Hello. By default django request.user is lazy object so when we don't
access it - it doesn't hit database. But in ImpersonateMiddleware we
have 2 places that "disable" this behaviour:
class ImpersonateMiddleware(MiddlewareMixin):
def process_request(self, request):
request.user.is_impersonate = False # <----- this one
request.impersonator = None
if is_authenticated(request.user) and \ # <----- and this one
'_impersonate' in request.session:
new_user_id = request.session['_impersonate']
.....
As a quick-and-dirty fix we can just remove the first line - but in
client code we would access this param as `getattr(request.user,
'is_impersonate', False)`.
The second one is solved by placing `'_impersonate' in
request.session` as a first condition.
I think for many people impersonated requests are a very little amount
of the whole load so it could help to improve performance.
Thanks.
Interesting catch. I have some thoughts below.
On 12/21, Илья wrote:
>class ImpersonateMiddleware(MiddlewareMixin):
> def process_request(self, request):
> request.user.is_impersonate = False # <----- this one
> request.impersonator = None
>
> if is_authenticated(request.user) and \ # <----- and this one
> '_impersonate' in request.session:
> new_user_id = request.session['_impersonate']
> .....
>
>As a quick-and-dirty fix we can just remove the first line - but in
>client code we would access this param as `getattr(request.user,
>'is_impersonate', False)`.
The issue with changing this is it will break the "API" (if we want to
call it that) of the app and no doubt break deployments for end users
who are expecting this value.
>The second one is solved by placing `'_impersonate' in
>request.session` as a first condition.
This makes sense. I've pushed this change.
>I think for many people impersonated requests are a very little amount
>of the whole load so it could help to improve performance.
Agreed that every query counts. Though the single query probably isn't
the end of the world for 99.9% of cases.