search

rubyforgood / human-essentials

Human Essentials is an inventory management system for diaper, incontinence, and period-supply banks. It supports them in distributing to partners, tracking inventory, and reporting stats and analytics.
https://humanessentials.app
MIT License
462 stars 490 forks source link

[Investigation+] Address "unpermitted parameter" log entries when doing "export distributions" #4653

Open cielf opened 1 month ago

cielf commented 1 month ago

Summary

Address "unpermitted parameter" log entries when doing "export distributions"

Why

Keeping the logs clean for easier debugging

Details

When exporting distributions on local, (sign in as org_admin1@example.com, Distributions, Export Distributions, I'm getting a few unpermitted parameters -- There seems like a lot going on in this -- that's just what got my attention.

Partial log from exporting distributions on local,

12:23:02 web.1 | Started GET "/distributions.csv?filters%5Bdate_range%5D=January+1%2C+2024+-+December+31%2C+2024" for ::1 at 2024-09-12 12:23:02 -0400 12:23:02 web.1 | (10.2ms) SELECT "flipper_features"."key" AS feature_key, "flipper_gates"."key", "flipper_gates"."value" FROM "flipper_features" LEFT OUTER JOIN "flipper_gates" ON "flipper_features"."key" = "flipper_gates"."feature_key" 12:23:02 web.1 | Processing by DistributionsController#index as CSV 12:23:02 web.1 | Parameters: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}} 12:23:02 web.1 | User Load (1.1ms) SELECT "users". FROM "users" WHERE "users"."discarded_at" IS NULL AND "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2 [["id", 2], ["LIMIT", 1]] 12:23:02 web.1 | Role Exists? (1.3ms) SELECT 1 AS one FROM "roles" INNER JOIN "users_roles" ON "roles"."id" = "users_roles"."role_id" WHERE "users_roles"."user_id" = $1 LIMIT $2 [["user_id", 2], ["LIMIT", 1]] 12:23:02 web.1 | ↳ config/initializers/devise.rb:331:in `block in <top (required)>' 12:23:02 web.1 | Role Load (0.6ms) SELECT "roles". FROM "roles" INNER JOIN "users_roles" ON "roles"."id" = "users_roles"."role_id" WHERE "users_roles"."user_id" = $1 AND (((roles.name = 'super_admin') AND (roles.resource_type IS NULL) AND (roles.resource_id IS NULL))) [["user_id", 2]] 12:23:02 web.1 | ↳ app/controllers/application_controller.rb:62:in authorize_user' 12:23:02 web.1 | Role Load (0.2ms) SELECT "roles".* FROM "roles" WHERE "roles"."id" = $1 LIMIT $2 [["id", 3], ["LIMIT", 1]] 12:23:02 web.1 | ↳ app/controllers/application_controller.rb:39:incurrent_role' 12:23:02 web.1 | Organization Load (0.7ms) SELECT "organizations". FROM "organizations" WHERE "organizations"."id" = $1 LIMIT $2 [["id", 1], ["LIMIT", 1]] 12:23:02 web.1 | ↳ app/controllers/application_controller.rb:21:in `current_organization' 12:23:02 web.1 | Role Load (0.6ms) SELECT "roles". FROM "roles" INNER JOIN "users_roles" ON "roles"."id" = "users_roles"."role_id" WHERE "users_roles"."user_id" = $1 AND ((((roles.name = 'org_user') AND (roles.resource_type IS NULL) AND (roles.resource_id IS NULL)) OR ((roles.name = 'org_user') AND (roles.resource_type = 'Organization') AND (roles.resource_id IS NULL)) OR ((roles.name = 'org_user') AND (roles.resource_type = 'Organization') AND (roles.resource_id = 1)))) [["user_id", 2]] 12:23:02 web.1 | ↳ app/controllers/application_controller.rb:63:in authorize_user' 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Distribution Load (1.2ms) SELECT "distributions".