test_discover_saved_query_detail.py 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503
  1. import pytest
  2. from django.urls import NoReverseMatch, reverse
  3. from sentry.discover.models import (
  4. DiscoverSavedQuery,
  5. DiscoverSavedQueryProject,
  6. DiscoverSavedQueryTypes,
  7. )
  8. from sentry.testutils.cases import APITestCase, SnubaTestCase
  9. class DiscoverSavedQueryDetailTest(APITestCase, SnubaTestCase):
  10. feature_name = "organizations:discover"
  11. def setUp(self):
  12. super().setUp()
  13. self.login_as(user=self.user)
  14. self.org = self.create_organization(owner=self.user)
  15. self.org_without_access = self.create_organization()
  16. self.project_ids = [
  17. self.create_project(organization=self.org).id,
  18. self.create_project(organization=self.org).id,
  19. ]
  20. query = {"fields": ["test"], "conditions": [], "limit": 10}
  21. model = DiscoverSavedQuery.objects.create(
  22. organization=self.org, created_by_id=self.user.id, name="Test query", query=query
  23. )
  24. model.set_projects(self.project_ids)
  25. self.query_id = model.id
  26. invalid = DiscoverSavedQuery.objects.create(
  27. organization=self.org_without_access, name="Query without access", query=query
  28. )
  29. invalid.set_projects(self.project_ids)
  30. self.query_id_without_access = invalid.id
  31. def setup_no_team_user(self):
  32. # disable Open Membership
  33. self.org.flags.allow_joinleave = False
  34. self.org.save()
  35. # user has no access to the first project
  36. user_no_team = self.create_user(is_superuser=False)
  37. self.create_member(user=user_no_team, organization=self.org, role="member", teams=[])
  38. self.login_as(user_no_team)
  39. def test_invalid_id(self):
  40. with pytest.raises(NoReverseMatch):
  41. reverse("sentry-api-0-discover-saved-query-detail", args=[self.org.slug, "not-an-id"])
  42. def test_get(self):
  43. with self.feature(self.feature_name):
  44. url = reverse(
  45. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  46. )
  47. response = self.client.get(url)
  48. assert response.status_code == 200, response.content
  49. assert response.data["id"] == str(self.query_id)
  50. assert set(response.data["projects"]) == set(self.project_ids)
  51. assert response.data["fields"] == ["test"]
  52. assert response.data["conditions"] == []
  53. assert response.data["limit"] == 10
  54. def test_get_discover_query_flag(self):
  55. with self.feature("organizations:discover-query"):
  56. url = reverse(
  57. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  58. )
  59. response = self.client.get(url)
  60. assert response.status_code == 200, response.content
  61. assert response.data["id"] == str(self.query_id)
  62. assert set(response.data["projects"]) == set(self.project_ids)
  63. assert response.data["fields"] == ["test"]
  64. assert response.data["conditions"] == []
  65. assert response.data["limit"] == 10
  66. def test_get_version(self):
  67. query = {"fields": ["event_id"], "query": "event.type:error", "limit": 10, "version": 2}
  68. model = DiscoverSavedQuery.objects.create(
  69. organization=self.org, created_by_id=self.user.id, name="v2 query", query=query
  70. )
  71. model.set_projects(self.project_ids)
  72. with self.feature(self.feature_name):
  73. url = reverse(
  74. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, model.id]
  75. )
  76. response = self.client.get(url)
  77. assert response.status_code == 200, response.content
  78. assert response.data["id"] == str(model.id)
  79. assert set(response.data["projects"]) == set(self.project_ids)
  80. assert response.data["fields"] == ["event_id"]
  81. assert response.data["query"] == "event.type:error"
  82. assert response.data["limit"] == 10
  83. assert response.data["version"] == 2
  84. def test_get_org_without_access(self):
  85. with self.feature(self.feature_name):
  86. url = reverse(
  87. "sentry-api-0-discover-saved-query-detail",
  88. args=[self.org_without_access.slug, self.query_id],
  89. )
  90. response = self.client.get(url)
  91. assert response.status_code == 403, response.content
