Merge pull request #4829 from systeminit/nick/eng-2751

Add custom extractor for filtering audit logs

Cargo.toml

@@ -169,6 +169,7 @@ serde = { version = "1.0.197", features = ["derive", "rc"] }
 serde-aux = "4.5.0"
 serde_json = { version = "=1.0.125", features = ["preserve_order"] }
 serde_path_to_error = { version = "0.1.16" }
+serde_qs = "0.13.0"
 serde_url_params = "0.2.1"
 serde_with = "3.7.0"
 serde_yaml = "0.9.33" # NOTE(nick): this has been archived upstream

lib/dal/src/audit_log.rs

@@ -220,6 +220,8 @@ pub fn filter_and_paginate(
         filtered_audit_logs.reverse();
     }
 
+    // Count the number of audit logs after filtering, but before pagination. We need this so that
+    // the frontend can know how many pages exists when paginating data.
     let total = filtered_audit_logs.len();
 
     // Finally, paginate and return.

lib/sdf-server/BUCK

@@ -44,6 +44,7 @@ rust_library(
         "//third-party/rust:reqwest",
         "//third-party/rust:serde",
         "//third-party/rust:serde_json",
+        "//third-party/rust:serde_qs",
         "//third-party/rust:serde_with",
         "//third-party/rust:sodiumoxide",
         "//third-party/rust:strum",

lib/sdf-server/Cargo.toml

@@ -9,49 +9,52 @@ rust-version.workspace = true
 publish.workspace = true
 
 [dependencies]
+buck2-resources = { path = "../../lib/buck2-resources" }
+dal = { path = "../../lib/dal" }
+module-index-client = { path = "../../lib/module-index-client" }
+nats-multiplexer = { path = "../../lib/nats-multiplexer" }
+nats-multiplexer-client = { path = "../../lib/nats-multiplexer-client" }
+nats-subscriber = { path = "../../lib/nats-subscriber" }
+permissions = { path = "../../lib/permissions" }
+rebaser-client = { path = "../../lib/rebaser-client" }
+si-crypto = { path = "../../lib/si-crypto" }
+si-data-nats = { path = "../../lib/si-data-nats" }
+si-data-pg = { path = "../../lib/si-data-pg" }
+si-data-spicedb = { path = "../../lib/si-data-spicedb" }
+si-events = { path = "../../lib/si-events-rs" }
+si-frontend-types = { path = "../../lib/si-frontend-types-rs" }
+si-layer-cache = { path = "../../lib/si-layer-cache" }
+si-pkg = { path = "../../lib/si-pkg" }
+si-posthog = { path = "../../lib/si-posthog-rs" }
+si-settings = { path = "../../lib/si-settings" }
+si-std = { path = "../../lib/si-std" }
+telemetry = { path = "../../lib/telemetry-rs" }
+telemetry-http = { path = "../../lib/telemetry-http-rs" }
+veritech-client = { path = "../../lib/veritech-client" }
+
 async-trait = { workspace = true }
 axum = { workspace = true }
 base64 = { workspace = true }
-buck2-resources = { path = "../../lib/buck2-resources" }
 chrono = { workspace = true }
 clap = { workspace = true }
 convert_case = { workspace = true }
-dal = { path = "../../lib/dal" }
 derive_builder = { workspace = true }
 futures = { workspace = true }
 futures-lite = { workspace = true }
 hyper = { workspace = true }
-module-index-client = { path = "../../lib/module-index-client" }
 names = { workspace = true }
-nats-multiplexer = { path = "../../lib/nats-multiplexer" }
-nats-multiplexer-client = { path = "../../lib/nats-multiplexer-client" }
-nats-subscriber = { path = "../../lib/nats-subscriber" }
 nix = { workspace = true }
 once_cell = { workspace = true }
 pathdiff = { workspace = true }
-permissions = { path = "../../lib/permissions" }
 rand = { workspace = true }
-rebaser-client = { path = "../../lib/rebaser-client" }
 remain = { workspace = true }
 reqwest = { workspace = true }
 serde = { workspace = true }
 serde_json = { workspace = true }
+serde_qs = { workspace = true }
 serde_with = { workspace = true }
-si-crypto = { path = "../../lib/si-crypto" }
-si-data-nats = { path = "../../lib/si-data-nats" }
-si-data-pg = { path = "../../lib/si-data-pg" }
-si-data-spicedb = { path = "../../lib/si-data-spicedb" }
-si-events = { path = "../../lib/si-events-rs" }
-si-frontend-types = { path = "../../lib/si-frontend-types-rs" }
-si-layer-cache = { path = "../../lib/si-layer-cache" }
-si-pkg = { path = "../../lib/si-pkg" }
-si-posthog = { path = "../../lib/si-posthog-rs" }
-si-settings = { path = "../../lib/si-settings" }
-si-std = { path = "../../lib/si-std" }
 sodiumoxide = { workspace = true }
 strum = { workspace = true }
-telemetry = { path = "../../lib/telemetry-rs" }
-telemetry-http = { path = "../../lib/telemetry-http-rs" }
 thiserror = { workspace = true }
 tokio = { workspace = true }
 tokio-stream = { workspace = true }
@@ -62,11 +65,11 @@ tower-http = { workspace = true }
 tracing-tunnel = { workspace = true }
 ulid = { workspace = true }
 url = { workspace = true }
-veritech-client = { path = "../../lib/veritech-client" }
 y-sync = { workspace = true }
 
