Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/views/realm_export.py

122 lines
4.7 KiB
Python
Raw Normal View History

public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
from datetime import timedelta
data export: Add limits on exporting large organizations. It seems possible that attempting to export large organizations could result in high resource consumption that justifies having a technician manage the exports manually.
2019-08-13 03:15:00 +02:00
from django.conf import settings
realm_export: Add transaction.atomic to export_realm.
2022-12-05 12:22:50 +01:00
from django.db import transaction
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 00:54:34 +02:00
from django.http import HttpRequest, HttpResponse
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
from django.utils.timezone import now as timezone_now
python: Convert deprecated Django ugettext alias to gettext. django.utils.translation.ugettext is a deprecated alias of django.utils.translation.gettext as of Django 3.0, and will be removed in Django 4.0. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-16 00:57:30 +02:00
from django.utils.translation import gettext as _
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 00:54:34 +02:00
from analytics.models import RealmCount
actions: Split out zerver.actions.realm_export. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-04-14 23:40:10 +02:00
from zerver.actions.realm_export import do_delete_realm_export, notify_realm_export
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
from zerver.decorator import require_realm_admin
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
from zerver.lib.exceptions import JsonableError
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 00:54:34 +02:00
from zerver.lib.export import get_realm_exports_serialized
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
from zerver.lib.queue import queue_json_publish
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
from zerver.lib.response import json_success
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
from zerver.models import RealmExport, UserProfile
realm_export: Add endpoint for export deletion.
2019-08-01 19:59:36 +02:00
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
realm_export: Add transaction.atomic to export_realm.
2022-12-05 12:22:50 +01:00
@transaction.atomic(durable=True)
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
@require_realm_admin
events: Rewrite system for managing realm exports. This feature is intended to cover all of our ways of exporting a realm, not just the initial "public export" feature, so we should name things appropriately for that goal. Additionally, we don't want to include data exports in page_params; the original implementation was actually buggy and would have.
2019-06-24 02:51:13 +02:00
def export_realm(request: HttpRequest, user: UserProfile) -> HttpResponse:
# Currently only supports public-data-only exports.
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
realm = user.realm
data export: Add limits on exporting large organizations. It seems possible that attempting to export large organizations could result in high resource consumption that justifies having a technician manage the exports manually.
2019-08-13 03:15:00 +02:00
EXPORT_LIMIT = 5
realm_export: Improve estimate of data export size. As suggested by the new comments, the cost for a Zulip data export scales with messages actually included in the export, so an organizations with 1M private messages but only 50K public stream messages should not be modeled the same as one with 1M public stream messages for the purpose of the limits here. Also improve the comments and variable names more generally.
2022-09-16 00:32:17 +02:00
# Exporting organizations with a huge amount of history can
# potentially consume a lot of disk or otherwise have accidental
# DoS risk; for that reason, we require large exports to be done
# manually on the command line.
#
# It's very possible that higher limits would be completely safe.
data export: Add limits on exporting large organizations. It seems possible that attempting to export large organizations could result in high resource consumption that justifies having a technician manage the exports manually.
2019-08-13 03:15:00 +02:00
MAX_MESSAGE_HISTORY = 250000
MAX_UPLOAD_QUOTA = 10 * 1024 * 1024 * 1024
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
# Filter based upon the number of events that have occurred in the delta
# If we are at the limit, the incoming request is rejected
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
event_time_delta = timezone_now() - timedelta(days=7)
limit_check = RealmExport.objects.filter(
realm=realm, date_requested__gte=event_time_delta
realm_export: Use .count(), instead of len().
2024-04-12 21:47:12 +02:00
).count()
if limit_check >= EXPORT_LIMIT:
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
raise JsonableError(_("Exceeded rate limit."))
public_export: Add backend API endpoint for triggering export. An endpoint was created in zerver/views. Basic rate-limiting was implemented using RealmAuditLog. The idea here is to simply log each export event as a realm_exported event. The number of events occurring in the time delta is checked to ensure that the weekly limit is not exceeded. The event is published to the 'deferred_work' queue processor to prevent the export process from being killed after 60s. Upon completion of the export the realm admin(s) are notified.
2019-03-27 00:57:33 +01:00
realm_export: Improve estimate of data export size. As suggested by the new comments, the cost for a Zulip data export scales with messages actually included in the export, so an organizations with 1M private messages but only 50K public stream messages should not be modeled the same as one with 1M public stream messages for the purpose of the limits here. Also improve the comments and variable names more generally.
