DGNum/demarches-normaliennes
13
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge pull request #9681 from demarches-simplifiees/add_token_id_to_graphql_logs

Browse source 
Tech: ajoute l'identifiant du jeton api utilisé lors de requête à l'api graphql
This commit is contained in:
LeSim 2023-11-08 16:58:48 +00:00 committed by GitHub
commit 6ade116a0e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 36 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/v2/base_controller.rb
View file

@ -20,8 +20,6 @@ class API::V2::BaseController < ApplicationController
end end
end end
private
def graphql_web_interface_context def graphql_web_interface_context
{ {
administrateur_id: current_administrateur.id, administrateur_id: current_administrateur.id,

4
app/controllers/api/v2/dossiers_controller.rb
View file

@ -14,10 +14,10 @@ class API::V2::DossiersController < API::V2::BaseController
private private
def append_info_to_payload(payload) def request_logs(logs)
super super
if dossier.present? if dossier.present?
payload.merge!(ds_dossier_id: dossier.id.to_s, ds_procedure_id: dossier.procedure.id.to_s) logs.merge!(ds_dossier_id: dossier.id.to_s, ds_procedure_id: dossier.procedure.id.to_s)
end end
end end

10
app/controllers/api/v2/graphql_controller.rb
View file

@ -18,16 +18,10 @@ class API::V2::GraphqlController < API::V2::BaseController
private private
def append_info_to_payload(payload) def request_logs(logs)
# if on the graphql playground, authenticate via devise
# if authenticate by a v2 or v3 token
# @current_user is set by `api_v2_base_controller.authenticate_administrateur_from_token`
# else it is set on `context.authorized_demarche`
@current_user ||= Current.user
super super
payload.merge!(@query_info.presence || {}) logs.merge!(@query_info.presence || {})
end end
def process_action(*args) def process_action(*args)

13
app/controllers/application_controller.rb
View file

@ -224,23 +224,26 @@ class ApplicationController < ActionController::Base
def append_info_to_payload(payload) def append_info_to_payload(payload)
super super
payload.merge!({ payload[:to_log] = {}
request_logs(payload[:to_log])
end
def request_logs(logs)
logs.merge!({
user_agent: request.user_agent, user_agent: request.user_agent,
user_id: current_user&.id, user_id: current_user&.id,
user_roles: current_user_roles, user_roles: current_user_roles,
client_ip: request.headers['X-Forwarded-For'], client_ip: request.headers['X-Forwarded-For'],
request_id: request.headers['X-Request-ID'] request_id: request.headers['X-Request-ID']
}.compact) })
if browser.known? if browser.known?
payload.merge!({ logs.merge!({
browser: browser.name, browser: browser.name,
browser_version: browser.version.to_s, browser_version: browser.version.to_s,
platform: browser.platform.name platform: browser.platform.name
}) })
end end
payload
end end
def reject def reject

8
app/controllers/manager/application_controller.rb
View file

@ -38,21 +38,21 @@ module Manager
def append_info_to_payload(payload) def append_info_to_payload(payload)
super super
payload.merge!({ to_log = {
user_agent: request.user_agent, user_agent: request.user_agent,
user_id: current_user&.id, user_id: current_user&.id,
user_email: current_user&.email user_email: current_user&.email
}.compact) }
if browser.known? if browser.known?
payload.merge!({ to_log.merge!({
browser: browser.name, browser: browser.name,
browser_version: browser.version.to_s, browser_version: browser.version.to_s,
platform: browser.platform.name platform: browser.platform.name
}) })
end end
payload payload[:to_log] = to_log
end end
end end
end end

3
app/graphql/api/v2/context.rb
View file

@ -61,7 +61,8 @@ class API::V2::Context < GraphQL::Query::Context
graphql_variables: query.provided_variables&.to_json, graphql_variables: query.provided_variables&.to_json,
graphql_mutation: mutation?, graphql_mutation: mutation?,
graphql_null_error: errors.any? { _1.is_a? GraphQL::InvalidNullError }.presence, graphql_null_error: errors.any? { _1.is_a? GraphQL::InvalidNullError }.presence,
graphql_timeout_error: errors.any? { _1.is_a? GraphQL::Schema::Timeout::TimeoutError }.presence graphql_timeout_error: errors.any? { _1.is_a? GraphQL::Schema::Timeout::TimeoutError }.presence,
graphql_api_token_id: self[:api_token_id]
}.compact }.compact
end end

1
app/models/api_token.rb
View file

@ -8,6 +8,7 @@ class APIToken < ApplicationRecord
def context def context
{ {
administrateur_id:, administrateur_id:,
api_token_id: id,
procedure_ids:, procedure_ids:,
write_access: write_access:
} }