 [dev-dependencies]
 dal-test = { path = "../../lib/dal-test" }
+
 pretty_assertions_sorted = { workspace = true }
 serde_url_params = { workspace = true }
 tokio-util = { workspace = true }

lib/sdf-server/src/extract.rs

@@ -271,6 +271,36 @@ async fn tenancy_from_claim(
     Ok(Tenancy(dal::Tenancy::new(claim.workspace_pk)))
 }
 
+/// Use instead of [`axum::extract::Query`] when the query contains array params using "[]"
+/// notation.
+///
+/// Inspiration : https://dev.to/pongsakornsemsuwan/rust-axum-extracting-query-param-of-vec-4pdm
+pub struct QueryWithVecParams<T>(pub T);
+
+#[async_trait]
+impl<T> FromRequestParts<AppState> for QueryWithVecParams<T>
+where
+    T: serde::de::DeserializeOwned,
+{
+    type Rejection = (StatusCode, Json<serde_json::Value>);
+
+    async fn from_request_parts(
+        parts: &mut Parts,
+        _state: &AppState,
+    ) -> Result<Self, Self::Rejection> {
+        let query = parts
+            .uri
+            .query()
+            .ok_or(not_found_error("no query string found in uri"))?;
+        let deserialized = serde_qs::from_str(query).map_err(|err| {
+            unprocessable_entity_error(&format!(
+                "could not deserialize query string: {query} (error: {err})"
+            ))
+        })?;
+        Ok(Self(deserialized))
+    }
+}
+
 fn internal_error(message: impl fmt::Display) -> (StatusCode, Json<serde_json::Value>) {
     let status_code = StatusCode::INTERNAL_SERVER_ERROR;
     (
@@ -298,3 +328,31 @@ fn unauthorized_error() -> (StatusCode, Json<serde_json::Value>) {
         })),
     )
 }
+
+fn not_found_error(message: &str) -> (StatusCode, Json<serde_json::Value>) {
+    let status_code = StatusCode::NOT_FOUND;
+    (
+        status_code,
+        Json(serde_json::json!({
+            "error": {
+                "message": message,
+                "statusCode": status_code.as_u16(),
+                "code": 42,
+            },
+        })),
+    )
+}
+
+fn unprocessable_entity_error(message: &str) -> (StatusCode, Json<serde_json::Value>) {
+    let status_code = StatusCode::UNPROCESSABLE_ENTITY;
+    (
+        status_code,
+        Json(serde_json::json!({
+            "error": {
+                "message": message,
+                "statusCode": status_code.as_u16(),
+                "code": 42,
+            },
+        })),
+    )
+}

lib/sdf-server/src/service/v2/audit_log/list_audit_logs.rs

@@ -1,7 +1,7 @@
 use std::collections::HashSet;
 
 use axum::{
-    extract::{OriginalUri, Path, Query},
+    extract::{OriginalUri, Path},
     Json,
 };
 use dal::{ChangeSetId, WorkspacePk};
@@ -13,7 +13,7 @@ use si_events::{
 use si_frontend_types as frontend_types;
 
 use super::AuditLogResult;
-use crate::extract::{AccessBuilder, HandlerContext, PosthogClient};
+use crate::extract::{AccessBuilder, HandlerContext, PosthogClient, QueryWithVecParams};
 
 #[derive(Deserialize, Serialize, Debug)]
 #[serde(rename_all = "camelCase")]
@@ -41,7 +41,7 @@ pub async fn list_audit_logs(
     PosthogClient(_posthog_client): PosthogClient,
     OriginalUri(_original_uri): OriginalUri,
     Path((_workspace_pk, change_set_id)): Path<(WorkspacePk, ChangeSetId)>,
-    Query(request): Query<ListAuditLogsRequest>,
+    QueryWithVecParams(request): QueryWithVecParams<ListAuditLogsRequest>,
 ) -> AuditLogResult<Json<ListAuditLogsResponse>> {
     let ctx = builder
         .build(access_builder.build(change_set_id.into()))
@@ -76,6 +76,7 @@ pub async fn list_audit_logs(
             None => HashSet::new(),
         },
     )?;
+
     Ok(Json(ListAuditLogsResponse {
         logs: filtered_and_paginated_audit_logs,
         total,