2022-09-16 00:32:17 +02:00
# The RealmCount analytics table lets us efficiently get an
# estimate for the number of public stream messages in an
# organization. It won't match the actual number of messages in
# the export, because this measures the number of messages that
# went to a public stream at the time they were sent. Thus,
# messages that were deleted or moved between streams will be
# treated differently for this check vs. in the export code.
exportable_messages_estimate = sum(
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
realm_count.value
for realm_count in RealmCount.objects.filter(
realm_export: Improve estimate of data export size. As suggested by the new comments, the cost for a Zulip data export scales with messages actually included in the export, so an organizations with 1M private messages but only 50K public stream messages should not be modeled the same as one with 1M public stream messages for the purpose of the limits here. Also improve the comments and variable names more generally.
2022-09-16 00:32:17 +02:00
realm=realm, property="messages_sent:message_type:day", subgroup="public_stream"
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
)
)
realm_export: Improve estimate of data export size. As suggested by the new comments, the cost for a Zulip data export scales with messages actually included in the export, so an organizations with 1M private messages but only 50K public stream messages should not be modeled the same as one with 1M public stream messages for the purpose of the limits here. Also improve the comments and variable names more generally.
2022-09-16 00:32:17 +02:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
if (
realm_export: Improve estimate of data export size. As suggested by the new comments, the cost for a Zulip data export scales with messages actually included in the export, so an organizations with 1M private messages but only 50K public stream messages should not be modeled the same as one with 1M public stream messages for the purpose of the limits here. Also improve the comments and variable names more generally.
2022-09-16 00:32:17 +02:00
exportable_messages_estimate > MAX_MESSAGE_HISTORY
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
or user.realm.currently_used_upload_space_bytes() > MAX_UPLOAD_QUOTA
):
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
raise JsonableError(
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:20:45 +01:00
_("Please request a manual export from {email}.").format(
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
email=settings.ZULIP_ADMINISTRATOR,
)
)
data export: Add limits on exporting large organizations. It seems possible that attempting to export large organizations could result in high resource consumption that justifies having a technician manage the exports manually.
2019-08-13 03:15:00 +02:00
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
row = RealmExport.objects.create(
realm=realm,
type=RealmExport.EXPORT_PUBLIC,
acting_user=user,
status=RealmExport.REQUESTED,
date_requested=timezone_now(),
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
)
data exports: Handle pending and failed exports. Prior to this change, there were reports of 500s in production due to `export.extra_data` being a Nonetype. This was reproducible using the s3 backend in development when a row was created in the `RealmAuditLog` table, but the export failed in the `DeferredWorker`. This left an entry lying about that was never updated with an `extra_data` field. To fix this, we catch any exceptions in the `DeferredWorker`, and then update `extra_data` to encode the failure. We also fix the fact that we never updated the export UI table with pending exports. These changes also negated the use for the somewhat hacky `clear_success_banner` logic.
2020-04-16 23:00:24 +02:00
# Allow for UI updates on a pending export
export: Notify all realm admins on realm export.
2023-06-28 18:08:17 +02:00
notify_realm_export(realm)
data exports: Handle pending and failed exports. Prior to this change, there were reports of 500s in production due to `export.extra_data` being a Nonetype. This was reproducible using the s3 backend in development when a row was created in the `RealmAuditLog` table, but the export failed in the `DeferredWorker`. This left an entry lying about that was never updated with an `extra_data` field. To fix this, we catch any exceptions in the `DeferredWorker`, and then update `extra_data` to encode the failure. We also fix the fact that we never updated the export UI table with pending exports. These changes also negated the use for the somewhat hacky `clear_success_banner` logic.
2020-04-16 23:00:24 +02:00
public_export.py: Reorder the creation of the RealmAuditLog object. This reordering was originally made with regard to the delete after access feature for the public export. However, this reordering is more correct overall, i.e., the object should be created before the event pertaining to the object is sent.
2019-05-24 20:03:56 +02:00
# Using the deferred_work queue processor to avoid
public_export: Add support for deleting export after access. The RealmAuditLog object ID was stored in the event sent to the deferred_work queue as a means to update the row's extra_data field. The extra_data field then stores the location of the export.
