Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(logging): unified request logging (graphql, openapi, restli) #10802

Merged
merged 2 commits into from
Jun 29, 2024
Merged

feat(logging): unified request logging (graphql, openapi, restli) #10802

merged 2 commits into from
Jun 29, 2024

Conversation

david-leifker
Copy link
Collaborator

@david-leifker david-leifker commented Jun 27, 2024
edited by coderabbitai bot
Loading

Logs additional request information:

  • actor
  • ip address
  • api type
  • api request info
  • user agent

GraphQL

INFO i.d.metadata.context.RequestContext:51 - RequestContext{actorUrn='urn:li:corpuser:datahub', sourceIP='172.23.0.5', requestAPI=GRAPHQL, requestID='listPosts', userAgent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'}
INFO i.d.metadata.context.RequestContext:51 - RequestContext{actorUrn='urn:li:corpuser:datahub', sourceIP='172.23.0.5', requestAPI=GRAPHQL, requestID='listMyViews', userAgent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'}

Restli

INFO i.d.metadata.context.RequestContext:51 - RequestContext{actorUrn='urn:li:corpuser:__datahub_system', sourceIP='192.168.65.1', requestAPI=RESTLI, requestID='ingestProposal([dataset])', userAgent='python-requests/2.28.1'}

OpenAPI

INFO i.d.metadata.context.RequestContext:51 - RequestContext{actorUrn='urn:li:corpuser:datahub', sourceIP='172.23.0.5', requestAPI=OPENAPI, requestID='getEntities([dataset])', userAgent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'}
INFO i.d.metadata.context.RequestContext:51 - RequestContext{actorUrn='urn:li:corpuser:datahub', sourceIP='172.23.0.5', requestAPI=OPENAPI, requestID='getEntities([domain])', userAgent='Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'}

Checklist

  • The PR conforms to DataHub's Contributing Guideline (particularly Commit Message Format)
  • Links to related issues (if applicable)
  • Tests for the changes have been added/updated (if applicable)
  • Docs related to the changes have been added/updated (if applicable). If a new feature has been added a Usage Guide has been added for the same.
  • For any breaking change/potential downtime/deprecation/big changes an entry has been made in Updating DataHub

Summary by CodeRabbit

  • New Features

    • Added support for handling HTTP servlet requests across various components, enhancing servlet and RESTful server functionalities.

  • Enhancements

    • Improved logging capabilities by adding context information like actorUrn, sourceIP, and userAgent in request handlers.
    • Extended buildGraphql, buildRestli, and buildOpenapi methods to include additional parameters for better request context processing.

  • Refactor

    • Updated method signatures across multiple classes to include HttpServletRequest parameters, enabling enriched request processing and context information handling.

  • Dependency Updates

    • Added servletApi and restliServer dependencies to support new features and improvements.

@github-actions github-actions bot added the devops PR or Issue related to DataHub backend & deployment label Jun 27, 2024
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jun 27, 2024
edited
Loading

Warning

Rate limit exceeded

@david-leifker has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 19 minutes and 22 seconds before requesting another review.

How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

Commits

Files that changed from the base of the PR and between 2d95f53 and e743a06.

Walkthrough

Recent updates have significantly enhanced the metadata-operation-context and various controllers within the metadata service. These changes primarily involve adding HttpServletRequest parameters to methods, enriching context information for request processing, and expanding server functionalities by incorporating servlet and RESTful API capabilities. Additionally, new fields such as actorUrn, sourceIP, and userAgent are now captured and logged for comprehensive request context management.

Changes

File / Path Change Summary
metadata-operation-context/build.gradle Added dependencies servletApi and restliServer for enhanced servlet and REST functionality.
metadata-operation-context/src/.../RequestContext.java Added request context enhancements including new fields (actorUrn, sourceIP, userAgent), constructors, methods for extracting data, and enhanced logging.
metadata-service/.../graphql-servlet-impl/src/.../GraphQLController.java Modified postGraphQL to accept HttpServletRequest, and updated SpringQueryContext initialization.
metadata-service/.../openapi-analytics-servlet/build.gradle Added servletApi dependency.
metadata-service/.../openapi-entity-servlet/src/.../EntityApiDelegateImpl.java Integrated HttpServletRequest into various methods and constructor for enhanced request handling.
metadata-service/.../openapi-entity-servlet/src/.../apiController.mustache Updated {{classname}}Controller constructor to include request parameter.
metadata-service/.../openapi-entity-servlet/src/.../EntityController.java Included HttpServletRequest httpServletRequest as a parameter in getEntityBatch method signature.
metadata-service/.../openapi-servlet/build.gradle Added servletApi dependency.
metadata-service/.../openapi-servlet/src/.../GenericEntitiesController.java Added HttpServletRequest request parameter to multiple methods to construct enriched request contexts.
metadata-service/.../openapi-servlet/src/.../LineageApiImpl.java Added HttpServletRequest and modified buildOpenapi method in postRunEventRaw.
metadata-service/.../openapi-servlet/src/.../OperationsController.java Included HttpServletRequest request parameter in methods and buildOpenapi method calls.
metadata-service/.../openapi-servlet/src/.../EntitiesController.java Added HttpServletRequest parameter in methods for request operations handling.
metadata-service/.../openapi-servlet/src/.../PlatformEntitiesController.java Added import and parameter for HttpServletRequest, and updated buildOpenapi call in postEntities.
metadata-service/.../openapi-servlet/src/.../TimeseriesController.java Modified getAspects to include HttpServletRequest request, and updated buildOpenapi constructor parameters.
metadata-service/.../openapi-servlet/src/test/.../EntitiesControllerTest.java Modified testIngestDataset to include a null parameter in postEntities call.
metadata-service/.../restli-servlet-impl/src/.../Analytics.java Added new parameter in RequestContext creation within getTimeseriesStats.
metadata-service/.../restli-servlet-impl/src/.../AspectResource.java Updated RequestContext.builder().buildRestli() calls to include additional parameters.
metadata-service/.../restli-servlet-impl/src/.../BatchIngestionRunResource.java Updated rollback and describe methods to incorporate new parameters in buildRestli calls.
metadata-service/.../restli-servlet-impl/src/.../EntityResource.java Added comprehensive descriptions for changes across updated method signatures and RequestContext enhancement to better track actors, requests, and system states in AspectResource and others.

Poem

🐰
Amidst the codes, where functions sprout,
New requests dance and fields shout out.
With HttpServletRequest, logs do shine,
Actor's work and source align.
Enhancements, add-ons, in gradual flight,
The DataHub project feels just right!

🛠️🖥️

Tip

Early access features
  • OpenAI gpt-4o model for reviews and chat.

Note:

  • You can disable early access features from the CodeRabbit UI or by setting early_access: false in the CodeRabbit configuration file.
  • Please join our Discord Community to provide feedback and report issues.
  • OSS projects are always opted into early access features.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jun 27, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between f4be88d and 4929089.

Files selected for processing (26)
  • metadata-operation-context/build.gradle (1 hunks)
  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (4 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java (2 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java (2 hunks)
  • metadata-service/openapi-analytics-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java (3 hunks)
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java (13 hunks)
  • metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache (1 hunks)
  • metadata-service/openapi-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java (21 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java (11 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java (7 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java (5 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java (23 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java (3 hunks)
Additional comments not posted (98)
metadata-operation-context/build.gradle (1)

10-11: Confirm dependency versions and usage consistency.

The addition of servletApi and restliServer dependencies aligns with the PR's objectives. Please ensure that the versions used are consistent with the project's standards and that they do not introduce conflicts with existing dependencies.

Verification successful

Confirm dependency versions and usage consistency.

The versions for the dependencies are as follows:

  • servletApi: jakarta.servlet:jakarta.servlet-api:6.0.0
  • restliServer: com.linkedin.pegasus:restli-server:29.57.0

These versions appear consistent with the project's standards as no conflicts were detected in the provided context.

  • build.gradle:
    • externalDependency.servletApi = 'jakarta.servlet:jakarta.servlet-api:6.0.0'
    • ext.pegasusVersion = '29.57.0'
    • spec.product.pegasus.restliServer = 'com.linkedin.pegasus:restli-server:29.57.0'
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for conflicts in dependencies.

# Test: Search for dependency conflicts in gradle files. Expect: No conflicts.
rg --type gradle $'implementation externalDependency.servletApi'
rg --type gradle $'implementation spec.product.pegasus.restliServer'

Length of output: 1433

Script:

#!/bin/bash
# Description: Check for version declarations of dependencies.

# Search for version declarations of 'servletApi' and 'restliServer' in Gradle files.
rg --type gradle 'externalDependency.servletApi' --context 5
rg --type gradle 'spec.product.pegasus.restliServer' --context 5

Length of output: 14347

Script:

#!/bin/bash
# Description: Check for version declarations of dependencies in common dependency management files.

# Search for version declarations of 'externalDependency.servletApi' and 'spec.product.pegasus.restliServer'.
rg 'servletApi' build.gradle dependencies.gradle gradle.properties --context 5
rg 'restliServer' build.gradle dependencies.gradle gradle.properties --context 5

Length of output: 1926

Script:

#!/bin/bash
# Description: Check for the definition of the pegasusVersion variable.

# Search for the definition of 'pegasusVersion' in common dependency management files.
rg 'pegasusVersion' build.gradle gradle.properties --context 5

Length of output: 2496

metadata-service/openapi-analytics-servlet/build.gradle (1)

22-22: Confirm integration of servletApi dependency.

The addition of servletApi is crucial for handling servlet functionalities. Ensure that this dependency is properly integrated and does not conflict with other dependencies.

metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java (1)

10-10: Review changes in SpringQueryContext for correctness and integration.

Several changes have been made to integrate HttpServletRequest and improve request handling. Ensure that these changes are correctly implemented, especially the new logic for determining queryName and the integration of RequestContext.builder().

Also applies to: 30-31, 38-50, 55-56

Verification successful

Review changes in SpringQueryContext for correctness and integration.

The usage of HttpServletRequest and RequestContext.builder() in SpringQueryContext and related files has been verified:

  • SpringQueryContext.java correctly imports and uses HttpServletRequest.
  • RequestContext.builder() is utilized within SpringQueryContext.java.

These changes appear to be correctly implemented.

  • Files verified:
    • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java
    • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct implementation of changes in `SpringQueryContext`.