* FROM "distributions" WHERE "distributions"."organization_id" = $1 AND "distributions"."issued_at" BETWEEN $2 AND $3 ORDER BY issued_at DESC, "distributions"."issued_at" DESC [["organization_id", 1], ["issued_at", "2024-01-01 00:00:00"], ["issued_at", "2024-12-31 23:59:59.999999"]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:53:incollect' 12:23:02 web.1 | Partner Load (1.0ms) SELECT "partners". FROM "partners" WHERE "partners"."id" IN ($1, $2, $3) [["id", 2], ["id", 3], ["id", 1]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:53:in `collect' 12:23:02 web.1 | StorageLocation Load (13.9ms) SELECT "storage_locations". FROM "storage_locations" WHERE "storage_locations"."id" IN ($1, $2) [["id", 1], ["id", 2]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:53:in collect' 12:23:02 web.1 | LineItem Load (0.7ms) SELECT "line_items".* FROM "line_items" WHERE "line_items"."itemizable_type" = $1 AND "line_items"."itemizable_id" IN ($2, $3, $4, $5, $6) [["itemizable_type", "Distribution"], ["itemizable_id", 5], ["itemizable_id", 1], ["itemizable_id", 6], ["itemizable_id", 2], ["itemizable_id", 7]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:53:incollect' 12:23:02 web.1 | Item Load (0.8ms) SELECT "items". FROM "items" WHERE "items"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24, $25, $26, $27, $28, $29, $30, $31, $32, $33, $34, $35, $36, $37, $38, $39, $40, $41) [["id", 32], ["id", 31], ["id", 46], ["id", 25], ["id", 7], ["id", 47], ["id", 19], ["id", 15], ["id", 36], ["id", 8], ["id", 14], ["id", 38], ["id", 45], ["id", 27], ["id", 30], ["id", 40], ["id", 3], ["id", 22], ["id", 12], ["id", 34], ["id", 37], ["id", 35], ["id", 9], ["id", 18], ["id", 43], ["id", 44], ["id", 5], ["id", 4], ["id", 33], ["id", 16], ["id", 6], ["id", 11], ["id", 21], ["id", 39], ["id", 10], ["id", 41], ["id", 24], ["id", 20], ["id", 1], ["id", 13], ["id", 17]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:53:in collect' 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | LineItem Sum (4.5ms) SELECT SUM("line_items"."quantity") FROM "line_items" WHERE "line_items"."itemizable_type" = $1 AND "line_items"."itemizable_id" IN ($2, $3, $4, $5, $6) [["itemizable_type", "Distribution"], ["itemizable_id", 5], ["itemizable_id", 1], ["itemizable_id", 6], ["itemizable_id", 2], ["itemizable_id", 7]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:298:intotal_items' 12:23:02 web.1 | Distribution Load (0.4ms) SELECT "distributions". FROM "distributions" WHERE "distributions"."organization_id" = $1 AND "distributions"."issued_at" BETWEEN $2 AND $3 ORDER BY issued_at DESC, "distributions"."issued_at" DESC LIMIT $4 OFFSET $5 [["organization_id", 1], ["issued_at", "2024-01-01 00:00:00"], ["issued_at", "2024-12-31 23:59:59.999999"], ["LIMIT", 50], ["OFFSET", 0]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:302:in total_value' 12:23:02 web.1 | CACHE Partner Load (0.0ms) SELECT "partners".* FROM "partners" WHERE "partners"."id" IN ($1, $2, $3) [["id", 2], ["id", 3], ["id", 1]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:302:intotal_value' 12:23:02 web.1 | CACHE StorageLocation Load (0.0ms) SELECT "storage_locations". FROM "storage_locations" WHERE "storage_locations"."id" IN ($1, $2) [["id", 1], ["id", 2]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:302:in `total_value' 12:23:02 web.1 | CACHE LineItem Load (0.0ms) SELECT "line_items". FROM "line_items" WHERE "line_items"."itemizable_type" = $1 AND "line_items"."itemizable_id" IN ($2, $3, $4, $5, $6) [["itemizable_type", "Distribution"], ["itemizable_id", 5], ["itemizable_id", 1], ["itemizable_id", 6], ["itemizable_id", 2], ["itemizable_id", 7]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:302:in total_value' 12:23:02 web.1 | CACHE Item Load (0.1ms) SELECT "items".