Fix date range filters on audit event export
What does this MR do?
Fix date range filters on audit event export.
The current export has two problems:
-
Ending time (i.e. in
created_before
) is set to the start of the day (00:00:00), instead of the end of the day (23:59:59). This results in a lot of missing events. -
If date range params are not provided, it returns the first 100,000 events ordered by
created_at
, instead of constraining to only a month worth of data like in the search UI.
This change addresses the above issue and, as a result, ensures the exported content matches with the one presented in the search UI.
This audit event export feature is under a feature flag.
Steps to reproduce
Test case 1
- Navigate to
Admin Area > Monitoring > Audit Log
- Click on
Export to CSV
without applying any filter - Observe the gap of the content of the CSV with the search results
Test case 2
- Click on
Export to CSV
after applying a date range filter - Observe the gap of the content of the CSV with the search results
Please note that the events in the CSV are always sorted by created_at
in ascending order, while they are sorted by created_at
in descending order. This is due to a constraint in EachBatch
that we hope to address in future iteration.
More information on the feature can be found on the doc.
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry - under feature flag
- [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team