feat: limit audit trail (#6744)

* feat: enable limiting audit trail * support AddExclusiveQuery * fix invalid condition * register event mappers * fix NullDuration validity * test query side for limits * lint * acceptance test audit trail limit * fix acceptance test * translate limits not found * update tests * fix linting * add audit log retention to default instance * fix tests * update docs * remove todo * improve test name
2025-08-11 21:17:32 +00:00 · 2023-10-25 13:42:00 +02:00
parent 1c839e308b
commit 385a55bd21
52 changed files with 1778 additions and 172 deletions
--- a/internal/api/grpc/auth/server.go
+++ b/internal/api/grpc/auth/server.go
@@ -2,7 +2,6 @@ package auth

 import (
 	"context"
-	"time"

 	"google.golang.org/grpc"

@@ -26,14 +25,13 @@ const (

 type Server struct {
 	auth.UnimplementedAuthServiceServer
-	command           *command.Commands
-	query             *query.Queries
-	repo              repository.Repository
-	defaults          systemdefaults.SystemDefaults
-	assetsAPIDomain   func(context.Context) string
-	userCodeAlg       crypto.EncryptionAlgorithm
-	externalSecure    bool
-	auditLogRetention time.Duration
+	command         *command.Commands
+	query           *query.Queries
+	repo            repository.Repository
+	defaults        systemdefaults.SystemDefaults
+	assetsAPIDomain func(context.Context) string
+	userCodeAlg     crypto.EncryptionAlgorithm
+	externalSecure  bool
 }

 type Config struct {
@@ -46,17 +44,15 @@ func CreateServer(command *command.Commands,
 	defaults systemdefaults.SystemDefaults,
 	userCodeAlg crypto.EncryptionAlgorithm,
 	externalSecure bool,
-	auditLogRetention time.Duration,
 ) *Server {
 	return &Server{
-		command:           command,
-		query:             query,
-		repo:              authRepo,
-		defaults:          defaults,
-		assetsAPIDomain:   assets.AssetAPI(externalSecure),
-		userCodeAlg:       userCodeAlg,
-		externalSecure:    externalSecure,
-		auditLogRetention: auditLogRetention,
+		command:         command,
+		query:           query,
+		repo:            authRepo,
+		defaults:        defaults,
+		assetsAPIDomain: assets.AssetAPI(externalSecure),
+		userCodeAlg:     userCodeAlg,
+		externalSecure:  externalSecure,
 	}
 }

--- a/internal/api/grpc/auth/user.go
+++ b/internal/api/grpc/auth/user.go
@@ -84,7 +84,7 @@ func (s *Server) ListMyUserChanges(ctx context.Context, req *auth_pb.ListMyUserC
 		query.OrderAsc()
 	}

-	changes, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	changes, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}