24
config/initializers/lograge.rb
View file

@ -6,30 +6,18 @@ Rails.application.configure do
# injected by ansible. # injected by ansible.
if !config.lograge.custom_options if !config.lograge.custom_options
config.lograge.custom_options = lambda do |event| config.lograge.custom_options = lambda do |event|
{ hash = {
type: 'tps', type: 'tps',
source: ENV['SOURCE'], source: ENV['SOURCE'],
tags: ['request', event.payload[:exception] ? 'exception' : nil].compact, tags: ['request', event.payload[:exception] ? 'exception' : nil].compact,
user_id: event.payload[:user_id],
user_email: event.payload[:user_email],
user_roles: event.payload[:user_roles],
user_agent: event.payload[:user_agent],
graphql_query: event.payload[:graphql_query],
graphql_variables: event.payload[:graphql_variables],
graphql_null_error: event.payload[:graphql_null_error],
graphql_timeout_error: event.payload[:graphql_timeout_error],
graphql_mutation: event.payload[:graphql_mutation],
ds_procedure_id: event.payload[:ds_procedure_id],
ds_dossier_id: event.payload[:ds_dossier_id],
browser: event.payload[:browser],
browser_version: event.payload[:browser_version],
platform: event.payload[:platform],
client_ip: event.payload[:client_ip],
request_id: event.payload[:request_id],
process: { process: {
pid: Process.pid pid: Process.pid
} }
}.compact }
hash.merge!(event.payload[:to_log])
hash.compact
end end
config.lograge.custom_payload do |controller| config.lograge.custom_payload do |controller|

6
spec/controllers/application_controller_spec.rb
View file

@ -40,7 +40,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key| [:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key) payload.delete(key)
end end
expect(payload).to eq({ expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing', user_agent: 'Rails Testing',
user_roles: 'Guest' user_roles: 'Guest'
}) })
@ -59,7 +59,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key| [:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key) payload.delete(key)
end end
expect(payload).to eq({ expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing', user_agent: 'Rails Testing',
user_id: current_user.id, user_id: current_user.id,
user_roles: 'User' user_roles: 'User'
@ -82,7 +82,7 @@ describe ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key| [:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key) payload.delete(key)
end end
expect(payload).to eq({ expect(payload[:to_log].compact).to eq({
user_agent: 'Rails Testing', user_agent: 'Rails Testing',
user_id: current_user.id, user_id: current_user.id,
user_roles: 'User, Instructeur, Administrateur, SuperAdmin' user_roles: 'User, Instructeur, Administrateur, SuperAdmin'

2
spec/controllers/manager/application_controller_spec.rb
View file

@ -13,7 +13,7 @@ describe Manager::ApplicationController, type: :controller do
[:db_runtime, :view_runtime, :variant, :rendered_format].each do |key| [:db_runtime, :view_runtime, :variant, :rendered_format].each do |key|
payload.delete(key) payload.delete(key)
end end
expect(payload).to eq({ expect(payload[:to_log]).to eq({
user_agent: 'Rails Testing', user_agent: 'Rails Testing',
user_id: current_user.id, user_id: current_user.id,
user_email: current_user.email user_email: current_user.email

14
spec/models/api_token_spec.rb
View file

@ -14,7 +14,7 @@ describe APIToken, type: :model do
expect(api_token.version).to eq(3) expect(api_token.version).to eq(3)
expect(api_token.write_access?).to eq(true) expect(api_token.write_access?).to eq(true)
expect(api_token.procedure_ids).to eq([]) expect(api_token.procedure_ids).to eq([])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
expect(api_token.full_access?).to be_truthy expect(api_token.full_access?).to be_truthy
end end
@ -22,7 +22,7 @@ describe APIToken, type: :model do
before { api_token.update(write_access: false) } before { api_token.update(write_access: false) }
it do it do
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: false) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: false, api_token_id: api_token.id)
end end
end end
@ -38,7 +38,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_truthy expect(api_token.full_access?).to be_truthy
expect(api_token.procedure_ids).to eq([procedure.id]) expect(api_token.procedure_ids).to eq([procedure.id])
expect(api_token.procedures).to eq([procedure]) expect(api_token.procedures).to eq([procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true, api_token_id: api_token.id)
end end
context 'and another procedure, but access only to the first one' do context 'and another procedure, but access only to the first one' do
@ -54,7 +54,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to match_array([procedure.id]) expect(api_token.procedure_ids).to match_array([procedure.id])
expect(api_token.targetable_procedures).to eq([other_procedure]) expect(api_token.targetable_procedures).to eq([other_procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [procedure.id], write_access: true, api_token_id: api_token.id)
end end
context 'and then gain full access' do context 'and then gain full access' do
@ -83,7 +83,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([]) expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([procedure]) expect(api_token.targetable_procedures).to eq([procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end end
end end
@ -100,7 +100,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([]) expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([]) expect(api_token.targetable_procedures).to eq([])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end end
end end
@ -119,7 +119,7 @@ describe APIToken, type: :model do
expect(api_token.full_access?).to be_falsey expect(api_token.full_access?).to be_falsey
expect(api_token.procedure_ids).to eq([]) expect(api_token.procedure_ids).to eq([])
expect(api_token.targetable_procedures).to eq([other_procedure]) expect(api_token.targetable_procedures).to eq([other_procedure])
expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true) expect(api_token.context).to eq(administrateur_id: administrateur.id, procedure_ids: [], write_access: true, api_token_id: api_token.id)
end end
end end
end end