NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit3cc86cf

authored

chore: implement sane default pagination limit for audit logs (#13676)

* chore: implement sane default pagination limit for audit logs

1 parent1a87771 commit3cc86cfCopy full SHA for 3cc86cf

File tree

10 files changed

+78

-45

lines changed

coderd
- audit.go
- audit_test.go
- database
  - dbauthz
    - dbauthz_test.go
  - dbgen
    - dbgen_test.go
  - dbmem
    - dbmem.go
  - querier_test.go
  - queries
    - auditlogs.sql
  - queries.sql.go
- pagination.go
enterprise/audit/backends
- postgres_test.go

10 files changed

+78

-45

lines changed

`‎coderd/audit.go`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -53,8 +53,8 @@ func (api API) auditLogs(rw http.ResponseWriter, r http.Request) {`
`53`	`53`	`})`
`54`	`54`	`return`
`55`	`55`	`}`
`56`		`-filter.Offset=int32(page.Offset)`
`57`		`-filter.Limit=int32(page.Limit)`
	`56`	`+filter.OffsetOpt=int32(page.Offset)`
	`57`	`+filter.LimitOpt=int32(page.Limit)`
`58`	`58`
`59`	`59`	`iffilter.Username=="me" {`
`60`	`60`	`filter.UserID=apiKey.UserID`

`‎coderd/audit_test.go`

Lines changed: 0 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -343,9 +343,6 @@ func TestAuditLogsFilter(t *testing.T) {`
`343`	`343`	`t.Parallel()`
`344`	`344`	`auditLogs,err:=client.AuditLogs(ctx, codersdk.AuditLogsRequest{`
`345`	`345`	`SearchQuery:testCase.SearchQuery,`
`346`		`-Pagination: codersdk.Pagination{`
`347`		`-Limit:25,`
`348`		`-},`
`349`	`346`	`})`
`350`	`347`	`iftestCase.ExpectedError {`
`351`	`348`	`require.Error(t,err,"expected error")`

`‎coderd/database/dbauthz/dbauthz_test.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -263,7 +263,7 @@ func (s *MethodTestSuite) TestAuditLogs() {`
`263`	`263`	`_=dbgen.AuditLog(s.T(),db, database.AuditLog{})`
`264`	`264`	`_=dbgen.AuditLog(s.T(),db, database.AuditLog{})`
`265`	`265`	`check.Args(database.GetAuditLogsOffsetParams{`
`266`		`-Limit:10,`
	`266`	`+LimitOpt:10,`
`267`	`267`	`}).Asserts(rbac.ResourceAuditLog,policy.ActionRead)`
`268`	`268`	`}))`
`269`	`269`	`}`

`‎coderd/database/dbgen/dbgen_test.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ func TestGenerator(t *testing.T) {`
`19`	`19`	`t.Parallel()`
`20`	`20`	`db:=dbmem.New()`
`21`	`21`	`_=dbgen.AuditLog(t,db, database.AuditLog{})`
`22`		`-logs:=must(db.GetAuditLogsOffset(context.Background(), database.GetAuditLogsOffsetParams{Limit:1}))`
	`22`	`+logs:=must(db.GetAuditLogsOffset(context.Background(), database.GetAuditLogsOffsetParams{LimitOpt:1}))`
`23`	`23`	`require.Len(t,logs,1)`
`24`	`24`	`})`
`25`	`25`

`‎coderd/database/dbmem/dbmem.go`

Lines changed: 9 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1965,12 +1965,17 @@ func (q *FakeQuerier) GetAuditLogsOffset(_ context.Context, arg database.GetAudi`
`1965`	`1965`	`q.mutex.RLock()`
`1966`	`1966`	`deferq.mutex.RUnlock()`
`1967`	`1967`
`1968`		`-logs:=make([]database.GetAuditLogsOffsetRow,0,arg.Limit)`
	`1968`	`+ifarg.LimitOpt==0 {`
	`1969`	`+// Default to 100 is set in the SQL query.`
	`1970`	`+arg.LimitOpt=100`
	`1971`	`+}`
	`1972`	`+`
	`1973`	`+logs:=make([]database.GetAuditLogsOffsetRow,0,arg.LimitOpt)`
`1969`	`1974`
`1970`	`1975`	`// q.auditLogs are already sorted by time DESC, so no need to sort after the fact.`
`1971`	`1976`	`for_,alog:=rangeq.auditLogs {`
`1972`		`-ifarg.Offset>0 {`
`1973`		`-arg.Offset--`
	`1977`	`+ifarg.OffsetOpt>0 {`
	`1978`	`+arg.OffsetOpt--`
`1974`	`1979`	`continue`
`1975`	`1980`	`}`
`1976`	`1981`	`ifarg.OrganizationID!=uuid.Nil&&arg.OrganizationID!=alog.OrganizationID {`
`@@ -2047,7 +2052,7 @@ func (q *FakeQuerier) GetAuditLogsOffset(_ context.Context, arg database.GetAudi`
`2047`	`2052`	`Count:0,`
`2048`	`2053`	`})`
`2049`	`2054`
`2050`		`-iflen(logs)>=int(arg.Limit) {`
	`2055`	`+iflen(logs)>=int(arg.LimitOpt) {`
`2051`	`2056`	`break`
`2052`	`2057`	`}`
`2053`	`2058`	`}`