  92. def test_get_homepage_query(self):
  93. query = {"fields": ["event_id"], "query": "event.type:error", "limit": 10, "version": 2}
  94. model = DiscoverSavedQuery.objects.create(
  95. organization=self.org,
  96. created_by_id=self.user.id,
  97. name="v2 query",
  98. query=query,
  99. is_homepage=True,
  100. )
  101. model.set_projects(self.project_ids)
  102. with self.feature(self.feature_name):
  103. url = reverse(
  104. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, model.id]
  105. )
  106. response = self.client.get(url)
  107. assert response.status_code == 404, response.content
  108. def test_get_disallow_when_no_project_access(self):
  109. self.setup_no_team_user()
  110. with self.feature(self.feature_name):
  111. url = reverse(
  112. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  113. )
  114. response = self.client.get(url)
  115. assert response.status_code == 403, response.data
  116. assert response.data == {"detail": "You do not have permission to perform this action."}
  117. def test_put(self):
  118. with self.feature(self.feature_name):
  119. url = reverse(
  120. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  121. )
  122. response = self.client.put(
  123. url,
  124. {
  125. "name": "New query",
  126. "projects": self.project_ids,
  127. "fields": [],
  128. "range": "24h",
  129. "limit": 20,
  130. "conditions": [],
  131. "aggregations": [],
  132. "orderby": "-time",
  133. },
  134. )
  135. assert response.status_code == 200, response.content
  136. assert response.data["id"] == str(self.query_id)
  137. assert set(response.data["projects"]) == set(self.project_ids)
  138. assert response.data["fields"] == []
  139. assert response.data["conditions"] == []
  140. assert response.data["limit"] == 20
  141. def test_put_dataset(self):
  142. with self.feature(self.feature_name):
  143. url = reverse(
  144. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  145. )
  146. response = self.client.put(
  147. url,
  148. {
  149. "name": "New query",
  150. "projects": self.project_ids,
  151. "fields": [],
  152. "range": "24h",
  153. "limit": 20,
  154. "conditions": [],
  155. "aggregations": [],
  156. "orderby": "-time",
  157. "queryDataset": "transaction-like",
  158. },
  159. )
  160. assert response.status_code == 200, response.content
  161. assert response.data["id"] == str(self.query_id)
  162. assert set(response.data["projects"]) == set(self.project_ids)
  163. assert response.data["fields"] == []
  164. assert response.data["conditions"] == []
  165. assert response.data["limit"] == 20
  166. assert response.data["queryDataset"] == "transaction-like"
  167. def test_dataset_set_to_discover_on_update(self):
  168. query = {"fields": ["event_id"], "query": "event.type:error", "limit": 10, "version": 2}
  169. model = DiscoverSavedQuery.objects.create(
  170. organization=self.org,
  171. created_by_id=self.user.id,
  172. name="query",
  173. query=query,
  174. dataset=DiscoverSavedQueryTypes.TRANSACTION_LIKE,
  175. )
  176. with self.feature(self.feature_name):
  177. url = reverse(
  178. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, model.id]
  179. )
  180. response = self.client.put(
  181. url,
  182. {
  183. "name": "New query",
  184. "projects": self.project_ids,
  185. "fields": [],
  186. "range": "24h",
  187. "limit": 20,
  188. "conditions": [],
  189. "aggregations": [],
  190. "orderby": "-time",
  191. },
  192. )
  193. assert response.status_code == 200, response.content
  194. assert response.data["id"] == str(model.id)
  195. assert response.data["queryDataset"] == "discover"
  196. def test_put_with_interval(self):
  197. with self.feature(self.feature_name):
  198. url = reverse(
  199. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  200. )
  201. response = self.client.put(
  202. url,
  203. {
  204. "name": "New query",
  205. "projects": self.project_ids,
  206. "fields": ["transaction", "count()"],
  207. "range": "24h",
  208. "interval": "10m",
  209. "version": 2,
  210. "orderby": "-count",
