From 294b67cbb6bb31a0358a4d52469253a5bbbd6996 Mon Sep 17 00:00:00 2001 From: Zeke Gabrielse Date: Mon, 16 Dec 2024 16:25:04 -0600 Subject: [PATCH] fix event log routing for accounts --- app/serializers/event_log_serializer.rb | 6 +++- features/api/v1/event_logs/index.feature | 39 +++++++++++++++++++++--- 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/app/serializers/event_log_serializer.rb b/app/serializers/event_log_serializer.rb index f3a0729c63..a9bf46d609 100644 --- a/app/serializers/event_log_serializer.rb +++ b/app/serializers/event_log_serializer.rb @@ -91,7 +91,11 @@ class EventLogSerializer < BaseSerializer if @object.resource_id.present? && @object.resource_type.present? link :related do - @url_helpers.polymorphic_path [:v1, @object.account, @object.resource] + if @object.resource == @object.account # event subject could be the account + @url_helpers.polymorphic_path [:v1, @object.account] + else + @url_helpers.polymorphic_path [:v1, @object.account, @object.resource] + end end end end diff --git a/features/api/v1/event_logs/index.feature b/features/api/v1/event_logs/index.feature index c0f807e265..58c402413a 100644 --- a/features/api/v1/event_logs/index.feature +++ b/features/api/v1/event_logs/index.feature @@ -7,9 +7,9 @@ Feature: List event logs | 9b96c003-85fa-40e8-a9ed-580491cd5d79 | Standard 1 | | 44c7918c-80ab-4a13-a831-a2c46cda85c6 | Ent 1 | Given the following "account" rows exist: - | name | slug | plan_id | - | Standard | standard | 9b96c003-85fa-40e8-a9ed-580491cd5d79 | - | Ent | ent | 44c7918c-80ab-4a13-a831-a2c46cda85c6 | + | id | name | slug | plan_id | + | 99b7580f-d2fc-4b8f-8279-ec95fb523a17 | Standard | standard | 9b96c003-85fa-40e8-a9ed-580491cd5d79 | + | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | Ent | ent | 44c7918c-80ab-4a13-a831-a2c46cda85c6 | And I send and accept JSON Scenario: Endpoint should be inaccessible when account is not on Ent tier @@ -33,11 +33,31 @@ Feature: List event logs Scenario: Admin retrieves all logs for their account Given I am an admin of account "ent" And the current account is "ent" - And the current account has 3 "event-logs" + And the following "event-type" rows exist: + | id | event | + | 1d721621-cbb5-4f4d-ae73-41d77a26276a | test.account.updated | + | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | test.license.created | + | 8c312434-f8e9-402f-8169-49fc1409198e | test.license.updated | + | 1e7c4ec0-127f-4691-b400-427333362176 | test.license.validation.succeeded | + | 204590ba-b02e-4efd-ac32-5d1588932efa | test.license.validation.failed | + And the current account has the following "license" rows: + | id | + | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + And the current account has the following "event-log" rows: + | whodunnit_type | whodunnit_id | event_type_id | resource_type | resource_id | + | User | 97e58005-11ab-4186-aa78-c21550f6d0ce | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | 1e7c4ec0-127f-4691-b400-427333362176 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | Product | e37fa95d-7771-4e30-84be-acabdedc81ce | 8c312434-f8e9-402f-8169-49fc1409198e | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | 1e7c4ec0-127f-4691-b400-427333362176 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | 1e7c4ec0-127f-4691-b400-427333362176 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | Machine | 19ac6439-5576-4ba8-92cd-f4c17573159e | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 1d721621-cbb5-4f4d-ae73-41d77a26276a | Account | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | And I use an authentication token When I send a GET request to "/accounts/ent/event-logs" Then the response status should be "200" - And the response body should be an array with 3 "event-logs" + And the response body should be an array with 9 "event-logs" Scenario: Admin retrieves a list of logs that is automatically limited Given I am an admin of account "ent" @@ -121,6 +141,7 @@ Feature: List event