`‎coderd/database/querier_test.go`

Lines changed: 23 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -516,6 +516,29 @@ func TestDefaultOrg(t *testing.T) {`
`516`	`516`	`require.True(t,all[0].IsDefault,"first org should always be default")`
`517`	`517`	`}`
`518`	`518`
	`519`	`+funcTestAuditLogDefaultLimit(t*testing.T) {`
	`520`	`+t.Parallel()`
	`521`	`+iftesting.Short() {`
	`522`	`+t.SkipNow()`
	`523`	`+}`
	`524`	`+`
	`525`	`+sqlDB:=testSQLDB(t)`
	`526`	`+err:=migrations.Up(sqlDB)`
	`527`	`+require.NoError(t,err)`
	`528`	`+db:=database.New(sqlDB)`
	`529`	`+`
	`530`	`+fori:=0;i<110;i++ {`
	`531`	`+dbgen.AuditLog(t,db, database.AuditLog{})`
	`532`	`+}`
	`533`	`+`
	`534`	`+ctx:=testutil.Context(t,testutil.WaitShort)`
	`535`	`+rows,err:=db.GetAuditLogsOffset(ctx, database.GetAuditLogsOffsetParams{})`
	`536`	`+require.NoError(t,err)`
	`537`	`+// The length should match the default limit of the SQL query.`
	`538`	`+// Updating the sql query requires changing the number below to match.`
	`539`	`+require.Len(t,rows,100)`
	`540`	`+}`
	`541`	`+`
`519`	`542`	`// TestReadCustomRoles tests the input params returns the correct set of roles.`
`520`	`543`	`funcTestReadCustomRoles(t*testing.T) {`
`521`	`544`	`t.Parallel()`

`‎coderd/database/queries.sql.go`

Lines changed: 31 additions & 28 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries/auditlogs.sql`

Lines changed: 5 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -116,9 +116,12 @@ WHERE`
`116`	`116`	`ORDER BY`
`117`	`117`	`"time"DESC`
`118`	`118`	`LIMIT`
`119`		`- $1`
	`119`	`+-- a limit of 0 means "no limit". The audit log table is unbounded`
	`120`	`+-- in size, and is expected to be quite large. Implement a default`
	`121`	`+-- limit of 100 to prevent accidental excessively large queries.`
	`122`	`+COALESCE(NULLIF(@limit_opt ::int,0),100)`
`120`	`123`	`OFFSET`
`121`		`-$2;`
	`124`	`+@offset_opt;`
`122`	`125`
`123`	`126`	`-- name: InsertAuditLog :one`
`124`	`127`	`INSERT INTO`

`‎coderd/pagination.go`

Lines changed: 4 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -17,8 +17,10 @@ func parsePagination(w http.ResponseWriter, r *http.Request) (p codersdk.Paginat`
`17`	`17`	`parser:=httpapi.NewQueryParamParser()`
`18`	`18`	`params:= codersdk.Pagination{`
`19`	`19`	`AfterID:parser.UUID(queryParams,uuid.Nil,"after_id"),`
`20`		`-Limit:int(parser.PositiveInt32(queryParams,0,"limit")),`
`21`		`-Offset:int(parser.PositiveInt32(queryParams,0,"offset")),`
	`20`	`+// A limit of 0 should be interpreted by the SQL query as "null" or`
	`21`	`+// "no limit". Do not make this value anything besides 0.`
	`22`	`+Limit:int(parser.PositiveInt32(queryParams,0,"limit")),`
	`23`	`+Offset:int(parser.PositiveInt32(queryParams,0,"offset")),`
`22`	`24`	`}`
`23`	`25`	`iflen(parser.Errors)>0 {`
`24`	`26`	`httpapi.Write(ctx,w,http.StatusBadRequest, codersdk.Response{`

`‎enterprise/audit/backends/postgres_test.go`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,8 +30,8 @@ func TestPostgresBackend(t *testing.T) {`
`30`	`30`	`require.NoError(t,err)`
`31`	`31`
`32`	`32`	`got,err:=db.GetAuditLogsOffset(ctx, database.GetAuditLogsOffsetParams{`
`33`		`-Offset:0,`
`34`		`-Limit:1,`
	`33`	`+OffsetOpt:0,`
	`34`	`+LimitOpt:1,`
`35`	`35`	`})`
`36`	`36`	`require.NoError(t,err)`
`37`	`37`	`require.Len(t,got,1)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit3cc86cf

File tree

10 files changed

10 files changed

`‎coderd/audit.go`

`‎coderd/audit_test.go`

`‎coderd/database/dbauthz/dbauthz_test.go`

`‎coderd/database/dbgen/dbgen_test.go`

`‎coderd/database/dbmem/dbmem.go`

`‎coderd/database/querier_test.go`

`‎coderd/database/queries.sql.go`

`‎coderd/database/queries/auditlogs.sql`

`‎coderd/pagination.go`

`‎enterprise/audit/backends/postgres_test.go`

0 commit comments