# Test: Search for usages of `HttpServletRequest` and `RequestContext.builder()` in GraphQL handling. Expect: Correct implementation.
rg --type java $'HttpServletRequest' -- 'src/main/java/com/datahub/graphql/'
rg --type java $'RequestContext.builder()' -- 'src/main/java/com/datahub/graphql/'

Length of output: 305

Script:

#!/bin/bash
# Description: Verify the correct implementation of changes in `SpringQueryContext`.

# Test: Search for usages of `HttpServletRequest` and `RequestContext.builder()` in GraphQL handling. Expect: Correct implementation.
rg --type java 'HttpServletRequest' -- 'metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/'
rg --type java 'RequestContext.builder()' -- 'metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/'

Length of output: 1129

metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java (1)

15-15: Ensure correct usage of HttpServletRequest in DatahubUsageEventsImpl.

The autowiring and usage of HttpServletRequest are crucial for handling OpenAPI analytics requests. Confirm that it is correctly integrated and used in the buildOpenapi method.

Also applies to: 31-31, 42-43

Verification successful

Correct usage of HttpServletRequest in DatahubUsageEventsImpl has been verified.

  • The HttpServletRequest is correctly autowired and used in the buildOpenapi method to extract the source IP and user agent.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct usage of `HttpServletRequest` in OpenAPI analytics handling.

# Test: Search for the usage of `HttpServletRequest` in OpenAPI analytics handling. Expect: Correct usage.
rg --type java $'HttpServletRequest' -- 'src/main/java/io/datahubproject/openapi/delegates/'

Length of output: 180

Script:

#!/bin/bash
# Find the correct path for DatahubUsageEventsImpl.java
fd DatahubUsageEventsImpl.java

# Once the correct path is found, search for the usage of HttpServletRequest within that file
fd DatahubUsageEventsImpl.java --exec rg HttpServletRequest

Length of output: 312

Script:

#!/bin/bash
# Search for the buildOpenapi method and references to the request field within DatahubUsageEventsImpl.java
rg 'buildOpenapi' -A 20 metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java

Length of output: 749

Script:

#!/bin/bash
# Search for the complete implementation of the buildOpenapi method in DatahubUsageEventsImpl.java
rg 'private .* buildOpenapi' -A 50 metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java

Length of output: 157

Script:

#!/bin/bash
# Search for the buildOpenapi method by its name and capture a larger context to ensure we get the full implementation
rg 'buildOpenapi' -A 100 metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java

Length of output: 750

Script:

#!/bin/bash
# Search for all method definitions in the DatahubUsageEventsImpl.java file
rg 'def ' metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java

Length of output: 132

Script:

#!/bin/bash
# Search for method definitions using a pattern that matches typical Java method signatures
rg 'public|private|protected [a-zA-Z<>]+ [a-zA-Z0-9_]+\(' metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java

Length of output: 622

Script:

#!/bin/bash
# Search for the definition of the buildOpenapi method across the entire codebase
rg 'buildOpenapi' -t java

Length of output: 4643

Script:

#!/bin/bash
# Search for the complete implementation of the buildOpenapi method in the RequestContext.java file
rg 'buildOpenapi' -A 50 metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 2409

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java (1)

16-16: Confirm correct usage of ResourceContext in Utils.

The addition of ResourceContext and its usage in the restoreIndices method are critical for handling Restli requests. Ensure that it is correctly integrated and used in the buildRestli method.

Also applies to: 36-37, 64-64

metadata-service/openapi-servlet/build.gradle (1)

24-24: Dependency additions approved.

The added servletApi and slf4jApi dependencies are essential for enhanced request handling and logging, aligning with the PR objectives.

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java (1)

17-17: Proper use of HttpServletRequest for enhanced logging.

The autowiring and usage of HttpServletRequest are correctly implemented to capture and utilize request-specific data, which aligns with the PR's objectives to enhance logging capabilities.

Also applies to: 54-54, 74-76

metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache (1)

101-101: Proper integration of HttpServletRequest in controller templates.

The modification to include HttpServletRequest in the constructor of generated controllers ensures that request data is properly integrated into the API operations, supporting the PR's logging enhancements.

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java (1)

17-17: Enhanced request context handling in analytics operations.

The introduction of HttpServletRequest and its usage in building request contexts for analytics operations are correctly implemented, enhancing the logging and monitoring capabilities as intended in the PR.

Also applies to: 32-32, 85-86

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java (1)

91-91: Correct implementation of request context in entity handling.

The changes to incorporate request-specific data into the entity handling operations are correctly implemented, enhancing the overall functionality and aligning with the PR's objectives.

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java (2)

20-20: Ensure proper use of HttpServletRequest.

The import of HttpServletRequest is crucial for capturing request-specific data as part of the new logging functionality.

74-75: Review the usage of HttpServletRequest in RequestContext construction.

The inclusion of HttpServletRequest in the RequestContext building process ensures that request-specific data such as IP and user-agent are correctly extracted and logged, aligning with the PR's goals.

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java (3)

25-25: Ensure proper use of HttpServletRequest.

The import of HttpServletRequest is crucial for capturing request-specific data as part of the new logging functionality.

81-83: Review the usage of HttpServletRequest in RequestContext construction.

The inclusion of HttpServletRequest in the RequestContext building process ensures that request-specific data such as IP and user-agent are correctly extracted and logged, aligning with the PR's goals.

60-60: Review the method signature change to include HttpServletRequest.

Adding HttpServletRequest to the method signature of getAspects allows capturing request-specific data which aligns with the PR objectives. Ensure that all calls to this method are updated to pass the required HttpServletRequest.

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java (2)

82-82: Review the usage of RequestContext in the get method.

The addition of RequestContext in the get method ensures that request-specific data is captured and logged, aligning with the PR objectives. This change enhances the traceability and auditability of requests.

126-126: Review the usage of RequestContext in the batchGet method.

The addition of RequestContext in the batchGet method ensures that request-specific data is captured and logged, aligning with the PR objectives. This change enhances the traceability and auditability of requests.

metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (7)

3-5: Proper import statements for handling HTTP requests.

The added imports are essential for handling HTTP and ResourceContext requests, which are crucial for extracting source IP and user-agent data.

17-17: Review the addition of the Slf4j logging annotation.

The addition of the @Slf4j logging annotation is appropriate for enabling logging within the RequestContext class. This facilitates debugging and monitoring by logging important request-specific information.

27-28: Review the new fields for capturing request details.

The addition of actorUrn, sourceIP, and userAgent as fields in the RequestContext class is crucial for capturing and logging request-specific information, which enhances monitoring and security auditing.

Also applies to: 37-37

39-52: Review the updated constructor for RequestContext.

The updated constructor correctly initializes the new fields and logs the initialized context, which is crucial for traceability and debugging.

61-62: Review the updated builder methods for different API types.

The builder methods for GRAPHQL, RESTLI, and OPENAPI have been updated to include the new fields and extract request-specific data like source IP and user-agent. These changes are crucial for capturing detailed context information for different types of requests.

Also applies to: 65-74, 78-108, 112-130

142-162: Review the utility methods for extracting source IP and user-agent.

The utility methods for extracting the source IP and user-agent from both HttpServletRequest and ResourceContext are well-implemented. These methods are crucial for capturing accurate request details.

165-182: Review the updated toString method.

The updated toString method now includes the new fields, which enhances the logging and debugging capabilities by providing a complete view of the request context.

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java (2)

98-98: Review the usage of RequestContext in the rollback method.

The addition of RequestContext in the rollback method ensures that request-specific data is captured and logged, aligning with the PR objectives. This change enhances the traceability and auditability of requests.

174-174: Review the usage of RequestContext in the describe method.

The addition of RequestContext in the describe method ensures that request-specific data is captured and logged, aligning with the PR objectives. This change enhances the traceability and auditability of requests.

metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java (3)

62-63: Ensure proper handling of HttpServletRequest in method signature.

The addition of HttpServletRequest to postGraphQL is consistent with the PR's objectives to enhance logging and request handling. Ensure that the request object is properly utilized within the method and not causing any side effects.

132-132: Ensure proper logging of queryName.

The logging of queryName provides useful debugging information. Ensure that the queryName is correctly derived and represents meaningful information about the GraphQL query being executed.

121-128: Review the initialization of SpringQueryContext with HttpServletRequest.

The new SpringQueryContext initialization now includes the HttpServletRequest object. This change aligns with the PR's goal to enhance request context handling across different APIs. Verify that all properties from the request are correctly extracted and used within the context.

metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java (1)

217-217: Review the use of null as the first parameter in postEntities.

Passing null as the first parameter in the postEntities method call within a test could be intentional to test the handling of null values. However, ensure that this is explicitly documented or tested to avoid confusion and potential errors in future modifications.

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java (1)

Line range hint 91-111: Review the integration of HttpServletRequest in getEntityBatch.

The inclusion of HttpServletRequest in getEntityBatch is consistent with the PR's objectives. Ensure that the request object is properly utilized to enhance the request context and logging capabilities.
[APROVED]

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java (1)

144-144: Ensure proper use of RequestContext.builder().buildRestli in batchIngest.

The addition of RequestContext.builder().buildRestli in the batchIngest method is intended to enhance the request context. Ensure that the parameters passed to buildRestli are correctly utilized and contribute to the improved logging and request handling.

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java (1)

110-110: Review the implementation of restoreIndices.

The new restoreIndices method utilizes Utils.restoreIndices, which should align with the PR's objectives of enhancing operations capabilities. Ensure that all parameters are correctly handled and the method functions as expected.

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java (6)

94-94: Ensure proper handling of HttpServletRequest in method parameters.

The addition of HttpServletRequest request to the method parameters is consistent with the PR's goal to enhance logging capabilities. Ensure that this object is used securely and not exposed inappropriately in logs or error messages.

176-176: Review the integration of HttpServletRequest in POST method.

The addition of HttpServletRequest to postEntities allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

251-251: Review the integration of HttpServletRequest in DELETE method.

Adding HttpServletRequest to deleteEntities supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

199-200: Validate the correct usage of HttpServletRequest in RequestContext building.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validate the correct usage of HttpServletRequest in RequestContext building.