* FROM "items" WHERE "items"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24, $25, $26, $27, $28, $29, $30, $31, $32, $33, $34, $35, $36, $37, $38, $39, $40, $41) [["id", 32], ["id", 31], ["id", 46], ["id", 25], ["id", 7], ["id", 47], ["id", 19], ["id", 15], ["id", 36], ["id", 8], ["id", 14], ["id", 38], ["id", 45], ["id", 27], ["id", 30], ["id", 40], ["id", 3], ["id", 22], ["id", 12], ["id", 34], ["id", 37], ["id", 35], ["id", 9], ["id", 18], ["id", 43], ["id", 44], ["id", 5], ["id", 4], ["id", 33], ["id", 16], ["id", 6], ["id", 11], ["id", 21], ["id", 39], ["id", 10], ["id", 41], ["id", 24], ["id", 20], ["id", 1], ["id", 13], ["id", 17]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:302:intotal_value' 12:23:02 web.1 | CACHE LineItem Sum (0.1ms) SELECT SUM("line_items"."quantity") FROM "line_items" WHERE "line_items"."itemizable_type" = $1 AND "line_items"."itemizable_id" IN ($2, $3, $4, $5, $6) [["itemizable_type", "Distribution"], ["itemizable_id", 5], ["itemizable_id", 1], ["itemizable_id", 6], ["itemizable_id", 2], ["itemizable_id", 7]] 12:23:02 web.1 | ↳ app/controllers/distributions_controller.rb:298:in total_items' 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Unpermitted parameter: :date_range. Context: { controller: DistributionsController, action: index, request: #<ActionDispatch::Request:0x000000011f01f200>, params: {"filters"=>{"date_range"=>"January 1, 2024 - December 31, 2024"}, "controller"=>"distributions", "action"=>"index", "format"=>"csv"} } 12:23:02 web.1 | Item Load (1.6ms) SELECT DISTINCT ON (LOWER(name)) items.name FROM "items" WHERE "items"."organization_id" = $1 ORDER BY LOWER(name) ASC [["organization_id", 1]] 12:23:02 web.1 | ↳ app/services/exports/export_distributions_csv_service.rb:121:inmap' 12:23:02 web.1 | Rendering text template 12:23:02 web.1 | Rendered text template (Duration: 0.0ms | Allocations: 10) 12:23:02 web.1 | Sent data Distributions-2024-09-12.csv (2.0ms) 12:23:02 web.1 | Completed 200 OK in 324ms (Views: 1.6ms | ActiveRecord: 28.9ms | Allocations: 305191) 12:23:02 web.1 | 12:23:02 web.1 | 12:23:02 web.1 | user: clfisher 12:23:02 web.1 | GET /distributions.csv?filters%5Bdate_range%5D=January+1%2C+2024+-+December+31%2C+2024 12:23:02 web.1 | AVOID eager loading detected 12:23:02 web.1 | Distribution => [:items] 12:23:02 web.1 | Remove from your query: .includes([:items]) 12:23:02 web.1 | Call stack 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/services/exports/export_distributions_csv_service.rb:129:in build_row_data' 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/services/exports/export_distributions_csv_service.rb:29:inblock in generate_csv_data' 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/services/exports/export_distributions_csv_service.rb:28:in generate_csv_data' 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/services/exports/export_distributions_csv_service.rb:17:ingenerate_csv' 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/controllers/distributions_controller.rb:69:in block (2 levels) in index' 12:23:02 web.1 | /Users/clfisher/projects/human-essentials/app/controllers/distributions_controller.rb:66:inindex' 12:23:02 web.1 | 12:23:02 web.1 |

Investigate and possibilty fix.

Criteria for completion

Bonus round

italomatos commented 1 month ago

hey @cielf could you assign this task to me? 🙏🏻

cielf commented 1 month ago

Done.

github-actions[bot] commented 2 weeks ago

This issue is marked as stale due to no activity within 30 days. If no further activity is detected within 7 days, it will be unassigned.

github-actions[bot] commented 1 week ago

Automatically unassigned after 7 days of inactivity.