[Fixes #13496] Performance Optimization for Map API Implementing cache (#13506)

* [Fixes #13496] permission caching of map api

* [Fixes #13496] formated with black

Author: sijandh35

geonode/base/api/tests.py

@@ -3929,3 +3929,44 @@ def test_download_metadata_xml_authenticated_user_without_permission(self):
         response = self.client.get(url)
         # user is authenticated but dont have permission
         self.assertEqual(response.status_code, 403)
+
+
+class MapCachingTest(GeoNodeBaseTestSupport):
+
+    def setUp(self):
+        super().setUp()
+        self.user = get_user_model().objects.create_user(username="test_user_123", password="password")
+        self.map = create_single_map(owner=self.user, title="test map", name="test_map")
+        self.datasets = [create_single_dataset(name=f"dataset_{i}", owner=self.user) for i in range(5)]
+        for i, dataset in enumerate(self.datasets):
+            MapLayer.objects.create(map=self.map, name=dataset.name, dataset=dataset, order=i)
+            perm_spec = {
+                "users": {
+                    self.user.username: [
+                        "view_resourcebase",
+                    ]
+                },
+                "groups": {},
+            }
+            dataset.set_permissions(perm_spec)
+
+    def test_map_layer_permission_caching(self):
+        self.client.login(username="test_user_123", password="password")
+        url = f"/api/v2/maps/{self.map.pk}/?api_preset=viewer_common&api_preset=map_viewer"
+
+        # First call, should cache permissions
+        response1 = self.client.get(url)
+        self.assertEqual(response1.status_code, 200)
+        data1 = response1.json()
+
+        # Second call, should use cached permissions
+        response2 = self.client.get(url)
+        self.assertEqual(response2.status_code, 200)
+        data2 = response2.json()
+
+        # Check that the responses are the same
+        self.assertEqual(data1.keys(), data2.keys())
+
+        # Check that the permissions in the layers are the same
+        for layer1, layer2 in zip(data1["map"]["maplayers"], data2["map"]["maplayers"]):
+            self.assertEqual(layer1["dataset"]["perms"], layer2["dataset"]["perms"])

geonode/maps/api/serializers.py

@@ -27,12 +27,12 @@
     DetailUrlField,
     BaseDynamicModelSerializer,
     ResourceBaseSerializer,
-    PermsSerializer,
     LinksSerializer,
 )
 from geonode.layers.api.serializers import FeatureInfoTemplateField, StyleSerializer
 from geonode.layers.models import Dataset
 from geonode.maps.models import Map, MapLayer
+from geonode.security.registry import permissions_registry
 
 logger = logging.getLogger(__name__)
 
@@ -102,7 +102,7 @@ class MapLayerDatasetSerializer(DynamicModelSerializer):
     styles = DynamicRelationField(StyleSerializer, embed=True, many=True, read_only=True)
     featureinfo_custom_template = FeatureInfoTemplateField()
 
-    perms = DynamicRelationField(PermsSerializer, source="id", read_only=True)
+    perms = serializers.SerializerMethodField(read_only=True)
     links = DynamicRelationField(LinksSerializer, source="id", read_only=True)
 
     class Meta:
@@ -121,6 +121,18 @@ class Meta:
             "ptype",
         )
 
+    def get_perms(self, instance):
+        """
+        Returns the permissions for the dataset instance using  cache.
+        """
+        request = self.context.get("request")
+        permissions = (
+            permissions_registry.get_perms(instance=instance, user=request.user, use_cache=True)
+            if request and request.user and instance
+            else []
+        )
+        return permissions
+
 
 class MapLayerSerializer(DynamicModelSerializer):
     dataset = DynamicRelationField(MapLayerDatasetSerializer, embed=True)