The buildOpenapi method in the RequestContext class securely handles the HttpServletRequest object by extracting the source IP and user agent, ensuring that sensitive data is not exposed. The relevant code snippet is:

public RequestContext buildOpenapi(
    @Nonnull String actorUrn,
    @Nullable HttpServletRequest request,
    @Nonnull String action,
    @Nullable Collection<String> entityNames) {
  actorUrn(actorUrn);
  sourceIP(request == null ? "" : extractSourceIP(request));
  requestAPI(RequestAPI.OPENAPI);
  requestID(buildRequestId(action, entityNames));
  userAgent(request == null ? "" : extractUserAgent(request));
  return build();
}
  • Source IP: sourceIP(request == null ? "" : extractSourceIP(request))
  • User Agent: userAgent(request == null ? "" : extractUserAgent(request))

These lines show that the method safely handles potential null values and extracts only necessary information.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Locate the RequestContext class and list its methods
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Search for any references to buildOpenapi in the codebase
rg 'buildOpenapi'

Length of output: 4699

Script:

#!/bin/bash
# Extract the implementation of the buildOpenapi method from the RequestContext class
ast-grep --lang java --pattern 'public RequestContext buildOpenapi($_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 177

Script:

#!/bin/bash
# List all methods in the RequestContext class to manually identify the buildOpenapi method
ast-grep --lang java --pattern 'public $_ $_($_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 155

Script:

#!/bin/bash
# Search for the buildOpenapi method definition in the RequestContext class file using rg
rg 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java -A 20

Length of output: 1261

289-290: Check for secure handling of HttpServletRequest in RequestContext construction.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Secure handling of HttpServletRequest in RequestContext construction verified.

The buildOpenapi method in RequestContext securely handles the HttpServletRequest parameter by extracting the source IP and user agent in a controlled manner:

  • Source IP extraction: The extractSourceIP method safely retrieves the IP address from the X-Forwarded-For header or falls back to the remote address if the header is not present.
  • User Agent extraction: The extractUserAgent method retrieves the user agent from the User-Agent header, defaulting to an empty string if the header is absent.

These methods ensure that sensitive headers are handled appropriately, mitigating potential security risks.

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Description: Locate all methods within the RequestContext class to find the correct method for further inspection.

# Search for all methods in the RequestContext class
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

Length of output: 63

Script:

#!/bin/bash
# Description: Locate the file containing the RequestContext class definition.

# Search for the RequestContext class definition in the repository
rg --type java 'class RequestContext'

Length of output: 335

Script:

#!/bin/bash
# Description: Search for the buildOpenapi method within the RequestContext class file.

# Search for the buildOpenapi method in the RequestContext.java file
rg --type java 'buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 232

Script:

#!/bin/bash
# Description: Extract the full implementation of the buildOpenapi method from the RequestContext.java file.

# Extract the buildOpenapi method implementation
ast-grep --lang java --pattern 'public RequestContext buildOpenapi($_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 177

Script:

#!/bin/bash
# Description: Search for all methods named buildOpenapi within the RequestContext.java file.

# Search for all methods named buildOpenapi in the RequestContext.java file
rg --type java 'buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java -A 20

Length of output: 1249

Script:

#!/bin/bash
# Description: Extract the implementations of the extractSourceIP and extractUserAgent methods from the RequestContext.java file.

# Extract the extractSourceIP method implementation
rg --type java 'extractSourceIP' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java -A 10

# Extract the extractUserAgent method implementation
rg --type java 'extractUserAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java -A 10

Length of output: 4094

127-128: Ensure the RequestContext is built correctly with the new request parameter.

The RequestContext.builder().buildOpenapi(...) method now includes the request parameter, which should enhance the logging with request-specific details. Verify that the buildOpenapi method properly handles this parameter without leaking sensitive information.

Verification successful

Ensure the RequestContext is built correctly with the new request parameter.

The RequestContext.buildOpenapi method properly handles the request parameter by extracting the source IP and user agent, ensuring that the request-specific details are included in the context. Sensitive information such as the IP address and user agent are handled appropriately without exposing other potentially sensitive details.

  • RequestContext.buildOpenapi method implementation:
    • sourceIP and userAgent are derived from the request parameter.
    • The method ensures that sensitive information is not leaked.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the RequestContext's buildOpenapi method handles the 'request' parameter securely.

# Test: Search for the method implementation. Expect: Proper handling of the 'request' parameter.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Search for the RequestContext class definition to locate its file
rg --files-with-matches 'class RequestContext' --type java

# Once the file is located, search for all methods in the RequestContext class to find buildOpenapi
rg --type java 'RequestContext' | xargs rg --type java 'buildOpenapi'

# Search for invocations of RequestContext.builder() to track how the context is built
rg --type java 'RequestContext.builder()'

Length of output: 85727

Script:

#!/bin/bash
# Fetch the implementation of the buildOpenapi method in the RequestContext class to verify the handling of the request parameter
ast-grep --lang java --pattern 'public static RequestContext buildOpenapi($$$_)' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 523

Script:

#!/bin/bash
# Search for the buildOpenapi method implementation in the RequestContext class using rg with a refined pattern
rg --type java 'public static RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 156

Script:

#!/bin/bash
# Search for all method definitions in the RequestContext class to identify any potential candidates
rg --type java 'public static RequestContext' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 143

Script:

#!/bin/bash
# Search for methods across the repository that include the request parameter and are related to OpenAPI
rg --type java 'buildOpenapi'

Length of output: 4647

Script:

#!/bin/bash
# Extract and inspect the buildOpenapi method implementations from RequestContext.java to verify the handling of the request parameter
rg -A 20 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1261

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java (2)

151-151: Ensure proper handling of HttpServletRequest in method parameters.

The addition of HttpServletRequest request to the method parameters is consistent with the PR's goal to enhance logging capabilities. Ensure that this object is used securely and not exposed inappropriately in logs or error messages.

202-202: Ensure the RequestContext is built correctly with the new request parameter.

The RequestContext.builder().buildRestli(...) method now includes the request parameter, which should enhance the logging with request-specific details. Verify that the buildRestli method properly handles this parameter without leaking sensitive information.

Verification successful

Ensure the RequestContext is built correctly with the new request parameter.

The RequestContext.builder().buildRestli(...) method now includes the request parameter, which should enhance the logging with request-specific details. The verification shows that the buildRestli method handles the request parameter securely by extracting necessary details without leaking sensitive information.

  • The buildRestli method uses extractSourceIP and extractUserAgent methods, which handle the resourceContext to gather specific and non-sensitive details.
  • The method then constructs the RequestContext using these details, ensuring no sensitive information is exposed.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that the RequestContext's buildRestli method handles the 'request' parameter securely.

# Test: Search for the method implementation. Expect: Proper handling of the 'request' parameter.
rg --type java $'public static RequestContext buildRestli'

Length of output: 59

Script:

#!/bin/bash
# Step 1: Locate the RequestContext class file
fd -e java -x grep -l 'class RequestContext' {} +

# Step 2: Search for all methods in the RequestContext class
fd -e java -x grep -A 10 -e 'class RequestContext' {} + | grep -A 10 -e 'public static RequestContext buildRestli'

Length of output: 146430

Script:

#!/bin/bash
# Step 1: Locate the RequestContext class file
request_context_file=$(fd -e java 'RequestContext.java')

# Step 2: Search for the buildRestli method within the RequestContext class file
if [ -n "$request_context_file" ]; then
  grep -A 10 'public static RequestContext buildRestli' "$request_context_file"
else
  echo "RequestContext.java file not found."
fi

Length of output: 413

Script:

#!/bin/bash
# Step 1: Locate the RequestContext class file
request_context_file=$(fd -e java 'RequestContext.java')

# Step 2: List all static methods within the RequestContext class file
if [ -n "$request_context_file" ]; then
  grep -E 'public static .* \w+\(' "$request_context_file"
else
  echo "RequestContext.java file not found."
fi

Length of output: 392

Script:

#!/bin/bash
# Search for the buildRestli method across the entire codebase
rg --type java 'buildRestli'

Length of output: 12104

Script:

#!/bin/bash
# Step 1: Locate the RequestContext class file
request_context_file=$(fd -e java 'RequestContext.java')

# Step 2: Extract the buildRestli method implementations from the RequestContext class file
if [ -n "$request_context_file" ]; then
  grep -A 20 'public RequestContext buildRestli' "$request_context_file"
else
  echo "RequestContext.java file not found."
fi

Length of output: 1932

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java (11)

34-34: Ensure proper handling of HttpServletRequest in method parameters.

The addition of HttpServletRequest request to the method parameters is consistent with the PR's goal to enhance logging capabilities. Ensure that this object is used securely and not exposed inappropriately in logs or error messages.

137-137: Review the integration of HttpServletRequest in GET method.

The addition of HttpServletRequest to getIndexSizes allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

175-175: Review the integration of HttpServletRequest in EXPLAIN method.

Adding HttpServletRequest to explainSearchQuery supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

269-269: Review the integration of HttpServletRequest in EXPLAIN DIFF method.

The addition of HttpServletRequest to explainSearchQueryDiff allows for enhanced logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

408-408: Review the integration of HttpServletRequest in RESTORE INDICES method.

Adding HttpServletRequest to restoreIndices supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

456-456: Review the integration of HttpServletRequest in RESTORE INDICES POST method.

The addition of HttpServletRequest to the POST version of restoreIndices allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

428-429: Check for secure handling of HttpServletRequest in RequestContext construction for RESTORE INDICES.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Secure handling of HttpServletRequest verified in RequestContext construction for RESTORE INDICES.

The buildOpenapi method in RequestContext securely handles the HttpServletRequest by extracting the source IP and user agent safely, ensuring that sensitive information is managed appropriately.

  • RequestContext.java:
    • sourceIP(request == null ? "" : extractSourceIP(request));
    • userAgent(request == null ? "" : extractUserAgent(request));
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction for RESTORE INDICES.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Locate the usage of `RequestContext.builder()` and trace handling of `HttpServletRequest`.

# Find all occurrences of `RequestContext.builder()`
rg --type java 'RequestContext\.builder\(\)'

# Find all methods related to `RequestContext` to understand its construction and handling of `HttpServletRequest`
rg --type java 'class RequestContext'
rg --type java 'RequestContext build'

Length of output: 17133

Script:

#!/bin/bash
# Extract the implementation details of the `buildOpenapi` method in the `RequestContext` class to verify secure handling of `HttpServletRequest`.

# Locate the `buildOpenapi` method in the RequestContext class
rg --type java 'public RequestContext buildOpenapi' --context 10

Length of output: 4118

335-336: Validate the correct usage of HttpServletRequest in RequestContext building for EXPLAIN DIFF.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validate the correct usage of HttpServletRequest in RequestContext building for EXPLAIN DIFF.

The buildOpenapi methods in the RequestContext class handle the HttpServletRequest object securely by extracting the source IP and user agent, which are common practices for logging and request tracking. Sensitive data exposure is mitigated as only these specific request attributes are extracted.

