feat: limit audit trail (#6744)

* feat: enable limiting audit trail

* support AddExclusiveQuery

* fix invalid condition

* register event mappers

* fix NullDuration validity

* test query side for limits

* lint

* acceptance test audit trail limit

* fix acceptance test

* translate limits not found

* update tests

* fix linting

* add audit log retention to default instance

* fix tests

* update docs

* remove todo

* improve test name

internal/api/grpc/management/org.go

@@ -63,7 +63,7 @@ func (s *Server) ListOrgChanges(ctx context.Context, req *mgmt_pb.ListOrgChanges
 		query.OrderAsc()
 	}
 
-	response, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	response, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}

internal/api/grpc/management/project.go

@@ -87,7 +87,7 @@ func (s *Server) ListProjectGrantChanges(ctx context.Context, req *mgmt_pb.ListP
 		query.OrderAsc()
 	}
 
-	changes, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	changes, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}
@@ -166,7 +166,7 @@ func (s *Server) ListProjectChanges(ctx context.Context, req *mgmt_pb.ListProjec
 		query.OrderAsc()
 	}
 
-	changes, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	changes, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}

internal/api/grpc/management/project_application.go

@@ -70,7 +70,7 @@ func (s *Server) ListAppChanges(ctx context.Context, req *mgmt_pb.ListAppChanges
 		query.OrderAsc()
 	}
 
-	changes, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	changes, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}

internal/api/grpc/management/server.go

@@ -2,7 +2,6 @@ package management
 
 import (
 	"context"
-	"time"
 
 	"google.golang.org/grpc"
 
@@ -24,14 +23,13 @@ var _ management.ManagementServiceServer = (*Server)(nil)
 
 type Server struct {
 	management.UnimplementedManagementServiceServer
-	command           *command.Commands
-	query             *query.Queries
-	systemDefaults    systemdefaults.SystemDefaults
-	assetAPIPrefix    func(context.Context) string
-	passwordHashAlg   crypto.HashAlgorithm
-	userCodeAlg       crypto.EncryptionAlgorithm
-	externalSecure    bool
-	auditLogRetention time.Duration
+	command         *command.Commands
+	query           *query.Queries
+	systemDefaults  systemdefaults.SystemDefaults
+	assetAPIPrefix  func(context.Context) string
+	passwordHashAlg crypto.HashAlgorithm
+	userCodeAlg     crypto.EncryptionAlgorithm
+	externalSecure  bool
 }
 
 func CreateServer(
@@ -40,17 +38,15 @@ func CreateServer(
 	sd systemdefaults.SystemDefaults,
 	userCodeAlg crypto.EncryptionAlgorithm,
 	externalSecure bool,
-	auditLogRetention time.Duration,
 ) *Server {
 	return &Server{
-		command:           command,
-		query:             query,
-		systemDefaults:    sd,
-		assetAPIPrefix:    assets.AssetAPI(externalSecure),
-		passwordHashAlg:   crypto.NewBCrypt(sd.SecretGenerators.PasswordSaltCost),
-		userCodeAlg:       userCodeAlg,
-		externalSecure:    externalSecure,
-		auditLogRetention: auditLogRetention,
+		command:         command,
+		query:           query,
+		systemDefaults:  sd,
+		assetAPIPrefix:  assets.AssetAPI(externalSecure),
+		passwordHashAlg: crypto.NewBCrypt(sd.SecretGenerators.PasswordSaltCost),
+		userCodeAlg:     userCodeAlg,
+		externalSecure:  externalSecure,
 	}
 }
 

internal/api/grpc/management/user.go

@@ -109,7 +109,7 @@ func (s *Server) ListUserChanges(ctx context.Context, req *mgmt_pb.ListUserChang
 		query.OrderAsc()
 	}
 
-	changes, err := s.query.SearchEvents(ctx, query, s.auditLogRetention)
+	changes, err := s.query.SearchEvents(ctx, query)
 	if err != nil {
 		return nil, err
 	}