but so far my tests show that the GIN index is used when the role is infrequent (high selectivity).

Improve this question
6
  • why using json at all, as every extraction will cost time. Commented Apr 23, 2022 at 21:20
  • 1
    This would be extremely easy (and probably more efficient as well) using a properly normalized data model Commented Apr 23, 2022 at 21:47
  • @a_horse_with_no_name - I tried to explore the normalized approach (see the edit) without running any queries yet. Are my thoughts reasonable? Commented Apr 24, 2022 at 10:40
  • "they are slow; the planner does not use the index in some scenarios," Did you ANALYZE the table after creating the expression index? Commented Apr 24, 2022 at 15:34
  • "using generated columns on Postgres 12+, which Azure still does not provide" I would assume anything that has not progressed beyond v11 by now is some dead-end legacy system, and I would not want to develop against it anymore. Their "Flexible Server" currently goes up to to v13. Commented Apr 24, 2022 at 18:51

2 Answers 2

Reset to default
0

It looks like the core problem here is the classic one with WHERE...ORDER BY...LIMIT, that the planner assumes all of the qualifying rows are scattered evenly throughout the ordering. But that isn't the case here: rows meeting your && condition are selectively deficient in low-numbered "id". So it has to walk that index far farther than it thought it would need to before it catches the LIMIT.

There is nothing you can do (in any version) to get the planner to estimate that better. You could just prevent that index from being used by rewriting it to order by id+0. But then it wouldn't use that plan even when it would truly be faster, like the admin who is on everything. (Which by the way seems like a bad idea--an exceptional user should probably be handled exceptionally, not shoehorned into the normal system).

The immutable extraction function certainly is slow, but if the above planning problem were fixed that wouldn't matter. Making the function faster would probably require some compiled code, and Azure surely would not let you link the .so file into their managed server.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Because the JSON has a regular structure (int, text), I also considered two alternative storages:

  • create a composite type role of (int, text) and store the array role[]; extract_roles function is still needed;
  • store two arrays int[] and text[].

The latter one won for the following reasons:

  • smallest disk space (important for queries that require seq scan);
  • no need for extract_roles function - the int array is stored directly;
  • no need for functional index;
  • easy append (but same is true for JSON);
  • the library that I am using (jOOQ) has a good binding for arrays so working with them may even be more pleasant than with a JSON.

Disadvantages are:

  • harder remove - need to unnest and reaggregate.
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.