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method for EXPLAIN DIFF.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Locate the RequestContext class definition and list all its methods to find the correct one.
fd -t f -e java -x grep -Hn 'class RequestContext' {} \; | cut -d: -f1 | xargs -I {} sh -c 'echo "File: {}"; grep -n "{" {} | grep -B 1 "RequestContext"'

Length of output: 922

Script:

#!/bin/bash
# List all methods in the RequestContext class, including those in the RequestContextBuilder inner class.
ast-grep --lang java --pattern 'class RequestContext {
  $$$
}' > methods_in_RequestContext.txt

cat methods_in_RequestContext.txt

Length of output: 101

Script:

#!/bin/bash
# Search for method definitions within the RequestContext class file using rg.
rg 'public .*RequestContext' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 536

Script:

#!/bin/bash
# Extract the implementation of both buildOpenapi methods from the RequestContext class file.
rg -A 20 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1261

234-235: Check for secure handling of HttpServletRequest in RequestContext construction.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Secure handling of HttpServletRequest verified.

The methods extractSourceIP and extractUserAgent in RequestContext.java securely handle the HttpServletRequest parameter:

  • extractSourceIP: Extracts the source IP from the X-Forwarded-For header or falls back to the remote address.
  • extractUserAgent: Extracts the user agent from the User-Agent header, defaulting to an empty string if not present.

No security vulnerabilities were found in the handling of sensitive headers.

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
    • Lines: 142-144, 151-155
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Search for the definition of the `RequestContext` class and its methods, including `buildOpenapi`
ast-grep --lang java --pattern 'class RequestContext { $$$ }'
ast-grep --lang java --pattern 'public static RequestContext buildOpenapi($$$) { $$$ }'

Length of output: 153

Script:

#!/bin/bash
# Search for the definition of the `RequestContext` class
rg --type java 'class RequestContext'

# Search for any method containing `buildOpenapi`
rg --type java 'buildOpenapi'

Length of output: 4983

Script:

#!/bin/bash
# Extract the implementation of the `buildOpenapi` method from `RequestContext.java`
ast-grep --lang java --pattern 'public RequestContext buildOpenapi($$$) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 2970

Script:

#!/bin/bash
# Extract the implementations of `extractSourceIP` and `extractUserAgent` methods from `RequestContext.java`
ast-grep --lang java --pattern 'private static String extractSourceIP($$$) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
ast-grep --lang java --pattern 'private static String extractUserAgent($$$) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 3176

471-472: Validate the correct usage of HttpServletRequest in RequestContext building for RESTORE INDICES POST.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validate the correct usage of HttpServletRequest in RequestContext building for RESTORE INDICES POST.

The RequestContext class's buildOpenapi method securely handles the HttpServletRequest object by extracting necessary information such as source IP and user agent through dedicated methods. The implementation ensures that sensitive information is not exposed, adhering to best practices for secure handling of HTTP requests.

  • RequestContext.java file:
    • Methods extractSourceIP and extractUserAgent safely extract required information from HttpServletRequest.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method for RESTORE INDICES POST.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Searching for the buildOpenapi method within the RequestContext class
ast-grep --lang java --pattern $'class RequestContext {
  $$$
  RequestContext buildOpenapi($_) {
    $$$
  }
  $$$  
}'

Length of output: 121

Script:

#!/bin/bash
# Searching for the buildOpenapi method across all Java files in the repository
rg --type java 'buildOpenapi'

Length of output: 4647

Script:

#!/bin/bash
# Extracting the implementation of the buildOpenapi method from the RequestContext class
ast-grep --lang java --pattern $'class RequestContext {
  $$$
  public RequestContext buildOpenapi($_) {
    $$$
  }
  $$$  
}' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 224

Script:

#!/bin/bash
# Displaying the content of RequestContext.java to locate and inspect the buildOpenapi method
cat metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 6178

149-149: Validate the correct usage of HttpServletRequest in RequestContext building.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validation of HttpServletRequest Usage in RequestContext.buildOpenapi

The buildOpenapi method in RequestContext securely handles the HttpServletRequest object. The method uses the extractSourceIP and extractUserAgent helper methods to retrieve specific information from the request without exposing sensitive data. These helper methods ensure that headers are safely extracted and default values are used when headers are missing.

  • extractSourceIP method:

    • Retrieves the X-Forwarded-For header and extracts the first IP address.
    • Falls back to request.getRemoteAddr() if the header is not present.

  • extractUserAgent method:

    • Retrieves the User-Agent header.
    • Returns an empty string if the header is not present.

These implementations confirm that the necessary security measures are in place when handling the HttpServletRequest object.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Search for the RequestContext class definition and list its methods to locate the buildOpenapi method.
ast-grep --lang java --pattern 'class RequestContext { $$$ }' --debug

Length of output: 289

Script:

#!/bin/bash
# Search for the RequestContext class definition and list its methods to locate the buildOpenapi method.
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

Length of output: 63

Script:

#!/bin/bash
# Search for files containing the term 'RequestContext' and then inspect those files for the 'buildOpenapi' method.
rg 'RequestContext' --files-with-matches | xargs rg 'buildOpenapi'

Length of output: 4682

Script:

#!/bin/bash
# Extract the implementation of the buildOpenapi method from RequestContext.java
ast-grep --lang java --pattern 'public RequestContext buildOpenapi($_, $_, $_, $_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 670

Script:

#!/bin/bash
# Search for the buildOpenapi method signature in RequestContext.java
rg 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java -A 20

Length of output: 1261

Script:

#!/bin/bash
# Extract the implementations of extractSourceIP and extractUserAgent methods from RequestContext.java
rg 'private static String extractSourceIP' -A 10 metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg 'private static String extractUserAgent' -A 10 metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1648

metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java (13)

55-55: Ensure proper handling of HttpServletRequest in method parameters.

The addition of HttpServletRequest request to the method parameters is consistent with the PR's goal to enhance logging capabilities. Ensure that this object is used securely and not exposed inappropriately in logs or error messages.

137-137: Review the integration of HttpServletRequest in GET method.

The addition of HttpServletRequest to getEntities allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

206-206: Review the integration of HttpServletRequest in GET ENTITY method.

Adding HttpServletRequest to getEntity supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

249-249: Review the integration of HttpServletRequest in HEAD ENTITY method.

The addition of HttpServletRequest to headEntity allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

283-283: Review the integration of HttpServletRequest in GET ASPECT method.

Adding HttpServletRequest to getAspect supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

327-327: Review the integration of HttpServletRequest in HEAD ASPECT method.

The addition of HttpServletRequest to headAspect allows for enhanced logging. Review the usage of this object within the method to ensure it's used securely, particularly in logging and error handling.

360-360: Review the integration of HttpServletRequest in DELETE ENTITY method.

Adding HttpServletRequest to deleteEntity supports detailed logging. Ensure that the request object is not misused or exposed inappropriately, especially in error messages or logs.

376-378: Check for secure handling of HttpServletRequest in RequestContext construction for DELETE ENTITY.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Confirm secure handling of HttpServletRequest in RequestContext construction for DELETE ENTITY.

The methods extractUserAgent and extractSourceIP from RequestContext handle sensitive headers by safely extracting the User-Agent and source IP address. Here are the relevant implementations:

  • extractUserAgent:

    private static String extractUserAgent(@Nonnull HttpServletRequest request) {
  return Optional.ofNullable(request.getHeader(HttpHeaders.USER_AGENT)).orElse("");
}

  • extractSourceIP:

    private static String extractSourceIP(@Nonnull HttpServletRequest request) {
  return Optional.ofNullable(request.getHeader(HttpHeaders.X_FORWARDED_FOR))
      .map(xForward -> xForward.split(",")[0])
      .orElse(request.getRemoteAddr());
}

These methods ensure that sensitive headers are handled securely by using Optional to avoid NullPointerException and properly parsing the X-Forwarded-For header to get the correct IP address.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction for DELETE ENTITY.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Searching for the buildOpenapi method within the codebase, without assumptions about its visibility or static nature.
rg 'buildOpenapi'

# Searching for any usages of HttpServletRequest within RequestContext to ensure secure handling of sensitive headers.
rg 'HttpServletRequest' --type java

Length of output: 30681

Script:

#!/bin/bash
# Extracting the implementation of the buildOpenapi method and related methods handling HttpServletRequest in RequestContext.java
ast-grep --lang java --pattern 'public RequestContext buildOpenapi($_$) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

# Extracting the implementation of the extractUserAgent method in RequestContext.java
ast-grep --lang java --pattern 'private static String extractUserAgent(@Nonnull HttpServletRequest request) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

# Extracting the implementation of the extractSourceIP method in RequestContext.java
ast-grep --lang java --pattern 'private static String extractSourceIP(@Nonnull HttpServletRequest request) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1846

164-166: Validate the correct usage of HttpServletRequest in RequestContext building.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validate the correct usage of HttpServletRequest in RequestContext building.

The extractSourceIP and extractUserAgent methods securely handle the HttpServletRequest object. They extract the source IP and user agent from the request headers without exposing sensitive data.

  • extractSourceIP: Retrieves the source IP from the X-Forwarded-For header or falls back to getRemoteAddr().
  • extractUserAgent: Retrieves the user agent from the User-Agent header or returns an empty string if the header is not present.

These implementations ensure that no sensitive data is exposed.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Locate the RequestContext class file
fd 'RequestContext.java'

# Search for the buildOpenapi method within the located file
fd 'RequestContext.java' | xargs rg 'buildOpenapi'

Length of output: 276

Script:

#!/bin/bash
# Extract the implementation of the buildOpenapi method from RequestContext.java
rg -A 20 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1261

Script:

#!/bin/bash
# Search for the implementations of extractSourceIP and extractUserAgent methods in RequestContext.java
rg 'extractSourceIP' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg 'extractUserAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 952

Script:

#!/bin/bash
# Extract the implementations of extractSourceIP and extractUserAgent methods from RequestContext.java
rg -A 10 'private static String extractSourceIP' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg -A 10 'private static String extractUserAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1648

225-227: Check for secure handling of HttpServletRequest in RequestContext construction for GET ENTITY.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Check for secure handling of HttpServletRequest in RequestContext construction for GET ENTITY.

The methods extractSourceIP and extractUserAgent are used to handle sensitive headers from the HttpServletRequest. These methods appear to safely extract and handle the necessary information by using optional checks and default values. Therefore, the integration of HttpServletRequest in the RequestContext construction seems secure.

