Tagging as a bug because current behavior is unacceptable.
Let me start with a sample schema:
type User {
username: String!
}
type Folder
@auth(
query: {
rule: "query($USERNAME: String!) { queryFolder(filter: { owner: {eq: $USERNAME }}) { owner }}"
}
) {
id: String! @id
owner: String! @search(by: [hash])
files: [File!]!
}
type File
@auth(
query: {
rule: "query($USERNAME: String!) { queryFile(filter: { owner: {eq: $USERNAME }}) { owner }}"
}
) {
id: String! @id
owner: String! @search(by: [hash])
name: String! @search(by: [hash])
thumbnail: String!
folderId: String! @search(by: [hash])
}
We have a huge database in our production system. Some Folders will easily have 100k files.
When I now execute the following query:
query {
queryFile(
filter: { name: { in: ["foo", "bar"], folderId: { eq: "2sjf281asf12" } } }
) {
name
thumbnail
}
}
Filenames are unique in our database.
This will take ages to complete on our live system, although only 2 possible files are requested.
And even more importantly: The query time rises when the user has even more files but with different folderId
When I remove the auth rule for type File or include my filter within the auth rule itself (obviously this cannot be the solution), the query latency goes down significantly.
This makes me conclude, that the @auth-rule is overfetching significantly and is not combined with other filters within the query.
This is really, really bad. And I hontestly don’t know why dgraph is advertised as a database that can handle gazillions of terrabytes of data. At least be honest about that this is only valid for DQL and not GraphQL.
tl;dr Dgraph GraphQL Auth is not ready for production
On a different note (but thats a topic on it’s own): When using Pagination, dgraph is also very slow and is probably overfetching like there’s no tomorrow