diff --git a/libs/@local/graph/api/src/rest/account.rs b/libs/@local/graph/api/src/rest/account.rs index ea276aec996..65523727f33 100644 --- a/libs/@local/graph/api/src/rest/account.rs +++ b/libs/@local/graph/api/src/rest/account.rs @@ -235,7 +235,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CheckAccountGroupPermission { + query_logger.capture(actor_id, OpenApiQuery::CheckAccountGroupPermission { account_group_id, permission, }); diff --git a/libs/@local/graph/api/src/rest/data_type.rs b/libs/@local/graph/api/src/rest/data_type.rs index 91111ec3545..688f0b0de8c 100644 --- a/libs/@local/graph/api/src/rest/data_type.rs +++ b/libs/@local/graph/api/src/rest/data_type.rs @@ -412,7 +412,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetDataTypes(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetDataTypes(&request)); } let authorization_api = authorization_api_pool @@ -487,7 +487,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetDataTypeSubgraph(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetDataTypeSubgraph(&request)); } let authorization_api = authorization_api_pool @@ -890,9 +890,12 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetDataTypeAuthorizationRelationships { - data_type_id: &data_type_id, - }); + query_logger.capture( + actor_id, + OpenApiQuery::GetDataTypeAuthorizationRelationships { + data_type_id: &data_type_id, + }, + ); } let authorization_api = authorization_api_pool @@ -939,7 +942,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CheckDataTypePermission { + query_logger.capture(actor_id, OpenApiQuery::CheckDataTypePermission { data_type_id: &data_type_id, permission, }); diff --git a/libs/@local/graph/api/src/rest/entity.rs b/libs/@local/graph/api/src/rest/entity.rs index 899302ec25c..9bb1e8fd12d 100644 --- a/libs/@local/graph/api/src/rest/entity.rs +++ b/libs/@local/graph/api/src/rest/entity.rs @@ -407,7 +407,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::ValidateEntity(&body)); + query_logger.capture(actor_id, OpenApiQuery::ValidateEntity(&body)); } let params = ValidateEntityParams::deserialize(&body) @@ -461,7 +461,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CheckEntityPermission { + query_logger.capture(actor_id, OpenApiQuery::CheckEntityPermission { entity_id, permission, }); @@ -633,7 +633,8 @@ struct GetEntitiesRequest<'q, 's, 'p> { )] #[tracing::instrument( level = "info", - skip(store_pool, authorization_api_pool, temporal_client, request) + skip_all, + fields(actor=%actor_id, %request) )] async fn get_entities( AuthenticatedUserHeader(actor_id): AuthenticatedUserHeader, @@ -648,7 +649,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntities(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetEntities(&request)); } let authorization_api = authorization_api_pool @@ -664,6 +665,14 @@ where let request = GetEntitiesRequest::deserialize(&request) .map_err(Report::from) .map_err(report_to_response)?; + + if request.limit == Some(0) { + tracing::warn!( + %actor_id, + "The limit is set to zero, so no entities will be returned." + ); + } + let response = store .get_entities(actor_id, GetEntitiesParams { filter: request.filter, @@ -788,7 +797,8 @@ struct GetEntitySubgraphResponse<'r> { )] #[tracing::instrument( level = "info", - skip(store_pool, authorization_api_pool, temporal_client, request) + skip_all, + fields(actor=%actor_id, %request) )] async fn get_entity_subgraph( AuthenticatedUserHeader(actor_id): AuthenticatedUserHeader, @@ -803,7 +813,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntitySubgraph(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetEntitySubgraph(&request)); } let authorization_api = authorization_api_pool @@ -819,6 +829,14 @@ where let request = GetEntitySubgraphRequest::deserialize(&request) .map_err(Report::from) .map_err(report_to_response)?; + + if request.limit == Some(0) { + tracing::warn!