2019-05-17 00:54:56 +02:00
# killing the process after 60s
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
event = {
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:20:45 +01:00
"type": "realm_export",
"user_profile_id": user.id,
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
"realm_export_id": row.id,
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
}
realm_export: Add transaction.atomic to export_realm.
2022-12-05 12:22:50 +01:00
transaction.on_commit(lambda: queue_json_publish("deferred_work", event))
realm_export: Return export id from POST which create it.
2023-05-16 19:14:14 +02:00
return json_success(request, data={"id": row.id})
public_export: Add endpoint for returning all REALM_EXPORTED objects.
2019-06-23 22:57:14 +02:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
public_export: Add endpoint for returning all REALM_EXPORTED objects.
2019-06-23 22:57:14 +02:00
@require_realm_admin
events: Rewrite system for managing realm exports. This feature is intended to cover all of our ways of exporting a realm, not just the initial "public export" feature, so we should name things appropriately for that goal. Additionally, we don't want to include data exports in page_params; the original implementation was actually buggy and would have.
2019-06-24 02:51:13 +02:00
def get_realm_exports(request: HttpRequest, user: UserProfile) -> HttpResponse:
export: Notify all realm admins on realm export.
2023-06-28 18:08:17 +02:00
realm_exports = get_realm_exports_serialized(user.realm)
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values.
2022-01-31 13:44:02 +01:00
return json_success(request, data={"exports": realm_exports})
realm_export: Add endpoint for export deletion.
2019-08-01 19:59:36 +02:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
realm_export: Add endpoint for export deletion.
2019-08-01 19:59:36 +02:00
@require_realm_admin
def delete_realm_export(request: HttpRequest, user: UserProfile, export_id: int) -> HttpResponse:
try:
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
export_row = RealmExport.objects.get(id=export_id)
except RealmExport.DoesNotExist:
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
raise JsonableError(_("Invalid data export ID"))
realm_export: Add endpoint for export deletion.
2019-08-01 19:59:36 +02:00
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
if export_row.status == RealmExport.DELETED:
python: Migrate most json_error => JsonableError. JsonableError has two major benefits over json_error: * It can be raised from anywhere in the codebase, rather than being a return value, which is much more convenient for refactoring, as one doesn't potentially need to change error handling style when extracting a bit of view code to a function. * It is guaranteed to contain the `code` property, which is helpful for API consistency. Various stragglers are not updated because JsonableError requires subclassing in order to specify custom data or HTTP status codes.
2021-06-30 18:35:50 +02:00
raise JsonableError(_("Export already deleted"))
export_realm: Add RealmExport model. Earlier, we used to store the key data related to realm exports in RealmAuditLog. This commit adds a separate table to store those data. It includes the code to migrate the concerned existing data in RealmAuditLog to RealmExport. Fixes part of #31201.
2024-09-26 12:18:55 +02:00
if export_row.status == RealmExport.FAILED:
raise JsonableError(_("Export failed, nothing to delete"))
if export_row.status in [RealmExport.REQUESTED, RealmExport.STARTED]:
realm_export: Do not assume null extra_data is special. Fixes: #20197.
2023-05-16 18:18:32 +02:00
raise JsonableError(_("Export still in progress"))
realm_export: Add a RealmAuditLog entry for delete operation. This commit adds a RealmAuditLog entry for when someone deletes an export. This helps to track the acting_user.
2024-10-04 22:11:05 +02:00
do_delete_realm_export(export_row, user)
backend: Add request as parameter to json_success. Adds request as a parameter to json_success as a refactor towards making `ignored_parameters_unsupported` functionality available for all API endpoints. Also, removes any data parameters that are an empty dict or a dict with the generic success response values.
2022-01-31 13:44:02 +01:00
return json_success(request)
realm_export: Add a new endpoint to fetch private data export consents. This commit adds a new endpoint `export/realm/consents` to fetch the consents of users for their private data exports. Fixes part of #31201.
2024-09-17 19:58:09 +02:00
@require_realm_admin
def get_users_export_consents(request: HttpRequest, user: UserProfile) -> HttpResponse:
rows = UserProfile.objects.filter(realm=user.realm, is_active=True, is_bot=False).values(
"id", "allow_private_data_export"
)
export_consents = [
{"user_id": row["id"], "consented": row["allow_private_data_export"]} for row in rows
]
return json_success(request, data={"export_consents": export_consents})