  • extractSourceIP method:

    • Uses Optional.ofNullable to safely handle the X_FORWARDED_FOR header.
    • Falls back to request.getRemoteAddr() if the header is not present.

  • extractUserAgent method:

    • Uses Optional.ofNullable to safely handle the USER_AGENT header.
    • Provides an empty string as a default value if the header is not present.

Verified Locations:

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction for GET ENTITY.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Description: Locate the RequestContext class and inspect its methods to verify secure handling of HttpServletRequest.

# Search for the RequestContext class definition
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Search for methods within the RequestContext class that handle HttpServletRequest
rg --type java --pattern 'RequestContext buildOpenapi' --context 10

Length of output: 545

Script:

#!/bin/bash
# Description: Locate the RequestContext class and inspect its methods to verify secure handling of HttpServletRequest.

# Search for the RequestContext class definition
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Correct usage of rg to search for methods within the RequestContext class that handle HttpServletRequest
rg 'RequestContext buildOpenapi' --type java --context 10

Length of output: 4175

Script:

#!/bin/bash
# Description: Verify secure handling in extractSourceIP and extractUserAgent methods.

# Search for the implementation of extractSourceIP method
rg 'extractSourceIP' --type java --context 10

# Search for the implementation of extractUserAgent method
rg 'extractUserAgent' --type java --context 10

Length of output: 22722

265-267: Validate the correct usage of HttpServletRequest in RequestContext building for HEAD ENTITY.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

The buildOpenapi method in RequestContext securely handles the HttpServletRequest object.

The method extracts the source IP and user agent from the request object, which are common practices for logging and auditing. There is no indication that sensitive data is exposed inappropriately.

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method for HEAD ENTITY.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Search for the buildOpenapi method within the RequestContext class
ast-grep --lang java --pattern 'class RequestContext { $$$ public static RequestContext buildOpenapi($_, $_, $_, $_) { $$$ } $$$ }'

Length of output: 133

Script:

#!/bin/bash
# Search for all occurrences of buildOpenapi in the codebase to locate the method definition and its usage
rg 'buildOpenapi'

Length of output: 4635

Script:

#!/bin/bash
# Retrieve the full implementation of the buildOpenapi method from RequestContext.java
rg -A 20 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1261

301-303: Check for secure handling of HttpServletRequest in RequestContext construction for GET ASPECT.

The method RequestContext.builder().buildOpenapi(...) now incorporates the request parameter. It is crucial to ensure that this integration does not lead to any security vulnerabilities, especially in the way IP addresses, user agents, and other sensitive headers are handled.

Verification successful

Secure handling of HttpServletRequest in RequestContext methods verified.

The methods extractUserAgent and extractSourceIP within the RequestContext class handle HttpServletRequest securely by using Optional.ofNullable to handle the headers. This ensures that null values are managed appropriately, and sensitive headers are processed safely.

  • extractUserAgent: Retrieves the User-Agent header and defaults to an empty string if not present.
  • extractSourceIP: Retrieves the X-Forwarded-For header and falls back to the remote address if the header is not present.

These implementations show secure handling of sensitive headers, mitigating potential vulnerabilities.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Confirm secure handling of HttpServletRequest in RequestContext construction for GET ASPECT.

# Test: Search for the method implementation. Expect: Secure handling of sensitive headers.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Description: Locate the RequestContext class and ensure secure handling of HttpServletRequest in the buildOpenapi method.

# Find the file containing the RequestContext class
request_context_file=$(rg --files-with-matches --type java 'class RequestContext')

# Search for the buildOpenapi method within the found file
if [ -n "$request_context_file" ]; then
    rg --type java --no-filename 'public static RequestContext buildOpenapi' $request_context_file
fi

Length of output: 460

Script:

#!/bin/bash
# Description: Search for methods in RequestContext class that handle HttpServletRequest to ensure secure handling.

# Search for method signatures that take HttpServletRequest as a parameter in the RequestContext class
rg --type java --no-filename 'public static RequestContext .*HttpServletRequest' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 178

Script:

#!/bin/bash
# Description: Broaden search to find any method in RequestContext class that involves HttpServletRequest indirectly.

# Search for any method in the RequestContext class that involves HttpServletRequest indirectly
rg --type java --no-filename 'HttpServletRequest' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 492

Script:

#!/bin/bash
# Description: Extract the implementation of extractUserAgent and extractSourceIP methods to ensure secure handling of HttpServletRequest.

# Extract the implementation of extractUserAgent and extractSourceIP methods
rg --type java --no-filename -A 10 'private static String extractUserAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg --type java --no-filename -A 10 'private static String extractSourceIP' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1700

344-346: Validate the correct usage of HttpServletRequest in RequestContext building for HEAD ASPECT.

The method RequestContext.builder().buildOpenapi(...) now includes the request object. Confirm that this method securely extracts and logs necessary information from the request without exposing sensitive data.

Verification successful

Validate the correct usage of HttpServletRequest in RequestContext building for HEAD ASPECT.

The buildOpenapi method in the RequestContext class securely extracts the source IP and user agent from the HttpServletRequest object. The methods extractSourceIP and extractUserAgent handle the request headers properly, ensuring no sensitive data is exposed.

  • File: metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
    • buildOpenapi method implementation: 
      public RequestContext buildOpenapi(
    @Nonnull String actorUrn,
    @Nullable HttpServletRequest request,
    @Nonnull String action,
    @Nullable Collection<String> entityNames) {
  actorUrn(actorUrn);
  sourceIP(request == null ? "" : extractSourceIP(request));
  requestAPI(RequestAPI.OPENAPI);
  requestID(buildRequestId(action, entityNames));
  userAgent(request == null ? "" : extractUserAgent(request));
  return build();
}
    • extractSourceIP method implementation: 
      private static String extractSourceIP(@Nonnull HttpServletRequest request) {
  return Optional.ofNullable(request.getHeader(HttpHeaders.X_FORWARDED_FOR))
      .map(xForward -> xForward.split(",")[0])
      .orElse(request.getRemoteAddr());
}
    • extractUserAgent method implementation: 
      private static String extractUserAgent(@Nonnull HttpServletRequest request) {
  return Optional.ofNullable(request.getHeader(HttpHeaders.USER_AGENT)).orElse("");
}
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Double-check security measures in the RequestContext's buildOpenapi method for HEAD ASPECT.

# Test: Search for the method implementation. Expect: Security measures in place for handling 'request'.
rg --type java $'public static RequestContext buildOpenapi'

Length of output: 60

Script:

#!/bin/bash
# Locate the RequestContext class definition
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Locate the buildOpenapi method within the RequestContext class
ast-grep --lang java --pattern 'public static RequestContext buildOpenapi($$$_)' | xargs -I {} sh -c 'echo "File: {}" && cat {}'

Length of output: 541

Script:

#!/bin/bash
# Locate the RequestContext class definition
rg --type java 'class RequestContext'

# Locate methods within the RequestContext class
rg --type java 'RequestContext' | xargs -I {} sh -c 'echo "File: {}" && rg --type java "public static RequestContext" {}'

Length of output: 35859

Script:

#!/bin/bash
# Search for the buildOpenapi method within the RequestContext class file
rg --type java 'buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 232

Script:

#!/bin/bash
# Extract the full implementation of the buildOpenapi method from the RequestContext class file
rg --type java -A 20 'public RequestContext buildOpenapi' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1273

Script:

#!/bin/bash
# Extract the implementations of the extractSourceIP and extractUserAgent methods from the RequestContext class file
rg --type java -A 20 'extractSourceIP|extractUserAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 3649

metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java (11)

Line range hint 89-106: Constructor Update: Proper Initialization of HttpServletRequest

The addition of HttpServletRequest to the constructor and its subsequent assignment to the class field this.request is correctly implemented. This change aligns with the PR's objective to enhance logging and context management by making request data available to API methods.

126-126: Enhanced Request Logging in get Method

The inclusion of the request parameter in _v1Controller.getEntities call is appropriate and aligns with the PR's objectives. This ensures that request-specific data is available for logging and context management.

153-153: Correct Usage of HttpServletRequest in create Method

The inclusion of the request parameter in _v1Controller.postEntities is correctly implemented and aligns with the PR's objectives for enhanced request logging and context management.

165-165: Proper Inclusion of HttpServletRequest in delete Method

The method correctly includes the request parameter in _v1Controller.deleteEntities, ensuring that request-specific data is available for enhanced logging and context management.

184-186: Enhanced Context Management in head Method

The method correctly constructs a RequestContext using the request parameter, ensuring that request-specific data is accurately captured for logging and context management.

209-209: Correct Implementation of HttpServletRequest in getAspect Method

The inclusion of the request parameter in _v1Controller.getEntities ensures that request-specific data is available for enhanced logging and context management.

226-226: Proper Usage of HttpServletRequest in createAspect Method

The inclusion of the request parameter in _v1Controller.postEntities is correctly implemented and aligns with the PR's objectives for enhanced request logging and context management.

248-250: Enhanced Context Management in headAspect Method

The method correctly constructs a RequestContext using the request parameter, ensuring that request-specific data is accurately captured for logging and context management.

271-273: Correct Construction of RequestContext in deleteAspect Method

The method correctly constructs a RequestContext using the request parameter, ensuring that request-specific data is accurately captured for logging and context management.

620-622: Enhanced Context Management in scroll Method

The method correctly constructs a RequestContext using the request parameter, ensuring that request-specific data is accurately captured for logging and context management.

660-660: Correct Implementation of HttpServletRequest in getEntities Method

The inclusion of the request parameter in _v1Controller.getEntities ensures that request-specific data is available for enhanced logging and context management.

metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java (22)

664-664: Review list method for appropriate RequestContext setup.

Ensure that the ACTION_LIST used in RequestContext is correctly implemented and that all parameters are logged as expected.

Verification successful

Ensure ACTION_LIST is correctly set up in RequestContext

The ACTION_LIST is defined as private static final String ACTION_LIST = "list"; and is used appropriately in the RequestContext setup. All parameters are logged as expected.

  • ACTION_LIST is correctly defined and used within the RequestContext.builder().buildRestli method.
  • Logging statements related to RequestContext initializations are present and cover various actions including ACTION_LIST.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct usage of `ACTION_LIST` in RequestContext.

# Test: Search for `ACTION_LIST` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_LIST' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 490

Script:

#!/bin/bash
# Description: Search for the definition and implementation of `ACTION_LIST` and inspect the logging statements related to `RequestContext` initializations.