logs And the current account is "ent" And the following "event-type" rows exist: | id | event | + | 1d721621-cbb5-4f4d-ae73-41d77a26276a | test.account.updated | | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | test.license.created | | 8c312434-f8e9-402f-8169-49fc1409198e | test.license.updated | | 1e7c4ec0-127f-4691-b400-427333362176 | test.license.validation.succeeded | @@ -137,6 +158,8 @@ Feature: List event logs | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | 1e7c4ec0-127f-4691-b400-427333362176 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | Machine | 19ac6439-5576-4ba8-92cd-f4c17573159e | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 1d721621-cbb5-4f4d-ae73-41d77a26276a | Account | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | And I use an authentication token When I send a GET request to "/accounts/ent/event-logs?whodunnit[type]=license&whodunnit[id]=19c0e512-d08a-408d-8d1a-6400baaf5a40" Then the response status should be "200" @@ -147,6 +170,7 @@ Feature: List event logs And the current account is "ent" And the following "event-type" rows exist: | id | event | + | 1d721621-cbb5-4f4d-ae73-41d77a26276a | test.account.updated | | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | test.license.created | | 8c312434-f8e9-402f-8169-49fc1409198e | test.license.updated | | 1e7c4ec0-127f-4691-b400-427333362176 | test.license.validation.succeeded | @@ -164,6 +188,7 @@ Feature: List event logs | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | 1e7c4ec0-127f-4691-b400-427333362176 | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | Machine | 19ac6439-5576-4ba8-92cd-f4c17573159e | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 1d721621-cbb5-4f4d-ae73-41d77a26276a | Account | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | And I use an authentication token When I send a GET request to "/accounts/ent/event-logs?resource[type]=license&resource[id]=19c0e512-d08a-408d-8d1a-6400baaf5a40" Then the response status should be "200" @@ -174,6 +199,7 @@ Feature: List event logs And the current account is "ent" And the following "event-type" rows exist: | id | event | + | 1d721621-cbb5-4f4d-ae73-41d77a26276a | test.account.updated | | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | test.license.created | | 8c312434-f8e9-402f-8169-49fc1409198e | test.license.updated | | 1e7c4ec0-127f-4691-b400-427333362176 | test.license.validation.succeeded | @@ -192,6 +218,7 @@ Feature: List event logs | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | Machine | 19ac6439-5576-4ba8-92cd-f4c17573159e | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 1d721621-cbb5-4f4d-ae73-41d77a26276a | Account | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | And I use an authentication token When I send a GET request to "/accounts/ent/event-logs?event=test.license.validation.failed" Then the response status should be "200" @@ -202,6 +229,7 @@ Feature: List event logs And the current account is "ent" And the following "event-type" rows exist: | id | event | + | 1d721621-cbb5-4f4d-ae73-41d77a26276a | test.account.updated | | c257ce16-4f38-490e-8e4e-1be9ba1e8830 | test.license.created | | 8c312434-f8e9-402f-8169-49fc1409198e | test.license.updated | | 1e7c4ec0-127f-4691-b400-427333362176 | test.license.validation.succeeded | @@ -223,6 +251,7 @@ Feature: List event logs | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | | | | 204590ba-b02e-4efd-ac32-5d1588932efa | License | 19c0e512-d08a-408d-8d1a-6400baaf5a40 | | | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 8c312434-f8e9-402f-8169-49fc1409198e | Machine | 19ac6439-5576-4ba8-92cd-f4c17573159e | | + | User | 54a44eaf-6a83-4bb4-b3c1-17600dfdd77c | 1d721621-cbb5-4f4d-ae73-41d77a26276a | Account | c6c845b1-e9fa-4126-b89d-bdf32aa6d047 | | And I use an authentication token When I send a GET request to "/accounts/ent/event-logs?request=97708dc6-9dd2-4de1-84be-24f50287296c" Then the response status should be "200"