  211. },
  212. )
  213. assert response.status_code == 200, response.content
  214. assert response.data["fields"] == ["transaction", "count()"]
  215. assert response.data["interval"] == "10m"
  216. def test_put_query_without_access(self):
  217. with self.feature(self.feature_name):
  218. url = reverse(
  219. "sentry-api-0-discover-saved-query-detail",
  220. args=[self.org.slug, self.query_id_without_access],
  221. )
  222. response = self.client.put(
  223. url, {"name": "New query", "projects": self.project_ids, "range": "24h"}
  224. )
  225. assert response.status_code == 404
  226. def test_put_query_with_team(self):
  227. team = self.create_team(organization=self.org, members=[self.user])
  228. project = self.create_project(organization=self.org, teams=[team])
  229. query = DiscoverSavedQuery.objects.create(
  230. organization=self.org,
  231. created_by_id=self.user.id,
  232. name="Test query",
  233. query={"fields": ["test"], "conditions": [], "limit": 10},
  234. )
  235. query.set_projects([project.id])
  236. with self.feature(self.feature_name):
  237. url = reverse(
  238. "sentry-api-0-discover-saved-query-detail",
  239. args=[self.org.slug, query.id],
  240. )
  241. response = self.client.put(url, {"name": "New query", "projects": [], "range": "24h"})
  242. assert response.status_code == 200
  243. def test_put_query_without_team(self):
  244. team = self.create_team(organization=self.org, members=[])
  245. project = self.create_project(organization=self.org, teams=[team])
  246. query = DiscoverSavedQuery.objects.create(
  247. organization=self.org,
  248. created_by_id=self.user.id,
  249. name="Test query",
  250. query={"fields": ["test"], "conditions": [], "limit": 10},
  251. )
  252. query.set_projects([project.id])
  253. with self.feature(self.feature_name):
  254. url = reverse(
  255. "sentry-api-0-discover-saved-query-detail",
  256. args=[self.org.slug, query.id],
  257. )
  258. response = self.client.put(url, {"name": "New query", "projects": [], "range": "24h"})
  259. assert response.status_code == 400
  260. assert "No Projects found, join a Team" == response.data["detail"]
  261. def test_put_homepage_query(self):
  262. query = {"fields": ["event_id"], "query": "event.type:error", "limit": 10, "version": 2}
  263. model = DiscoverSavedQuery.objects.create(
  264. organization=self.org,
  265. created_by_id=self.user.id,
  266. name="v2 query",
  267. query=query,
  268. is_homepage=True,
  269. )
  270. model.set_projects(self.project_ids)
  271. with self.feature(self.feature_name):
  272. url = reverse(
  273. "sentry-api-0-discover-saved-query-detail",
  274. args=[self.org.slug, model.id],
  275. )
  276. response = self.client.put(
  277. url, {"name": "New query", "projects": [], "range": "24h", "fields": []}
  278. )
  279. assert response.status_code == 404, response.content
  280. def test_put_org_without_access(self):
  281. with self.feature(self.feature_name):
  282. url = reverse(
  283. "sentry-api-0-discover-saved-query-detail",
  284. args=[self.org_without_access.slug, self.query_id],
  285. )
  286. response = self.client.put(
  287. url, {"name": "New query", "projects": self.project_ids, "range": "24h"}
  288. )
  289. assert response.status_code == 403, response.content
  290. def test_put_disallow_when_no_project_access(self):
  291. self.setup_no_team_user()
  292. with self.feature(self.feature_name):
  293. url = reverse(
  294. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  295. )
  296. response = self.client.put(
  297. url,
  298. {
  299. "name": "New query",
  300. "projects": self.project_ids,
  301. "fields": [],
  302. "range": "24h",
  303. "limit": 20,
  304. "conditions": [],
  305. "aggregations": [],
  306. "orderby": "-time",
  307. },
  308. )
  309. assert response.status_code == 403, response.data
  310. assert response.data == {"detail": "You do not have permission to perform this action."}
  311. def test_delete(self):
  312. with self.feature(self.feature_name):
  313. url = reverse(
  314. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  315. )
