Optimize access rule processing with caching

Introduced a caching mechanism to the access rule processing in the AuthorizationService, where access rules are now stored in a cache for each user. The caching system significantly reduces the time to process access rules, particularly for users with large numbers of privileges. Extra methods were also added to the AccessRuleService to handle cache evictions when a user's privileges are updated.

pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/AccessRuleService.java

@@ -153,11 +153,30 @@ public Set<AccessRule> getAccessRulesForUserAndApp(User user, Application applic
         return null;
     }
 
-    @CacheEvict(value = "mergedRulesCache", key = "#user.getEmail()")
+    /**
+     * Evicts the user from all AccessRule caches
+     * @param user the user to evict
+     */
     public void evictFromCache(User user) {
+        evictFromMergedAccessRuleCache(user);
+        evictFromPreProcessedAccessRules(user);
+    }
+
+    @CacheEvict(value = "mergedRulesCache", key = "#user.getEmail()")
+    public void evictFromMergedAccessRuleCache(User user) {
         // This method is used to clear the cache for a user when their privileges are updated
     }
 
+    @Cacheable(value = "preProcessedAccessRules", key = "#user.getEmail()")
+    public Set<AccessRule> cachedPreProcessAccessRules(User user, Set<Privilege> privileges) {
+        Set<AccessRule> accessRules = new HashSet<>();
+        for (Privilege privilege : privileges) {
+            accessRules.addAll(privilege.getAccessRules());
+        }
+
+        return preProcessARBySortedKeys(accessRules);
+    }
+
     public Set<AccessRule> preProcessAccessRules(Set<Privilege> privileges) {
         Set<AccessRule> accessRules = new HashSet<>();
         for (Privilege privilege : privileges) {
@@ -167,6 +186,11 @@ public Set<AccessRule> preProcessAccessRules(Set<Privilege> privileges) {
         return preProcessARBySortedKeys(accessRules);
     }
 
+    @CacheEvict(value = "preProcessedAccessRules", key = "#user.getEmail()")
+    public void evictFromPreProcessedAccessRules(User user) {
+        // This method is used to clear the cache for a user when their privileges are updated
+    }
+
     public Set<AccessRule> preProcessARBySortedKeys(Set<AccessRule> accessRules) {
         Map<String, Set<AccessRule>> accessRuleMap = new HashMap<>();
 

pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authentication/FENCEAuthenticationService.java

@@ -4,7 +4,6 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ObjectNode;
-import edu.harvard.hms.dbmi.avillach.auth.entity.Application;
 import edu.harvard.hms.dbmi.avillach.auth.entity.Connection;
 import edu.harvard.hms.dbmi.avillach.auth.entity.Role;
 import edu.harvard.hms.dbmi.avillach.auth.entity.User;

pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/impl/authorization/AuthorizationService.java

@@ -134,7 +134,7 @@ public boolean isAuthorized(Application application, Object requestBody, User us
                 return false;
             }
 
-            accessRules = this.accessRuleService.preProcessAccessRules(privileges);
+            accessRules = this.accessRuleService.cachedPreProcessAccessRules(user, privileges);
             if (accessRules == null || accessRules.isEmpty()) {
                 logger.info("ACCESS_LOG ___ {},{},{} ___ has been granted access to execute query ___ {} ___ in application ___ {} ___ NO ACCESS RULES EVALUATED", user.getUuid().toString(), user.getEmail(), user.getName(), formattedQuery, applicationName);
                 return true;