( + %actor_id, + "The limit is set to zero, so no entities will be returned" + ); + } + let response = store .get_entity_subgraph(actor_id, GetEntitySubgraphParams { filter: request.filter, @@ -897,7 +915,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CountEntities(&request)); + query_logger.capture(actor_id, OpenApiQuery::CountEntities(&request)); } let authorization_api = authorization_api_pool @@ -1069,7 +1087,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::DiffEntity(¶ms)); + query_logger.capture(actor_id, OpenApiQuery::DiffEntity(¶ms)); } let authorization_api = authorization_api_pool @@ -1125,7 +1143,10 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntityAuthorizationRelationships { entity_id }); + query_logger.capture( + actor_id, + OpenApiQuery::GetEntityAuthorizationRelationships { entity_id }, + ); } let authorization_api = authorization_api_pool diff --git a/libs/@local/graph/api/src/rest/entity_type.rs b/libs/@local/graph/api/src/rest/entity_type.rs index 2ad8cce2ea9..03cad50d3b1 100644 --- a/libs/@local/graph/api/src/rest/entity_type.rs +++ b/libs/@local/graph/api/src/rest/entity_type.rs @@ -285,9 +285,12 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntityTypeAuthorizationRelationships { - entity_type_id: &entity_type_id, - }); + query_logger.capture( + actor_id, + OpenApiQuery::GetEntityTypeAuthorizationRelationships { + entity_type_id: &entity_type_id, + }, + ); } let authorization_api = authorization_api_pool @@ -336,7 +339,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CheckEntityTypePermission { + query_logger.capture(actor_id, OpenApiQuery::CheckEntityTypePermission { entity_type_id: &entity_type_id, permission, }); @@ -725,7 +728,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntityTypes(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetEntityTypes(&request)); } let authorization_api = authorization_api_pool @@ -793,7 +796,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetClosedMultiEntityTypes(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetClosedMultiEntityTypes(&request)); } let authorization_api = authorization_api_pool @@ -874,7 +877,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetEntityTypeSubgraph(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetEntityTypeSubgraph(&request)); } let authorization_api = authorization_api_pool diff --git a/libs/@local/graph/api/src/rest/mod.rs b/libs/@local/graph/api/src/rest/mod.rs index 36394d22f86..90911643400 100644 --- a/libs/@local/graph/api/src/rest/mod.rs +++ b/libs/@local/graph/api/src/rest/mod.rs @@ -238,13 +238,15 @@ impl QueryLogger { } #[expect(clippy::missing_panics_doc)] - pub fn capture(&mut self, query: OpenApiQuery<'_>) { + pub fn capture(&mut self, actor: AccountId, query: OpenApiQuery<'_>) { + let mut record = serde_json::to_value(query) + .change_context(QueryLoggingError) + .expect("query should be serializable"); + record + .as_object_mut() + .map(|object| object.insert("actor".to_owned(), JsonValue::String(actor.to_string()))); + self.value = Some(record); self.created_at = Instant::now(); - self.value = Some( - serde_json::to_value(query) - .change_context(QueryLoggingError) - .expect("query should be serializable"), - ); } /// Sends the captured query to the query logger. diff --git a/libs/@local/graph/api/src/rest/property_type.rs b/libs/@local/graph/api/src/rest/property_type.rs index dcd197e24bf..b94b827fe80 100644 --- a/libs/@local/graph/api/src/rest/property_type.rs +++ b/libs/@local/graph/api/src/rest/property_type.rs @@ -401,7 +401,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetPropertyTypes(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetPropertyTypes(&request)); } let authorization_api = authorization_api_pool @@ -480,7 +480,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetPropertyTypeSubgraph(&request)); + query_logger.capture(actor_id, OpenApiQuery::GetPropertyTypeSubgraph(&request)); } let authorization_api = authorization_api_pool @@ -878,9 +878,12 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::GetPropertyTypeAuthorizationRelationships { - property_type_id: &property_type_id, - }); + query_logger.capture( + actor_id, + OpenApiQuery::GetPropertyTypeAuthorizationRelationships { + property_type_id: &property_type_id, + }, + ); } let authorization_api = authorization_api_pool @@ -929,7 +932,7 @@ where A: AuthorizationApiPool + Send + Sync, { if let Some(query_logger) = &mut query_logger { - query_logger.capture(OpenApiQuery::CheckPropertyTypePermission { + query_logger.capture(actor_id, OpenApiQuery::CheckPropertyTypePermission { property_type_id: &property_type_id, permission, });