mas_handlers/admin/v1/user_sessions/
list.rsuse aide::{OperationIo, transform::TransformOperation};
use axum::{
Json,
extract::{Query, rejection::QueryRejection},
response::IntoResponse,
};
use axum_macros::FromRequestParts;
use hyper::StatusCode;
use mas_storage::{pagination::Page, user::BrowserSessionFilter};
use schemars::JsonSchema;
use serde::Deserialize;
use ulid::Ulid;
use crate::{
admin::{
call_context::CallContext,
model::{Resource, UserSession},
params::Pagination,
response::{ErrorResponse, PaginatedResponse},
},
impl_from_error_for_route,
};
#[derive(Deserialize, JsonSchema, Clone, Copy)]
#[serde(rename_all = "snake_case")]
enum UserSessionStatus {
Active,
Finished,
}
impl std::fmt::Display for UserSessionStatus {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
Self::Active => write!(f, "active"),
Self::Finished => write!(f, "finished"),
}
}
}
#[derive(FromRequestParts, Deserialize, JsonSchema, OperationIo)]
#[serde(rename = "UserSessionFilter")]
#[aide(input_with = "Query<FilterParams>")]
#[from_request(via(Query), rejection(RouteError))]
pub struct FilterParams {
#[serde(rename = "filter[user]")]
#[schemars(with = "Option<crate::admin::schema::Ulid>")]
user: Option<Ulid>,
#[serde(rename = "filter[status]")]
status: Option<UserSessionStatus>,
}
impl std::fmt::Display for FilterParams {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
let mut sep = '?';
if let Some(user) = self.user {
write!(f, "{sep}filter[user]={user}")?;
sep = '&';
}
if let Some(status) = self.status {
write!(f, "{sep}filter[status]={status}")?;
sep = '&';
}
let _ = sep;
Ok(())
}
}
#[derive(Debug, thiserror::Error, OperationIo)]
#[aide(output_with = "Json<ErrorResponse>")]
pub enum RouteError {
#[error(transparent)]
Internal(Box<dyn std::error::Error + Send + Sync + 'static>),
#[error("User ID {0} not found")]
UserNotFound(Ulid),
#[error("Invalid filter parameters")]
InvalidFilter(#[from] QueryRejection),
}
impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response {
let error = ErrorResponse::from_error(&self);
let status = match self {
Self::Internal(_) => StatusCode::INTERNAL_SERVER_ERROR,
Self::UserNotFound(_) => StatusCode::NOT_FOUND,
Self::InvalidFilter(_) => StatusCode::BAD_REQUEST,
};
(status, Json(error)).into_response()
}
}
pub fn doc(operation: TransformOperation) -> TransformOperation {
operation
.id("listUserSessions")
.summary("List user sessions")
.description("Retrieve a list of user sessions (browser sessions).
Note that by default, all sessions, including finished ones are returned, with the oldest first.
Use the `filter[status]` parameter to filter the sessions by their status and `page[last]` parameter to retrieve the last N sessions.")
.tag("user-session")
.response_with::<200, Json<PaginatedResponse<UserSession>>, _>(|t| {
let sessions = UserSession::samples();
let pagination = mas_storage::Pagination::first(sessions.len());
let page = Page {
edges: sessions.into(),
has_next_page: true,
has_previous_page: false,
};
t.description("Paginated response of user sessions")
.example(PaginatedResponse::new(
page,
pagination,
42,
UserSession::PATH,
))
})
.response_with::<404, RouteError, _>(|t| {
let response = ErrorResponse::from_error(&RouteError::UserNotFound(Ulid::nil()));
t.description("User was not found").example(response)
})
}
#[tracing::instrument(name = "handler.admin.v1.user_sessions.list", skip_all, err)]
pub async fn handler(
CallContext { mut repo, .. }: CallContext,
Pagination(pagination): Pagination,
params: FilterParams,
) -> Result<Json<PaginatedResponse<UserSession>>, RouteError> {
let base = format!("{path}{params}", path = UserSession::PATH);
let filter = BrowserSessionFilter::default();
let user = if let Some(user_id) = params.user {
let user = repo
.user()
.lookup(user_id)
.await?
