Skip to content

Commit c1e58cd

Browse files
code-ashercode-asher
committed
Disable /insights endpoint according to flag
1 parent 7ed5c2a commit c1e58cd

File tree

2 files changed

+113
-4
lines changed

2 files changed

+113
-4
lines changed

coderd/coderd.go

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1523,11 +1523,28 @@ func New(options *Options) *API {
15231523
})
15241524
r.Route("/insights", func(r chi.Router) {
15251525
r.Use(apiKeyMiddleware)
1526-
r.Get("/daus", api.deploymentDAUs)
1527-
r.Get("/user-activity", api.insightsUserActivity)
1526+
r.Group(func(r chi.Router) {
1527+
r.Use(
1528+
func(next http.Handler) http.Handler {
1529+
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
1530+
if options.DeploymentValues.DisableTemplateInsights.Value() {
1531+
httpapi.Write(context.Background(), rw, http.StatusForbidden, codersdk.Response{
1532+
Message: "Forbidden.",
1533+
Detail: "Template insights are disabled.",
1534+
})
1535+
return
1536+
}
1537+
1538+
next.ServeHTTP(rw, r)
1539+
})
1540+
},
1541+
)
1542+
r.Get("/daus", api.deploymentDAUs)
1543+
r.Get("/user-activity", api.insightsUserActivity)
1544+
r.Get("/user-latency", api.insightsUserLatency)
1545+
r.Get("/templates", api.insightsTemplates)
1546+
})
15281547
r.Get("/user-status-counts", api.insightsUserStatusCounts)
1529-
r.Get("/user-latency", api.insightsUserLatency)
1530-
r.Get("/templates", api.insightsTemplates)
15311548
})
15321549
r.Route("/debug", func(r chi.Router) {
15331550
r.Use(

coderd/insights_test.go

Lines changed: 92 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2389,3 +2389,95 @@ func TestGenericInsights_RBAC(t *testing.T) {
23892389
})
23902390
}
23912391
}
2392+
2393+
func TestGenericInsights_Disabled(t *testing.T) {
2394+
t.Parallel()
2395+
2396+
db, ps := dbtestutil.NewDB(t)
2397+
logger := testutil.Logger(t)
2398+
client := coderdtest.New(t, &coderdtest.Options{
2399+
Database: db,
2400+
Pubsub: ps,
2401+
Logger: &logger,
2402+
IncludeProvisionerDaemon: true,
2403+
AgentStatsRefreshInterval: time.Millisecond * 100,
2404+
DatabaseRolluper: dbrollup.New(
2405+
logger.Named("dbrollup"),
2406+
db,
2407+
dbrollup.WithInterval(time.Millisecond*100),
2408+
),
2409+
DeploymentValues: coderdtest.DeploymentValues(t, func(dv *codersdk.DeploymentValues) {
2410+
dv.DisableTemplateInsights = true
2411+
}),
2412+
})
2413+
user := coderdtest.CreateFirstUser(t, client)
2414+
_, _ = coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
2415+
2416+
tests := []struct {
2417+
name string
2418+
fn func(ctx context.Context) error
2419+
// ok means there should be no error, otherwise assume forbidden due to
2420+
// being disabled.
2421+
ok bool
2422+
}{
2423+
{
2424+
name: "DAUS",
2425+
fn: func(ctx context.Context) error {
2426+
_, err := client.DeploymentDAUs(ctx, 0)
2427+
return err
2428+
},
2429+
},
2430+
{
2431+
name: "UserActivity",
2432+
fn: func(ctx context.Context) error {
2433+
_, err := client.UserActivityInsights(ctx, codersdk.UserActivityInsightsRequest{})
2434+
return err
2435+
},
2436+
},
2437+
{
2438+
name: "UserLatency",
2439+
fn: func(ctx context.Context) error {
2440+
_, err := client.UserLatencyInsights(ctx, codersdk.UserLatencyInsightsRequest{})
2441+
return err
2442+
},
2443+
},
2444+
{
2445+
name: "UserStatusCounts",
2446+
fn: func(ctx context.Context) error {
2447+
_, err := client.GetUserStatusCounts(ctx, codersdk.GetUserStatusCountsRequest{
2448+
Offset: 0,
2449+
})
2450+
return err
2451+
},
2452+
// Status count is not derived from template insights, so it should not be
2453+
// disabled.
2454+
ok: true,
2455+
},
2456+
{
2457+
name: "Templates",
2458+
fn: func(ctx context.Context) error {
2459+
_, err := client.TemplateInsights(ctx, codersdk.TemplateInsightsRequest{})
2460+
return err
2461+
},
2462+
},
2463+
}
2464+
2465+
for _, tt := range tests {
2466+
t.Run(tt.name, func(t *testing.T) {
2467+
t.Parallel()
2468+
2469+
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitShort)
2470+
defer cancel()
2471+
2472+
err := tt.fn(ctx)
2473+
if tt.ok {
2474+
require.NoError(t, err)
2475+
} else {
2476+
require.Error(t, err)
2477+
cerr := coderdtest.SDKError(t, err)
2478+
require.Contains(t, cerr.Error(), "disabled")
2479+
require.Equal(t, http.StatusForbidden, cerr.StatusCode())
2480+
}
2481+
})
2482+
}
2483+
}

0 commit comments

Comments
 (0)