Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enterprise API Usage Report #35532

Merged
merged 6 commits into from
Dec 18, 2024
Merged

Enterprise API Usage Report #35532

merged 6 commits into from
Dec 18, 2024

Conversation

jingcheng16
Copy link
Contributor

@jingcheng16 jingcheng16 commented Dec 17, 2024
edited
Loading

Product Description

This PR is to add Enterprise API Usage report in enterprise console. This tile will live in Security Center.

UI:
image

The downloaded report:
image

API

curl -s -X GET "http://localhost:8000/a/enterpriseconsoletest/enterprise/api/v1/apiusage/" -H "Authorization: ApiKey xxx:xxxxxxxxxxxxx"
{"@odata.context": "http://localhost:8000/a/enterpriseconsoletest/enterprise/api/v1/apiusage/schema/#feed",
"@odata.count": 5,
"value": [{"api_key_name": "sdfs", "created_date": "2024-01-23T12:58:40+00:00", "expiration_date": null, "last_used_date": null, "scope": "All project spaces", "web_user": "x@dimagi.com"},
{"api_key_name": "Test", "created_date": "2024-07-02T20:13:03+00:00", "expiration_date": null, "last_used_date": "2024-07-07T18:18:58+00:00", "scope": "All project spaces", "web_user": "x@dimagi.com"},
{"api_key_name": "limited", "created_date": "2024-11-13T22:42:09+00:00", "expiration_date": null, "last_used_date": null, "scope": "testproject1", "web_user": "x@dimagi.com"},
{"api_key_name": "For Enterprise Tile", "created_date": "2024-12-16T05:22:14+00:00", "expiration_date": "2024-12-31T00:00:00+00:00", "last_used_date": null, "scope": "inconsistent1", "web_user": "x@dimagi.com"},
{"api_key_name": "locallll", "created_date": "2024-09-04T15:06:07+00:00", "expiration_date": null, "last_used_date": "2024-12-17T21:56:25+00:00", "scope": "All project spaces", "web_user": "x@dimagi.com"}]}%

Technical Summary

Ticket: https://dimagi.atlassian.net/browse/SAAS-16378

The implementation is straight forward. All the information required in this report lives in HQApiKey.

Feature Flag

Safety Assurance

Safety story

Tested locally.

Automated test coverage

QA Plan

Rollback instructions

  • This PR can be reverted after deploy with no further considerations

Labels & Review

  • Risk label is set correctly
  • The set of people pinged as reviewers is appropriate for the level of risk of the change

@sentry-io Sentry.io
Copy link

sentry-io bot commented Dec 17, 2024

🔍 Existing Issues For Review

Your pull request is modifying functions with the following pre-existing issues:

📄 File: corehq/apps/enterprise/enterprise.py

Function Unhandled Issue
rows_for_domain ESError: ConnectionTimeout caused by - ReadTimeoutError(HTTPConnectionPool(host='10.202.41.10', port=9200)... ...
Event Count: 1
rows_for_domain UnboundLocalError: local variable 'version' referenced before assignment /a/{domain}/enterprise...
Event Count: 1

Did you find this useful? React with a 👍 or 👎

@jingcheng16 jingcheng16 added the product/all-users-all-environments Change impacts all users on all environments label Dec 17, 2024
@jingcheng16 jingcheng16 marked this pull request as ready for review December 17, 2024 21:55
mjriley
mjriley reviewed Dec 18, 2024
View reviewed changes
corehq/apps/enterprise/enterprise.py Outdated
Comment on lines 587 to 589
usernames = self.account.get_web_user_usernames()
unique_users = [User.objects.get(username=username) for username in usernames]
return HQApiKey.objects.filter(user__in=unique_users, is_active=True)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Three things we might want to look into here:

  1. Can we simplify what is pulled back from the database -- i.e. instead of fetching the entire user object, can we fetch just the user ID or username
  2. Can/should this be turned into a subquery so that we only send a single query to the database?
  3. At what # of users are we concerned with __in performance? Maybe run this by the infrastructure team.

mjriley
mjriley reviewed Dec 18, 2024
View reviewed changes
corehq/apps/enterprise/enterprise.py Outdated
return [
api_key.user.username,
api_key.name,
api_key.domain if api_key.domain else 'All project spaces',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Translate "All project spaces"

jingcheng16 and others added 4 commits December 18, 2024 15:10
@jingcheng16
Simplify the query and use Subquery
89913e5
@jingcheng16
Exclude api key whose scope is not to any project spaces in this bill…
fa5ea7c 
…ing account
@jingcheng16
Reformat the report row
95edba1 
Although some api key's scope is all project spaces, but we should only show project space that is a member of the billing account and the user is a member of, which reflects the actual scope
@jingcheng16
Merge branch 'master' into jc/api-usage-enterprise-report
158b7fc
@jingcheng16 jingcheng16 merged commit b99aa51 into master Dec 18, 2024
13 checks passed
@jingcheng16 jingcheng16 deleted the jc/api-usage-enterprise-report branch December 18, 2024 21:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjriley mjriley mjriley approved these changes

@biyeun biyeun Awaiting requested review from biyeun

Assignees
No one assigned
Labels
product/all-users-all-environments Change impacts all users on all environments
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jingcheng16 @mjriley