DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge pull request #9681 from demarches-simplifiees/add_token_id_to_graphql_logs

Browse source 
Tech: ajoute l'identifiant du jeton api utilisé lors de requête à l'api graphql
This commit is contained in:
LeSim 2023-11-08 16:58:48 +00:00 committed by GitHub
commit 6ade116a0e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 36 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/v2/base_controller.rb
View file

@ -20,8 +20,6 @@ class API::V2::BaseController < ApplicationController
end
end
private
def graphql_web_interface_context
{
administrateur_id: current_administrateur.id,

4
app/controllers/api/v2/dossiers_controller.rb
View file

@ -14,10 +14,10 @@ class API::V2::DossiersController < API::V2::BaseController
private
def append_info_to_payload(payload)
def request_logs(logs)
super
if dossier.present?
payload.merge!(ds_dossier_id: dossier.id.to_s, ds_procedure_id: dossier.procedure.id.to_s)
logs.merge!(ds_dossier_id: dossier.id.to_s, ds_procedure_id: dossier.procedure.id.to_s)
end
end

10
app/controllers/api/v2/graphql_controller.rb
View file

@ -18,16 +18,10 @@ class API::V2::GraphqlController < API::V2::BaseController
private
def append_info_to_payload(payload)
# if on the graphql playground, authenticate via devise
# if authenticate by a v2 or v3 token
# @current_user is set by `api_v2_base_controller.authenticate_administrateur_from_token`
# else it is set on `context.authorized_demarche`
@current_user ||= Current.user
def request_logs(logs)
super
payload.merge!(@query_info.presence || {})
logs.merge!(@query_info.presence || {})
end
def process_action(*args)

13
app/controllers/application_controller.rb
View file

@ -224,23 +224,26 @@ class ApplicationController < ActionController::Base
def append_info_to_payload(payload)
super
payload.merge!({
payload[:to_log] = {}
request_logs(payload[:to_log])
end
def request_logs(logs)
logs.merge!({
user_agent: request.user_agent,
user_id: current_user&.id,
user_roles: current_user_roles,
client_ip: request.headers['X-Forwarded-For'],
request_id: request.headers['X-Request-ID']
}.compact)
})
if browser.known?
payload.merge!({
logs.merge!({
browser: browser.name,
browser_version: browser.version.to_s,
platform: browser.platform.name
})
end
payload
end
def reject

8
app/controllers/manager/application_controller.rb
View file

@ -38,21 +38,21 @@ module Manager
def append_info_to_payload(payload)
super
payload.merge!({
to_log = {
user_agent: request.user_agent,
user_id: current_user&.id,
user_email: current_user&.email
}.compact)
}
if browser.known?
payload.merge!({
to_log.merge!({
browser: browser.name,
browser_version: browser.version.to_s,
platform: browser.platform.name
})
end
payload
payload[:to_log] = to_log
end
end
end

3
app/graphql/api/v2/context.rb
View file

@ -61,7 +61,8 @@ class API::V2::Context < GraphQL::Query::Context
graphql_variables: query.provided_variables&.to_json,
graphql_mutation: mutation?,
graphql_null_error: errors.any? { _1.is_a? GraphQL::InvalidNullError }.presence,
graphql_timeout_error: errors.any? { _1.is_a? GraphQL::Schema::Timeout::TimeoutError }.presence
graphql_timeout_error: errors.any? { _1.is_a? GraphQL::Schema::Timeout::TimeoutError }.presence,
graphql_api_token_id: self[:api_token_id]
}.compact
end

1
app/models/api_token.rb
View file

@ -8,6 +8,7 @@ class APIToken < ApplicationRecord
def context
{
administrateur_id:,
api_token_id: id,
procedure_ids:,
write_access:
}

24
config/initializers/lograge.rb
View file

@ -6,30 +6,18 @@ Rails.application.configure do
# injected by ansible.
if !config.lograge.custom_options
config.lograge.custom_options = lambda do |event|
{
hash = {
type: 'tps',
source: ENV['SOURCE'],
tags: ['request', event.payload[:exception] ? 'exception' : nil].compact,
user_id: event.payload[:user_id],
user_email: event.payload[:user_email],
user_roles: event.payload[:user_roles],
user_agent: event.payload[:user_agent],
graphql_query: event.payload[:graphql_query],
graphql_variables: event.payload[:graphql_variables],
graphql_null_error: event.payload[:graphql_null_error],
graphql_timeout_error: event.payload[:graphql_timeout_error],
graphql_mutation: event.payload[:graphql_mutation],
ds_procedure_id: event.payload[:ds_procedure_id],
ds_dossier_id: event.payload[:ds_dossier_id],
browser: event.payload[:browser],
browser_version: event.payload[:browser_version],
platform: event.payload[:platform],
client_ip: event.payload[:client_ip],
request_id: event.payload[:request_id],
process: {
pid: Process.pid
}
}.compact
}
hash.merge!(event.payload[:to_log])
hash.compact
end
config.lograge.custom_payload do |controller|

6
spec/controllers/application_controller_spec.rb
View file

@ -40,7 +40,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key)
end
expect(payload).to eq({
expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing',
user_roles: 'Guest'
})
@ -59,7 +59,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key)
end
expect(payload).to eq({
expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing',
user_id: current_user.id,
user_roles: 'User'
@ -82,7 +82,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key)
end
expect(payload).to eq({
expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing',
user_id: current_user.id,
user_roles: 'User, Instructeur, Administrateur, SuperAdmin'

2
spec/controllers/manager/application_controller_spec.rb
View file

@ -13,7 +13,7 @@ describe Manager::ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key)
end
expect(payload).to eq({
expect(payload[:to_log]).to eq({
user_agent: 'Rails Testing',
user_id: current_user.id,
user_email: current_user.email

14
spec/models/api_token_spec.rb
View file

@ -14,7 +14,7 @@ describe APIToken, type: :model do
expect(api_token.version).to eq(3)
expect(api_token.write_access?).to eq(true)
expect(api_token.procedure_ids).to eq([])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
expect(api_token.full_access?).to be_truthy
end
@ -22,7 +22,7 @@ describe APIToken, type: :model do
before { api_token.update(write_access: false) }
it do
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: false)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: false, api_token_id: api_token.id)
end
end
@ -38,7 +38,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_truthy
expect(api_token.procedure_ids).to eq([procedure.id])
expect(api_token.procedures).to eq([procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true, api_token_id: api_token.id)
end
context 'and another procedure, but access only to the first one' do
@ -54,7 +54,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to match_array([procedure.id])
expect(api_token.targetable_procedures).to eq([other_procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true, api_token_id: api_token.id)
end
context 'and then gain full access' do
@ -83,7 +83,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end
end
@ -100,7 +100,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end
end
@ -119,7 +119,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([other_procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true)
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end
end
end