feat(server): added proper filtering the BuildLog API

Jef Roosens 2022-05-29 20:08:21 +02:00
parent 4f32dec5b5
commit a39c1aa5eb
Signed by untrusted user: Jef Roosens
GPG Key ID: B75D4F293C7052DB
4 changed files with 40 additions and 14 deletions

View File

@ -16,7 +16,32 @@ pub fn (db &VieterDb) get_build_logs(filter BuildLogFilter) []BuildLog {
} }
if filter.after != time.Time{} { if filter.after != time.Time{} {
where_parts << 'start_time < $filter.after.unix_time()' where_parts << 'start_time > $filter.after.unix_time()'
}
// NOTE: possible SQL injection
if filter.arch != '' {
where_parts << "arch == '$filter.arch'"
}
println(filter.exit_codes)
mut parts := []string{}
for exp in filter.exit_codes {
if exp[0] == `!` {
code := exp[1..].int()
parts << 'exit_code != $code'
}else {
code := exp.int()
parts << 'exit_code == $code'
}
}
if parts.len > 0 {
where_parts << parts.map('($it)').join(' or ')
} }
mut where_str := '' mut where_str := ''
@ -25,14 +50,10 @@ pub fn (db &VieterDb) get_build_logs(filter BuildLogFilter) []BuildLog {
where_str = 'where ' + where_parts.map('($it)').join(' and ') where_str = 'where ' + where_parts.map('($it)').join(' and ')
} }
query := 'select from BuildLog' + where_str query := 'select * from BuildLog $where_str limit $filter.limit offset $filter.offset'
rows, _ := db.conn.exec(query) rows, _ := db.conn.exec(query)
res := rows.map(row_into<BuildLog>(it)) res := rows.map(row_into<BuildLog>(it))
// res := sql db.conn {
// select from BuildLog where filter.repo == 0 || repo_id == filter.repo order by id
// }
return res return res
} }

View File

@ -35,7 +35,6 @@ pub mut:
repo int repo int
before time.Time before time.Time
after time.Time after time.Time
exit_codes_whitelist []u8
exit_codes_blacklist []u8
arch string arch string
exit_codes []string
} }

View File

@ -1,5 +1,7 @@
module models module models
import time
// from_params<T> creates a new instance of T from the given map by parsing all // from_params<T> creates a new instance of T from the given map by parsing all
// of its fields from the map. // of its fields from the map.
pub fn from_params<T>(params map[string]string) ?T { pub fn from_params<T>(params map[string]string) ?T {
@ -23,7 +25,12 @@ pub fn patch_from_params<T>(mut o T, params map[string]string) ? {
o.$(field.name) = params[field.name].u64() o.$(field.name) = params[field.name].u64()
} $else $if field.typ is []GitRepoArch { } $else $if field.typ is []GitRepoArch {
o.$(field.name) = params[field.name].split(',').map(GitRepoArch{ value: it }) o.$(field.name) = params[field.name].split(',').map(GitRepoArch{ value: it })
} $else $if field.typ is time.Time {
o.$(field.name) = time.unix(params[field.name].int())
} $else $if field.typ is []string {
o.$(field.name) = params[field.name].split(',')
} }
} else if field.attrs.contains('nonull') { } else if field.attrs.contains('nonull') {
return error('Missing parameter: ${field.name}.') return error('Missing parameter: ${field.name}.')
} }

View File

@ -8,7 +8,7 @@ import db
import time import time
import os import os
import util import util
import models { BuildLog } import models { BuildLog, BuildLogFilter }
// get_logs returns all build logs in the database. A 'repo' query param can // get_logs returns all build logs in the database. A 'repo' query param can
// optionally be added to limit the list of build logs to that repository. // optionally be added to limit the list of build logs to that repository.
@ -18,11 +18,10 @@ fn (mut app App) get_logs() web.Result {
return app.json(http.Status.unauthorized, new_response('Unauthorized.')) return app.json(http.Status.unauthorized, new_response('Unauthorized.'))
} }
logs := if 'repo' in app.query { filter := models.from_params<BuildLogFilter>(app.query) or {
app.db.get_build_logs_for_repo(app.query['repo'].int()) return app.json(http.Status.bad_request, new_response('Invalid query parameters.'))
} else {
app.db.get_build_logs()
} }
logs := app.db.get_build_logs(filter)
return app.json(http.Status.ok, new_data_response(logs)) return app.json(http.Status.ok, new_data_response(logs))
} }