.ok_or(RouteError::UserNotFound(user_id))?;
Some(user)
} else {
None
};
let filter = match &user {
Some(user) => filter.for_user(user),
None => filter,
};
let filter = match params.status {
Some(UserSessionStatus::Active) => filter.active_only(),
Some(UserSessionStatus::Finished) => filter.finished_only(),
None => filter,
};
let page = repo.browser_session().list(filter, pagination).await?;
let count = repo.browser_session().count(filter).await?;
Ok(Json(PaginatedResponse::new(
page.map(UserSession::from),
pagination,
count,
&base,
)))
}
#[cfg(test)]
mod tests {
use chrono::Duration;
use hyper::{Request, StatusCode};
use insta::assert_json_snapshot;
use sqlx::PgPool;
use crate::test_utils::{RequestBuilderExt, ResponseExt, TestState, setup};
#[sqlx::test(migrator = "mas_storage_pg::MIGRATOR")]
async fn test_user_session_list(pool: PgPool) {
setup();
let mut state = TestState::from_pool(pool).await.unwrap();
let token = state.token_with_scope("urn:mas:admin").await;
let mut rng = state.rng();
let mut repo = state.repository().await.unwrap();
let alice = repo
.user()
.add(&mut rng, &state.clock, "alice".to_owned())
.await
.unwrap();
state.clock.advance(Duration::minutes(1));
let bob = repo
.user()
.add(&mut rng, &state.clock, "bob".to_owned())
.await
.unwrap();
repo.browser_session()
.add(&mut rng, &state.clock, &alice, None)
.await
.unwrap();
let session = repo
.browser_session()
.add(&mut rng, &state.clock, &bob, None)
.await
.unwrap();
state.clock.advance(Duration::minutes(1));
repo.browser_session()
.finish(&state.clock, session)
.await
.unwrap();
repo.save().await.unwrap();
let request = Request::get("/api/admin/v1/user-sessions")
.bearer(&token)
.empty();
let response = state.request(request).await;
response.assert_status(StatusCode::OK);
let body: serde_json::Value = response.json();
assert_json_snapshot!(body, @r###"
{
"meta": {
"count": 2
},
"data": [
{
"type": "user-session",
"id": "01FSHNB5309NMZYX8MFYH578R9",
"attributes": {
"created_at": "2022-01-16T14:41:00Z",
"finished_at": null,
"user_id": "01FSHN9AG0MZAA6S4AF7CTV32E",
"user_agent": null,
"last_active_at": null,
"last_active_ip": null
},
"links": {
"self": "/api/admin/v1/user-sessions/01FSHNB5309NMZYX8MFYH578R9"
}
},
{
"type": "user-session",
"id": "01FSHNB530KEPHYQQXW9XPTX6Z",
"attributes": {
"created_at": "2022-01-16T14:41:00Z",
"finished_at": "2022-01-16T14:42:00Z",
"user_id": "01FSHNB530AJ6AC5HQ9X6H4RP4",
"user_agent": null,
"last_active_at": null,
"last_active_ip": null
},
"links": {
"self": "/api/admin/v1/user-sessions/01FSHNB530KEPHYQQXW9XPTX6Z"
}
}
],
"links": {
"self": "/api/admin/v1/user-sessions?page[first]=10",
"first": "/api/admin/v1/user-sessions?page[first]=10",
"last": "/api/admin/v1/user-sessions?page[last]=10"
}
}
"###);
let request = Request::get(format!(
"/api/admin/v1/user-sessions?filter[user]={}",
alice.id
))
.bearer(&token)
.empty();
let response = state.request(request).await;
response.assert_status(StatusCode::OK);
let body: serde_json::Value = response.json();
assert_json_snapshot!(body, @r###"
{
"meta": {
"count": 1
},
"data": [
{
"type": "user-session",
"id": "01FSHNB5309NMZYX8MFYH578R9",
"attributes": {
"created_at": "2022-01-16T14:41:00Z",
"finished_at": null,
"user_id": "01FSHN9AG0MZAA6S4AF7CTV32E",
"user_agent": null,
"last_active_at": null,
"last_active_ip": null
},
"links": {
"self": "/api/admin/v1/user-sessions/01FSHNB5309NMZYX8MFYH578R9"
}
}
],
"links": {
"self": "/api/admin/v1/user-sessions?filter[user]=01FSHN9AG0MZAA6S4AF7CTV32E&page[first]=10",
"first": "/api/admin/v1/user-sessions?filter[user]=01FSHN9AG0MZAA6S4AF7CTV32E&page[first]=10",
"last": "/api/admin/v1/user-sessions?filter[user]=01FSHN9AG0MZAA6S4AF7CTV32E&page[last]=10"
}
}
"###);
let request = Request::get("/api/admin/v1/user-sessions?filter[status]=active")
.bearer(&token)
.empty();
let response = state.request(request).await;
response.assert_status(StatusCode::OK);
let body: serde_json::Value = response.json();
assert_json_snapshot!(body, @r###"
{
"meta": {
"count": 1
},
"data": [
{
"type": "user-session",
"id": "01FSHNB5309NMZYX8MFYH578R9",
"attributes": {
"created_at": "2022-01-16T14:41:00Z",
"finished_at": null,
"user_id": "01FSHN9AG0MZAA6S4AF7CTV32E",
"user_agent": null,
"last_active_at": null,
"last_active_ip": null
},
"links": {
"self": "/api/admin/v1/user-sessions/01FSHNB5309NMZYX8MFYH578R9"
}
}
],
"links": {
"self": "/api/admin/v1/user-sessions?filter[status]=active&page[first]=10",
"first": "/api/admin/v1/user-sessions?filter[status]=active&page[first]=10",
"last": "/api/admin/v1/user-sessions?filter[status]=active&page[last]=10"
}
}
"###);
let request = Request::get("/api/admin/v1/user-sessions?filter[status]=finished")
.bearer(&token)
.empty();
let response = state.request(request).await;
response.assert_status(StatusCode::OK);
let body: serde_json::Value = response.json();
assert_json_snapshot!(body, @r###"
{
"meta": {
"count": 1
},
"data": [
{
"type": "user-session",
"id": "01FSHNB530KEPHYQQXW9XPTX6Z",
"attributes": {
"created_at": "2022-01-16T14:41:00Z",
"finished_at": "2022-01-16T14:42:00Z",
"user_id": "01FSHNB530AJ6AC5HQ9X6H4RP4",
"user_agent": null,
"last_active_at": null,
"last_active_ip": null
},
"links": {
"self": "/api/admin/v1/user-sessions/01FSHNB530KEPHYQQXW9XPTX6Z"
}
}
],
"links": {
"self": "/api/admin/v1/user-sessions?filter[status]=finished&page[first]=10",
"first": "/api/admin/v1/user-sessions?filter[status]=finished&page[first]=10",
"last": "/api/admin/v1/user-sessions?filter[status]=finished&page[last]=10"
}
}
"###);
}
}