# Search for the definition of `ACTION_LIST`
rg --type java 'ACTION_LIST' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

# Search for logging statements in `RequestContext` initializations
rg --type java 'RequestContext.builder' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 4846

782-782: Evaluate getBrowsePaths for correct RequestContext setup.

Ensure that the ACTION_GET_BROWSE_PATHS used in RequestContext is appropriate for the operation and that all parameters are logged correctly.

Verification successful

RequestContext setup for getBrowsePaths is correct.

The ACTION_GET_BROWSE_PATHS is appropriately used in the RequestContext setup, and the parameters are logged correctly within EntityResource.java.

  • EntityResource.java: log.info("GET BROWSE PATHS for {}", urn);
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `ACTION_GET_BROWSE_PATHS` in RequestContext.

# Test: Search for `ACTION_GET_BROWSE_PATHS` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_GET_BROWSE_PATHS' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 362

Script:

#!/bin/bash
# Searching for all instances of RequestContext initialization to understand its usage
rg --type java 'RequestContext.builder' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

# Searching for logging statements that might include RequestContext or ACTION_GET_BROWSE_PATHS
rg --type java 'log' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

Length of output: 14842

851-851: Check deleteAll action in RequestContext for accuracy.

Verify that the deleteAll action used in RequestContext is correctly implemented, ensuring it meets the logging and security requirements outlined in the PR.

902-902: Assess deleteEntity for correct RequestContext handling.

The RequestContext is built with ACTION_DELETE. It's crucial to ensure that this action is correctly logged and the parameters are handled securely.

Verification successful

RequestContext handling and logging for ACTION_DELETE is verified.

The RequestContext logs the constructed context details uniformly across APIs in its constructor, ensuring that the action and parameters are logged securely.

  • The RequestContext class handles parameters such as actorUrn, sourceIP, requestAPI, requestID, and userAgent securely.
  • The centralized logging in the RequestContext constructor ensures that ACTION_DELETE is logged appropriately.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `ACTION_DELETE` in RequestContext.

# Test: Search for logging statements related to `ACTION_DELETE` in RequestContext initializations.
rg --type java 'RequestContext.*ACTION_DELETE' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 334

Script:

#!/bin/bash
# Description: Verify logging statements and secure handling of RequestContext with ACTION_DELETE in EntityResource and RequestContext classes.

# 1. Search for logging statements in EntityResource.java
rg --type java 'log' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

# 2. Search for the definition of the RequestContext class to inspect its handling of parameters.
fd 'RequestContext.java' --exec cat

Length of output: 7187

243-243: Review the usage of batchGet RequestContext parameters.

The RequestContext is built with batchGet as the API operation. Ensure this aligns with the intended usage and that the parameters are being logged as expected.

Verification successful

Logging for batchGet RequestContext parameters is in place and aligns with the intended usage.

  • log.info("BATCH GET {}", urnStrs); confirms that the batchGet parameters are being logged as expected.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `batchGet` operation in RequestContext.

# Test: Search for logging statements related to `batchGet` in RequestContext initializations.
rg --type java 'RequestContext.*batchGet' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 495

Script:

#!/bin/bash
# Description: Verify logging for `RequestContext` parameters related to `batchGet`.

# Test: Search for logging statements involving `RequestContext` parameters, specifically for `batchGet`.
rg --type java 'log.*RequestContext.*batchGet' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 158

Script:

#!/bin/bash
# Description: Search for all logging statements in the EntityResource.java file.

# Test: Search for all logging statements in the file.
rg --type java 'log' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 1074

203-203: Ensure appropriate logging for RequestContext creation in get method.

The RequestContext is built with the restrictedService parameter. Verify that this is intended and correctly logs the necessary information as per the PR's objectives.

705-705: Check autocomplete for correct RequestContext implementation.

The RequestContext is built with ACTION_AUTOCOMPLETE. Verify that this action is correctly logged and the parameters are handled securely.

1148-1148: Check applyRetention for correct RequestContext implementation.

The RequestContext is built with ACTION_APPLY_RETENTION. Verify that this action is correctly logged and the parameters are handled securely.

609-609: Assess scrollAcrossLineage for correct RequestContext handling.

The RequestContext is built with ACTION_SCROLL_ACROSS_LINEAGE. Verify that this is correctly implemented and aligns with the intended logging and security practices.

337-337: Validate the batchIngest action in RequestContext.

Ensure that the ACTION_BATCH_INGEST used in RequestContext is appropriate for the operation and that all parameters are logged correctly.

Verification successful

Validate the batchIngest action in RequestContext.

The ACTION_BATCH_INGEST is defined as "batchIngest" and is used appropriately in RequestContext.builder().buildRestli. The RequestContext class includes uniform logging of requests across APIs, which ensures that all parameters are logged correctly when a RequestContext is created.

  • RequestContext logs all its parameters in the constructor via log.info(toString()).

Therefore, the ACTION_BATCH_INGEST usage and parameter logging are validated.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the usage and logging of `ACTION_BATCH_INGEST` in RequestContext.

# Test: Search for `ACTION_BATCH_INGEST` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_BATCH_INGEST' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 323

Script:

#!/bin/bash
# Description: Check the definition of `ACTION_BATCH_INGEST` and logging statements in RequestContext.

# Search for the definition of `ACTION_BATCH_INGEST`
rg --type java 'ACTION_BATCH_INGEST' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

# Search for logging statements in RequestContext
rg --type java 'RequestContext' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

Length of output: 10988

Script:

#!/bin/bash
# Description: Check logging statements related to RequestContext in the entire codebase.

# Search for logging statements in the entire codebase that involve RequestContext
rg --type java 'RequestContext.*log'

Length of output: 38

Script:

#!/bin/bash
# Description: Inspect the RequestContext class for any logging methods.

# Locate and display the RequestContext class definition to check for logging methods
rg --files-with-matches 'class RequestContext' | xargs cat

Length of output: 6137

1065-1065: Review getTotalEntityCount method for appropriate RequestContext setup.

Ensure that the getTotalEntityCount used in RequestContext is correctly implemented and that all parameters are logged as expected.

Verification successful

Review getTotalEntityCount method for appropriate RequestContext setup.

The RequestContext class handles the getTotalEntityCount method correctly, and parameters are logged as expected using log.info(toString()). No further action is required.

  • RequestContext class definition and methods: metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
  • Logging within RequestContext: log.info(toString())
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct usage of `getTotalEntityCount` in RequestContext.

# Test: Search for `getTotalEntityCount` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*getTotalEntityCount' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 347

Script:

#!/bin/bash
# Find the RequestContext class definition.
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Search for methods within the RequestContext class that handle the 'getTotalEntityCount' parameter.
rg --type java 'getTotalEntityCount' $(fd RequestContext.java)

Length of output: 222

Script:

#!/bin/bash
# Find the RequestContext class definition and its methods.
rg --type java 'class RequestContext' -A 20
rg --type java 'RequestContext' $(fd .java)

# Search for logging statements within the RequestContext class.
rg --type java 'log' $(fd RequestContext.java)

Length of output: 255671

1106-1106: Evaluate listUrns for correct RequestContext setup.

Ensure that the ACTION_LIST_URNS used in RequestContext is appropriate for the operation and that all parameters are logged correctly.

Verification successful

ACTION_LIST_URNS is appropriately used in the RequestContext setup.

The constant ACTION_LIST_URNS is correctly defined and used within the RequestContext setup. All parameters are logged correctly.

  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `ACTION_LIST_URNS` in RequestContext.

# Test: Search for `ACTION_LIST_URNS` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_LIST_URNS' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 331

Script:

#!/bin/bash
# Description: Locate the RequestContext class and inspect its methods for handling ACTION_LIST_URNS.

# Find the RequestContext class definition.
fd -e java 'RequestContext' | xargs rg 'class RequestContext'

# Search for methods in RequestContext that handle ACTION_LIST_URNS.
rg --type java 'ACTION_LIST_URNS' $(fd -e java 'RequestContext')

Length of output: 324

Script:

#!/bin/bash
# Description: Inspect the RequestContextBuilder and buildRestli methods in RequestContext for handling ACTION_LIST_URNS.

# Search for the RequestContextBuilder class and its buildRestli method.
rg --type java 'class RequestContextBuilder' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg --type java 'buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

# Search for ACTION_LIST_URNS usage within the RequestContextBuilder class and buildRestli method.
rg --type java 'ACTION_LIST_URNS' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 612

Script:

#!/bin/bash
# Description: Locate the definition of ACTION_LIST_URNS in the codebase.

# Search for the definition of ACTION_LIST_URNS.
rg --type java 'ACTION_LIST_URNS'

Length of output: 820

1174-1174: Inspect filter for correct RequestContext usage.

The RequestContext setup for filter uses ACTION_FILTER. Confirm that this is used correctly and aligns with the intended logging and security practices.

Verification successful

Inspect filter for correct RequestContext usage.

The RequestContext setup for filter uses ACTION_FILTER correctly. It aligns with the intended logging and security practices by ensuring user authorization and logging filter results.

  • EntityResource.java:
    • filter method: Lines 1170-1190
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the usage of `ACTION_FILTER` in RequestContext.

# Test: Search for `ACTION_FILTER` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_FILTER' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 325

Script:

#!/bin/bash
# Description: Check the definition and usage of `ACTION_FILTER` in the codebase.

# Search for the definition of `ACTION_FILTER`
rg --type java 'ACTION_FILTER' 

# Search for the usage of `ACTION_FILTER` within RequestContext class
rg --type java 'ACTION_FILTER' --context 5

Length of output: 6088

Script:

#!/bin/bash
# Description: Extract the implementation of the `filter` method from the `EntityResource` class to review logging and security practices.

# Extract the `filter` method implementation
ast-grep --lang java --pattern $'public Task<SearchResult> filter($_, $_, $_, $_, $_, $_) {
  $$$
}' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 700

Script:

#!/bin/bash
# Description: Extract the implementation of the `filter` method from the `EntityResource` class using ripgrep to review logging and security practices.

# Search for the `filter` method declaration and extract its surrounding lines
rg --type java -A 30 'public Task<SearchResult> filter' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 1701

1020-1020: Inspect deleteReferences for correct RequestContext usage.

The RequestContext setup for deleteReferences uses deleteReferences. Confirm that this is used correctly and aligns with the intended logging and security practices.

Verification successful

Inspect deleteReferences for correct RequestContext usage.

The RequestContext setup for deleteReferences uses deleteReferences in a manner consistent with other actions. The fields requestID, sourceIP, and userAgent are correctly populated and utilized, aligning with the intended logging and security practices.