  316. response = self.client.delete(url)
  317. assert response.status_code == 204
  318. assert self.client.get(url).status_code == 404
  319. def test_delete_removes_projects(self):
  320. with self.feature(self.feature_name):
  321. url = reverse(
  322. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  323. )
  324. self.client.delete(url)
  325. projects = list(
  326. DiscoverSavedQueryProject.objects.filter(discover_saved_query=self.query_id)
  327. )
  328. assert projects == []
  329. def test_delete_query_without_access(self):
  330. with self.feature(self.feature_name):
  331. url = reverse(
  332. "sentry-api-0-discover-saved-query-detail",
  333. args=[self.org.slug, self.query_id_without_access],
  334. )
  335. response = self.client.delete(url)
  336. assert response.status_code == 404
  337. def test_delete_org_without_access(self):
  338. with self.feature(self.feature_name):
  339. url = reverse(
  340. "sentry-api-0-discover-saved-query-detail",
  341. args=[self.org_without_access.slug, self.query_id],
  342. )
  343. response = self.client.delete(url)
  344. assert response.status_code == 403, response.content
  345. def test_delete_homepage_query(self):
  346. query = {"fields": ["event_id"], "query": "event.type:error", "limit": 10, "version": 2}
  347. model = DiscoverSavedQuery.objects.create(
  348. organization=self.org,
  349. created_by_id=self.user.id,
  350. name="v2 query",
  351. query=query,
  352. is_homepage=True,
  353. )
  354. model.set_projects(self.project_ids)
  355. with self.feature(self.feature_name):
  356. url = reverse(
  357. "sentry-api-0-discover-saved-query-detail",
  358. args=[self.org.slug, model.id],
  359. )
  360. response = self.client.delete(url)
  361. assert response.status_code == 404, response.content
  362. def test_delete_disallow_when_no_project_access(self):
  363. self.setup_no_team_user()
  364. with self.feature(self.feature_name):
  365. url = reverse(
  366. "sentry-api-0-discover-saved-query-detail", args=[self.org.slug, self.query_id]
  367. )
  368. response = self.client.delete(url)
  369. assert response.status_code == 403, response.data
  370. assert response.data == {"detail": "You do not have permission to perform this action."}
  371. class OrganizationDiscoverQueryVisitTest(APITestCase, SnubaTestCase):
  372. def setUp(self):
  373. super().setUp()
  374. self.login_as(user=self.user)
  375. self.org = self.create_organization(owner=self.user)
  376. self.org_without_access = self.create_organization()
  377. self.project_ids = [
  378. self.create_project(organization=self.org).id,
  379. self.create_project(organization=self.org).id,
  380. ]
  381. q = {"fields": ["test"], "conditions": [], "limit": 10}
  382. self.query = DiscoverSavedQuery.objects.create(
  383. organization=self.org, created_by_id=self.user.id, name="Test query", query=q
  384. )
  385. self.query.set_projects(self.project_ids)
  386. def url(self, query_id):
  387. return reverse(
  388. "sentry-api-0-discover-saved-query-visit",
  389. kwargs={"organization_id_or_slug": self.org.slug, "query_id": query_id},
  390. )
  391. def test_visit_query(self):
  392. last_visited = self.query.last_visited
  393. assert last_visited is not None
  394. assert self.query.visits == 1
  395. with self.feature("organizations:discover-query"):
  396. response = self.client.post(self.url(self.query.id))
  397. assert response.status_code == 204
  398. query = DiscoverSavedQuery.objects.get(id=self.query.id)
  399. assert query.visits == 2
  400. assert query.last_visited is not None
  401. assert query.last_visited > last_visited
  402. def test_visit_query_no_access(self):
  403. last_visited = self.query.last_visited
  404. assert self.query.visits == 1
  405. with self.feature({"organizations:discover-query": False}):
  406. response = self.client.post(self.url(self.query.id))
  407. assert response.status_code == 404
  408. query = DiscoverSavedQuery.objects.get(id=self.query.id)
  409. assert query.visits == 1
  410. assert query.last_visited == last_visited