Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Subscriptions for more events for the admins in API #60

Open
blokhin opened this issue Jan 19, 2023 · 5 comments
Open

Subscriptions for more events for the admins in API #60

blokhin opened this issue Jan 19, 2023 · 5 comments
Labels
enhancement New feature or request

Comments

@blokhin
Copy link
Member

blokhin commented Jan 19, 2023

The admin users should be able to claim their interest in the general events which do not concern their accounts.

metis-bff/db_seed.js

Lines 322 to 336 in 1dd1a04

db(USER_ROLES_TABLE).insert(
[
{
slug: DEFAULT_USER_ROLE,
label: 'Member',
permissions: {},
},
{
slug: ADMIN_USER_ROLE,
label: 'Admin',
permissions: {},
},
],
['id', 'slug']
),

Such general events are, mainly:

  • new user registrations
  • new data created by anyone
  • new calculation submitted by anyone

@pyoner has suggested to log such events and flush them to the user in the API.
@knopki we should provision this somewhere in the API client.
@blokhin blokhin added the enhancement New feature or request label Jan 19, 2023
@pyoner
Copy link
Contributor

pyoner commented Feb 9, 2023

Schema of logs table:

CREATE TABLE logs (
  id SERIAL PRIMARY KEY,
  type TEXT NOT NULL,
  value JSONB,
  user_id INTEGER REFERENCES user (id),
  created_at TIMESTAMP NOT NULL DEFAULT NOW()
);

To logging events we can use one of two approaches:

  1. use database triggers to insert events to the logs table;
  2. use a server side script to insert events to the logs table;

API to retrieve logs /v0/logs can accept http get method

Query parameter:
limit - optional default 1000
offset - optional
type - optional default all
user_ids - optional (example user_id=1,2,3)
after - optional default now - 1 hour

To authorize access to the logs table we can use one of two approaches:

  1. use database Policy and Row Level Security
  2. use a server side script

@blokhin @knopki

@blokhin
Copy link
Member Author

blokhin commented Feb 9, 2023

@pyoner many thanks! To log events, I'd vote for:

  1. use database triggers to insert events to the logs table;

To authorize access, I'd vote for retrieving the admin users and checking if the request issuer is among them, which is, apparently:

  1. use a server side script

@blokhin
Copy link
Member Author

blokhin commented Feb 9, 2023

Probably /v0/logs should use SSE for responding, shouldn't it?

@pyoner
Copy link
Contributor

pyoner commented Feb 10, 2023

Probably /v0/logs should use SSE for responding, shouldn't it?

@blokhin admin can use SSE for listening real-time events

@blokhin
Copy link
Member Author

blokhin commented Jun 19, 2023

partially implemented in https://github.com/basf/metis-bff/blob/master/routes/%5Bversion%5D/logs.js

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blokhin @pyoner