  • RequestContext.java: The buildRestli method initializes context fields appropriately.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the usage of `deleteReferences` in RequestContext.

# Test: Search for `deleteReferences` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*deleteReferences' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 342

Script:

#!/bin/bash
# Search for the definition and usage of RequestContext in the codebase
rg --type java 'class RequestContext' 
rg --type java 'RequestContext'

Length of output: 38197

Script:

#!/bin/bash
# Search for the buildRestli method in RequestContext.java to inspect its implementation
rg --type java 'buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 293

Script:

#!/bin/bash
# Extract the full implementation of the buildRestli method from RequestContext.java
rg --type java -A 10 'public RequestContext buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1365

Script:

#!/bin/bash
# Search for the usage of requestID, sourceIP, and userAgent within RequestContext.java
rg --type java 'requestID|sourceIP|userAgent' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1321

437-437: Evaluate searchAcrossEntities for correct RequestContext usage.

The RequestContext setup for searchAcrossEntities uses ACTION_SEARCH_ACROSS_ENTITIES. Confirm that this is used correctly and aligns with the intended logging and security practices.

Verification successful

Correct usage of ACTION_SEARCH_ACROSS_ENTITIES in RequestContext confirmed.

The ACTION_SEARCH_ACROSS_ENTITIES is correctly used in the RequestContext setup, aligning with logging and security practices. The buildRestli method handles the action parameter appropriately, setting necessary fields for logging and security.

  • RequestContext class: metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
  • buildRestli method implementation
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the usage of `ACTION_SEARCH_ACROSS_ENTITIES` in RequestContext.

# Test: Search for `ACTION_SEARCH_ACROSS_ENTITIES` in RequestContext initializations.
rg --type java 'RequestContext.*ACTION_SEARCH_ACROSS_ENTITIES' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 354

Script:

#!/bin/bash
# Locate the definition of ACTION_SEARCH_ACROSS_ENTITIES
rg 'ACTION_SEARCH_ACROSS_ENTITIES' --type java

# Check other usages of ACTION_SEARCH_ACROSS_ENTITIES in the codebase
rg 'ACTION_SEARCH_ACROSS_ENTITIES' --type java

Length of output: 1381

Script:

#!/bin/bash
# Locate the RequestContext class implementation
rg 'class RequestContext' --type java

# Check for methods handling actions within RequestContext
rg 'ACTION_SEARCH_ACROSS_ENTITIES' --type java

Length of output: 1026

Script:

#!/bin/bash
# Inspect the RequestContext class for the buildRestli method and related logging and security handling
rg 'buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

# Check for logging and security handling within RequestContext
rg 'log' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
rg 'security' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 677

Script:

#!/bin/bash
# Retrieve the implementation details of the buildRestli method in RequestContext class
rg 'public RequestContext buildRestli' -A 20 metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1668

550-550: Check searchAcrossLineage for appropriate RequestContext setup.

Ensure that the ACTION_SEARCH_ACROSS_LINEAGE used in RequestContext is appropriate and that all parameters are logged as per the PR's objectives.

Verification successful

Check searchAcrossLineage for appropriate RequestContext setup.

The RequestContext class includes a toString method that logs key parameters such as actorUrn, sourceIP, requestAPI, requestID, and userAgent. The ACTION_SEARCH_ACROSS_LINEAGE is passed as the action parameter to the buildRestli method, which is used to construct the requestID. Therefore, all relevant parameters, including ACTION_SEARCH_ACROSS_LINEAGE, are appropriately logged.

  • RequestContext class: metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
  • Logging statement: log.info(toString());
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `ACTION_SEARCH_ACROSS_LINEAGE` in RequestContext.

# Test: Search for `ACTION_SEARCH_ACROSS_LINEAGE` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_SEARCH_ACROSS_LINEAGE' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 360

Script:

#!/bin/bash
# Find the definition of the RequestContext class and its usage of ACTION_SEARCH_ACROSS_LINEAGE
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Search for logging statements within the RequestContext class
rg --type java 'log' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/RequestContext.java

Length of output: 344

Script:

#!/bin/bash
# Locate the RequestContext class file in the project
fd RequestContext.java

# Once located, search for the usage of ACTION_SEARCH_ACROSS_LINEAGE within the RequestContext class
ast-grep --lang java --pattern 'class RequestContext { $$$ }'

# Search for logging statements within the RequestContext class
rg --type java 'log' $(fd RequestContext.java)

Length of output: 508

Script:

#!/bin/bash
# Search for the toString method within the RequestContext class
ast-grep --lang java --pattern 'class RequestContext { $$$ toString() { $$$ } $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 182

Script:

#!/bin/bash
# Search for the usage of ACTION_SEARCH_ACROSS_LINEAGE within the RequestContext class
rg 'ACTION_SEARCH_ACROSS_LINEAGE' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

# Search for other logging mechanisms within the RequestContext class
rg 'log' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 415

Script:

#!/bin/bash
# Display the contents of the RequestContext class to inspect its methods and parameters
cat metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 6178

743-743: Inspect browse for correct RequestContext usage.

The RequestContext setup for browse uses ACTION_BROWSE. Confirm that this is used correctly and aligns with the intended logging and security practices.

Verification successful

ACTION_BROWSE usage in RequestContext is correct.

The ACTION_BROWSE constant is used appropriately within the RequestContext.builder().buildRestli() method. It is part of the request identification process and contributes to logging practices. No issues were found regarding its usage.

  • RequestContext.java ensures that ACTION_BROWSE is incorporated into the request ID and other context fields.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the usage of `ACTION_BROWSE` in RequestContext.

# Test: Search for `ACTION_BROWSE` in the logging statements within RequestContext initializations.
rg --type java 'RequestContext.*ACTION_BROWSE' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 332

Script:

#!/bin/bash
# Description: Check the usage of `ACTION_BROWSE` within the RequestContext class.

# Test: Search for `ACTION_BROWSE` in the RequestContext class to verify its usage.
rg --type java 'ACTION_BROWSE' | rg 'RequestContext'

Length of output: 334

Script:

#!/bin/bash
# Description: Check the usage of `ACTION_BROWSE` across the entire codebase.

# Test: Search for `ACTION_BROWSE` in the entire codebase to verify its usage and implications.
rg --type java 'ACTION_BROWSE'

Length of output: 622

Script:

#!/bin/bash
# Description: Check the implementation of the `buildRestli` method within the `RequestContext` class.

# Test: Search for the `buildRestli` method in the `RequestContext` class to understand its implementation.
rg --type java 'buildRestli' | rg 'RequestContext'

Length of output: 11945

Script:

#!/bin/bash
# Description: Check the implementation of the `buildRestli` method in `RequestContext.java`.

# Test: Search for the implementation of the `buildRestli` method in `RequestContext.java` to verify its handling of `ACTION_BROWSE`.
rg --type java 'buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 293

Script:

#!/bin/bash
# Description: Retrieve the full implementation of the `buildRestli` method from `RequestContext.java`.

# Test: Extract the full method implementation of `buildRestli` in `RequestContext.java` to verify its handling of `ACTION_BROWSE`.
rg -A 20 'public RequestContext buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1668

1083-1083: Check batchGetTotalEntityCount for correct RequestContext implementation.

The RequestContext is built with batchGetTotalEntityCount. Verify that this action is correctly logged and the parameters are handled securely.

Verification successful

Verify batchGetTotalEntityCount in RequestContext Implementation

The RequestContext builder method buildRestli correctly handles parameters securely, including logging the RequestContext object uniformly across APIs. However, there are no specific logging statements for batchGetTotalEntityCount.

  • RequestContext class: metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the logging for `batchGetTotalEntityCount` in RequestContext.

# Test: Search for logging statements related to `batchGetTotalEntityCount` in RequestContext initializations.
rg --type java 'RequestContext.*batchGetTotalEntityCount' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 350

Script:

#!/bin/bash
# Description: Verify logging and parameter handling for `batchGetTotalEntityCount` in RequestContext.

# Search for logging statements related to `batchGetTotalEntityCount`.
rg --type java 'log.*batchGetTotalEntityCount' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

# Inspect the handling of parameters in RequestContext.
rg --type java 'RequestContext' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/

Length of output: 10406

Script:

#!/bin/bash
# Description: Verify logging and parameter handling for `batchGetTotalEntityCount` in RequestContext.

# Search for logging statements related to `batchGetTotalEntityCount` across the entire codebase.
rg --type java 'log.*batchGetTotalEntityCount'

# Locate the RequestContext class or builder methods.
rg --files-with-matches 'class RequestContext' | xargs -I {} rg 'buildRestli'

Length of output: 12204

Script:

#!/bin/bash
# Description: Inspect the buildRestli method in the RequestContext class to verify parameter handling.

# Extract the buildRestli method from the RequestContext class.
ast-grep --lang java --pattern 'public RequestContext buildRestli($_, $_, $_, $_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 668

Script:

#!/bin/bash
# Description: Locate the RequestContext class and extract the buildRestli method to verify parameter handling.

# Locate the RequestContext class definition.
rg --files-with-matches 'class RequestContext' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/

# Extract the buildRestli method from the RequestContext class.
ast-grep --lang java --pattern 'public RequestContext buildRestli($_, $_, $_, $_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java || 
ast-grep --lang java --pattern 'RequestContext buildRestli($_, $_, $_, $_) { $$$ }' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 1545

Script:

#!/bin/bash
# Description: Print the contents of the RequestContext class to manually review the buildRestli method.

# Print the contents of the RequestContext class.
cat metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 6178

481-481: Inspect scrollAcrossEntities for correct RequestContext implementation.

Verify that the ACTION_SCROLL_ACROSS_ENTITIES in RequestContext is implemented correctly, ensuring it meets the logging and security requirements outlined in the PR.

397-397: Assess the search operation's RequestContext setup.

The RequestContext for the search operation uses ACTION_SEARCH. This should be scrutinized to ensure it aligns with the security and logging requirements.

Verification successful

Verification of ACTION_SEARCH in RequestContext setup

The RequestContext setup for the search operation with ACTION_SEARCH aligns with the security and logging requirements. Security checks are handled by the authorizer and auth components, and logging is implemented throughout the codebase, including within the EntityResource class.

  • EntityResource.java:
    • Security: Utilizes authorizer and auth components.
    • Logging: Multiple logging statements present.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the correct usage of `ACTION_SEARCH` in RequestContext.

