This is the first cut of a simple memoization for the
Security::hasPermission call.

It has logging enabled at error level so it should
make it to a log file with default log level settings.

I use the following commands on the log file to determine
HIT/MISS/SKIP counts.

    sed -ne 's/^.*HIT//p' <logfile> | sort | uniq -c | sort -nr  | less

to see the permission HITs in order of most hit. Change HIT to SKIP
or MISS to see the other stats.

Replace the first 'sort' with wc -l to get total numbers.

I also have code to count the Role::hasPermission calls. I am seeing
a decrease of 75% on some pages. Probably because the permission I am
looking for is at the end of a stack of them.

I run under roundup-server in fork mode. So the cache gets collected
on every connection. As a result I have not tried limiting the
cache size.

  https://medium.com/@ireneziwang/solving-lru-cache-with-pythons-built-in-ordereddict-class-d76e0c82d3b6

is a workable proposal that can be done with a regular dict (in
Python 3.7 or newer) if other ways of running Roundup cause a lot
of memory use in the dict. Using:

   self.cache[cache_key_tuple] = self.cache.pop(cache_key_tuple)

on a hit should keep the most recently used key at the end and
the lru keys at the beginning of the dict. This replaces the
move_to_end() method on an OrderedDict.

There is also a patch to test_mailgw.py. One of the tests changes the
permissions inside the test. So the hasPermission cache needs to be
wiped for each subtest scenario.

It would be good to get this tested under other long running
operational scenarios: wsgi, Zope, mod_python, roundup-server
in threads mode probably cover the likely scenarios.