Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LoginAudit: Failed to save LoginAudit for User: #31

Open
dalfry opened this issue Jun 21, 2017 · 2 comments
Open

LoginAudit: Failed to save LoginAudit for User: #31

dalfry opened this issue Jun 21, 2017 · 2 comments
Assignees
@martin-denizet
Labels
bug enhancement

Comments

@dalfry
Copy link

dalfry commented Jun 21, 2017

I just installed easygantt plugin from EasyRedmine and now keep finding these entries for a user that is already logged in successfully and only navigating between pages on RedMine (IP addresses and other info masked) -

LoginAudit Event: LoginAudit(User 6 with Login:abcdefgh IP:172.00.000.000 Succeeded to call API at /projects/operations/easy_gantt/issues.json?f%5B%5D=status_id&key=bceafa8e4154ccd5b970d211ecc02389074a3f09&op%5Bstatus_id%5D=o&set_filter=1&type=EasyGantt%3A%3AEasyGanttIssueQuery&v%5Bstatus_id%5D%5B%5D=)

LoginAudit: Failed to save LoginAudit for User:'vaibhav', id: 6, Login succeed: true, Error: Mysql2::Error: Data too long for column 'url' at row 1: INSERT INTO login_audits (user_id, ip_address, success, login, api, url, method, created_on) VALUES (6, '000.000.000.000', 1, 'abcdefgh', 1, '/projects/operations/easy_gantt/issues.json?f%5B%5D=status_id&key=bceafa8e4154ccd5b970d211ecc02389074a3f09&op%5Bstatus_id%5D=o&set_filter=1&type=EasyGantt%3A%3AEasyGanttIssueQuery&v%5Bstatus_id%5D%5B%5D=', 'GET', '2017-06-21 21:55:02')

Looks like something to do with the way easygantt handles some internal calls?
@dalfry
Copy link
Author

dalfry commented Jun 22, 2017

More details.

Now I see a lot of login audit entries with this URL -

/easy_gantt/projects.json?key=bceafa8e4154ccd5b970d211ecc02389074a3f09&opened_project_id=24&set_filter=1&subproject_loading=1&type=EasyGanttProjectQuery

/issues/825.json?key=bceafa8e4154ccd5b970d211ecc02389074a3f09

/issues/824/relations.json?key=bceafa8e4154ccd5b970d211ecc02389074a3f09

These with methods - GET / PUT / POST.

This will pollute the login database significantly once users start using the gantt plugin extensively.

Somehow, these easy_gantt entries need to be filtered from triggering login audit entries.

@martin-denizet martin-denizet self-assigned this Jan 27, 2018
martin-denizet added a commit that referenced this issue Apr 9, 2018
@martin-denizet
Increased URL size in DB and prevent crash if length exceeds the limi…
a217a52 
…t. refs #31 thanks @dalfry
martin-denizet added a commit that referenced this issue Apr 9, 2018
@martin-denizet
Option to filter out 'key' GET parameters in API URLs. refs #31
f606e4f
martin-denizet added a commit that referenced this issue Apr 11, 2018
@martin-denizet
Merge tag '0.3.3' into develop
70dba1f 
Release version 0.3.3. Fixes #31,#36. Adds key filtering and tests
@martin-denizet
Copy link
Owner

Hello, crash fixed but I keep this open to remember to implement filtering

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@martin-denizet martin-denizet

Labels
bug enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martin-denizet @dalfry