# Test: Search for `ACTION_SEARCH` in the RequestContext initializations.
rg --type java 'RequestContext.*ACTION_SEARCH' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 675

Script:

#!/bin/bash
# Description: Verify the security and logging configurations for ACTION_SEARCH

# Test: Search for all instances of ACTION_SEARCH in the codebase to identify related security and logging configurations or checks.
rg --type java 'ACTION_SEARCH'

Length of output: 1890

Script:

#!/bin/bash
# Description: Search for the definition and methods of the RequestContext class to identify security and logging configurations.

# Test: Locate the RequestContext class definition.
rg --type java 'class RequestContext'

# Test: Search for methods within the RequestContext class.
rg --type java --pcre2 '(public|private|protected) .*?RequestContext'

Length of output: 2664

Script:

#!/bin/bash
# Description: Inspect the buildRestli method within the RequestContext class for security and logging configurations.

# Test: Search for the buildRestli method within the RequestContext class.
rg --type java 'RequestContext buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 258

Script:

#!/bin/bash
# Description: Retrieve the implementation details of the buildRestli method within the RequestContext class.

# Test: Extract the implementation of the buildRestli method from the RequestContext class.
rg --type java --context 20 'public RequestContext buildRestli' metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java

Length of output: 2329

Script:

#!/bin/bash
# Description: Review usages of RequestContext within the EntityResource class for security and logging.

# Test: Search for usages of RequestContext within the EntityResource class.
rg --type java 'RequestContext' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 4245

Script:

#!/bin/bash
# Description: Verify how `authorizer` and `auth` are utilized in conjunction with `RequestContext` in `EntityResource`.

# Test: Search for usages of `authorizer` and `auth` within the `EntityResource` class.
rg --type java 'authorizer|auth' metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java

Length of output: 11247

Script:

#!/bin/bash
# Description: Search for logging configurations or utilities used within the project.

# Test: Search for logging-related configurations or utilities in the codebase.
rg --type java 'Logger|log|LogUtil'

Length of output: 287596

292-292: Check ingest method for correct RequestContext handling.

The RequestContext is built with ACTION_INGEST. It's crucial to ensure that this action is correctly logged and the parameters are handled securely.

964-964: Check deleteTimeseriesAspects for appropriate RequestContext setup.

Ensure that the deleteTimeseriesAspects action in RequestContext is appropriately implemented, with correct logging and parameter handling.

...ervlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java Show resolved Hide resolved
...restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java Outdated Show resolved Hide resolved
coderabbitai[bot]
coderabbitai bot reviewed Jun 27, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Outside diff range and nitpick comments (1)
metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (1)

Line range hint 17-182: Comprehensive review of RequestContext enhancements.

The modifications in RequestContext are extensive but necessary for the enhanced logging capabilities. The use of @Nonnull annotations helps ensure that null values are handled properly. The logging at the constructor level is a good practice for debugging and monitoring purposes.

However, ensure that the logging does not inadvertently expose sensitive information such as IP addresses or user agents in a production environment.

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 4929089 and 72d79ce.

Files selected for processing (27)
  • metadata-operation-context/build.gradle (1 hunks)
  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (4 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java (2 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java (2 hunks)
  • metadata-service/openapi-analytics-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java (3 hunks)
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java (13 hunks)
  • metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache (1 hunks)
  • metadata-service/openapi-entity-servlet/src/test/java/io/datahubproject/openapi/config/OpenAPIEntityTestConfiguration.java (3 hunks)
  • metadata-service/openapi-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java (21 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java (11 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java (7 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java (5 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java (23 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java (3 hunks)
Files skipped from review as they are similar to previous changes (25)
  • metadata-operation-context/build.gradle
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java
  • metadata-service/openapi-analytics-servlet/build.gradle
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java
  • metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache
  • metadata-service/openapi-servlet/build.gradle
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java
  • metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java
Additional comments not posted (1)
metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (1)

3-5: Import statements reviewed and approved.
These imports are necessary for the new functionalities introduced in the RequestContext.

...y-servlet/src/test/java/io/datahubproject/openapi/config/OpenAPIEntityTestConfiguration.java
@@ -109,7 +111,7 @@ public EntityRegistry entityRegistry() throws EntityRegistryException, Interrupt
@Primary
public EntitiesController entitiesController() {
EntitiesController entitiesController = mock(EntitiesController.class);
when(entitiesController.getEntities(any(), any()))
when(entitiesController.getEntities(nullable(HttpServletRequest.class), any(), any()))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tip

Codebase Verification

Ensure proper handling of null HttpServletRequests in production code.

The following files are missing null checks for HttpServletRequest instances. Please review and update these files to handle potential null values to prevent NullPointerExceptions:

  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
  • metadata-service/auth-filter/src/main/java/com/datahub/auth/authentication/filter/AuthenticationFilter.java
  • metadata-service/auth-filter/src/test/java/com/datahub/auth/authentication/AuthenticationFilterTest.java
  • metadata-service/factories/src/main/java/com/linkedin/r2/transport/http/server/AbstractJakartaR2Servlet.java
  • metadata-service/factories/src/main/java/com/linkedin/r2/transport/http/server/JakartaServletHelper.java
  • metadata-service/factories/src/main/java/com/linkedin/restli/server/RestliHandlerServlet.java
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java
  • metadata-service/openapi-entity-servlet/src/test/java/io/datahubproject/openapi/config/OpenAPIEntityTestConfiguration.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/CompatibilityApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/CompatibilityApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ConfigApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ConfigApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ContextsApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ContextsApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/DefaultApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/DefaultApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ModeApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/ModeApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/SchemasApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/SchemasApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/SubjectsApi.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/SubjectsApiController.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/V1Api.java
  • metadata-service/schema-registry-api/generated/src/main/java/io/swagger/api/V1ApiController.java
  • metadata-service/schema-registry-servlet/src/main/java/io/datahubproject/openapi/schema/registry/SchemaRegistryController.java
  • metadata-service/servlet/src/main/java/com/datahub/gms/servlet/Config.java
  • metadata-service/servlet/src/main/java/com/datahub/gms/servlet/ConfigSearchExport.java
  • metadata-service/servlet/src/main/java/com/datahub/gms/servlet/HealthCheck.java
Analysis chain

Ensure proper handling of null HttpServletRequests in production code.

The test configuration now allows for null HttpServletRequests. Verify that the production code gracefully handles these cases to prevent potential NullPointerExceptions.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that all usages of HttpServletRequest in production code check for null values.

# Test: Search for HttpServletRequest usages and ensure they are checked for null.
rg --type java 'HttpServletRequest' | xargs -I {} sh -c "grep -q 'if (.* != null)' {} || echo 'Null check missing in {}'"

Length of output: 15333

Script:

#!/bin/bash
# Description: Verify that all usages of HttpServletRequest in production code check for null values.

# Search for all usages of HttpServletRequest and check for null checks
rg --type java 'HttpServletRequest' | awk -F: '{print $1}' | sort -u | xargs -I {} sh -c 'grep -E "HttpServletRequest.*=.*null" {} || echo "Null check missing in {}"'

Length of output: 5024

@david-leifker
feat(logging): unified request logging (graphql, openapi, restli)
2d95f53 
* actor
* ip address
* api type
* api request info
* user agent
coderabbitai[bot]
coderabbitai bot reviewed Jun 28, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 72d79ce and 2d95f53.

Files selected for processing (27)
  • metadata-operation-context/build.gradle (1 hunks)
  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java (4 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java (2 hunks)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java (2 hunks)
  • metadata-service/openapi-analytics-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java (3 hunks)
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java (13 hunks)
  • metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache (1 hunks)
  • metadata-service/openapi-entity-servlet/src/test/java/io/datahubproject/openapi/config/OpenAPIEntityTestConfiguration.java (3 hunks)
  • metadata-service/openapi-servlet/build.gradle (1 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java (21 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java (11 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java (7 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java (3 hunks)
  • metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java (5 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java (23 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java (2 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java (1 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java (3 hunks)
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java (3 hunks)
Files not reviewed due to errors (1)
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/GraphQLController.java (no review received)
Files skipped from review as they are similar to previous changes (26)
  • metadata-operation-context/build.gradle
  • metadata-operation-context/src/main/java/io/datahubproject/metadata/context/RequestContext.java
  • metadata-service/graphql-servlet-impl/src/main/java/com/datahub/graphql/SpringQueryContext.java
  • metadata-service/openapi-analytics-servlet/build.gradle
  • metadata-service/openapi-analytics-servlet/src/main/java/io/datahubproject/openapi/delegates/DatahubUsageEventsImpl.java
  • metadata-service/openapi-entity-servlet/src/main/java/io/datahubproject/openapi/v2/delegates/EntityApiDelegateImpl.java
  • metadata-service/openapi-entity-servlet/src/main/resources/JavaSpring/apiController.mustache
  • metadata-service/openapi-entity-servlet/src/test/java/io/datahubproject/openapi/config/OpenAPIEntityTestConfiguration.java
  • metadata-service/openapi-servlet/build.gradle
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/controller/GenericEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/openlineage/controller/LineageApiImpl.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/operations/elastic/OperationsController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v1/entities/EntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/EntityController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/PlatformEntitiesController.java
  • metadata-service/openapi-servlet/src/main/java/io/datahubproject/openapi/v2/controller/TimeseriesController.java
  • metadata-service/openapi-servlet/src/test/java/entities/EntitiesControllerTest.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/analytics/Analytics.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/AspectResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/BatchIngestionRunResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityV2Resource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/entity/EntityVersionedV2Resource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/OperationsResource.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/operations/Utils.java
  • metadata-service/restli-servlet-impl/src/main/java/com/linkedin/metadata/resources/usage/UsageStats.java

@david-leifker david-leifker merged commit b4e0505 into datahub-project:master Jun 29, 2024
38 of 39 checks passed
yoonhyejin pushed a commit that referenced this pull request Jul 16, 2024
@david-leifker @yoonhyejin
feat(logging): unified request logging (graphql, openapi, restli) (#1…
bb2c2f7 
…0802)
aviv-julienjehannet pushed a commit to aviv-julienjehannet/datahub that referenced this pull request Jul 17, 2024
@david-leifker @aviv-julienjehannet
feat(logging): unified request logging (graphql, openapi, restli) (da…
e3ba245 
…tahub-project#10802)
@renovate renovate bot mentioned this pull request Aug 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@darnaut darnaut darnaut left review comments

@RyanHolstien RyanHolstien RyanHolstien approved these changes

Assignees
No one assigned
Labels
devops PR or Issue related to DataHub backend & deployment
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@david-leifker @darnaut @RyanHolstien