Fixed an issue where viewing the stack page as an admin filtered to a project was causing results to be returned incorrectly.

niemyjski · niemyjski · commit 9205b80bdaab · 2016-09-19T17:12:28.000-05:00
diff --git a/Source/Api/Controllers/Base/ExceptionlessApiController.cs b/Source/Api/Controllers/Base/ExceptionlessApiController.cs
@@ -11,6 +11,7 @@
 using Exceptionless.Api.Utility.Results;
 using Exceptionless.Core.Repositories;
 using Exceptionless.Core.Models;
+using Exceptionless.Core.Repositories.Queries;
 using Exceptionless.DateTimeExtensions;
 using Foundatio.Repositories.Models;
 using Foundatio.Utility;
@@ -142,11 +143,22 @@ public async Task<IReadOnlyCollection<Organization>> GetAssociatedActiveOrganiza
             return organizations.Where(o => !o.IsSuspended).ToList().AsReadOnly();
         }
 
-        protected bool ShouldApplySystemFilter(string filter) {
+        protected bool ShouldApplySystemFilter(IExceptionlessSystemFilterQuery sf, string filter) {
+            // Apply filter to non admin user.
+            if (!Request.IsGlobalAdmin())
+                return true;
+
+            // Apply filter as it's scoped via a controller action.
+            if (!sf.IsUserOrganizationsFilter)
+                return true;
+
+            // Empty user filter
             if (String.IsNullOrEmpty(filter))
                 return true;
 
-            return !(Request.IsGlobalAdmin() && (filter.Contains("organization:") || filter.Contains("project:") || filter.Contains("stack:")));
+            // Used for impersonating a user. Only skip the filter if it contains an org, project or stack.
+            bool hasOrganizationOrProjectOrStackFilter = filter.Contains("organization:") || filter.Contains("project:") || filter.Contains("stack:");
+            return !hasOrganizationOrProjectOrStackFilter;
         }
 
         protected StatusCodeActionResult StatusCodeWithMessage(HttpStatusCode statusCode, string message, string reason = null) {
diff --git a/Source/Api/Controllers/EventController.cs b/Source/Api/Controllers/EventController.cs
@@ -129,7 +129,7 @@ public async Task<IHttpActionResult> GetAsync(string filter = null, string sort
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, filter, sort, mode, page, limit);
         }
 
@@ -151,7 +151,7 @@ private async Task<IHttpActionResult> GetInternalAsync(IExceptionlessSystemFilte
 
             FindResults<PersistentEvent> events;
             try {
-                events = await _repository.GetByFilterAsync(ShouldApplySystemFilter(filter) ? sf : null, pr.ExpandedQuery, sortBy, ti.Field, ti.UtcRange.Start, ti.UtcRange.End, options);
+                events = await _repository.GetByFilterAsync(ShouldApplySystemFilter(sf, filter) ? sf : null, pr.ExpandedQuery, sortBy, ti.Field, ti.UtcRange.Start, ti.UtcRange.End, options);
             } catch (ApplicationException ex) {
                 _logger.Error().Exception(ex)
                     .Message("An error has occurred. Please check your search filter.")
@@ -264,7 +264,7 @@ public async Task<IHttpActionResult> GetByStackAsync(string stackId, string filt
             var stack = await GetStackAsync(stackId);
             if (stack == null)
                 return NotFound();
-            
+
             var organization = await GetOrganizationAsync(stack.OrganizationId);
             if (organization == null)
                 return NotFound();
@@ -295,7 +295,7 @@ public async Task<IHttpActionResult> GetByReferenceIdAsync(string referenceId, s
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(null, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, String.Concat("reference:", referenceId), null, mode, page, limit);
         }
 
@@ -352,7 +352,7 @@ public async Task<IHttpActionResult> GetBySessionIdAsync(string sessionId, strin
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, $"(reference:{sessionId} OR ref.session:{sessionId}) {filter}", sort, mode, page, limit, true);
         }
 
@@ -411,7 +411,7 @@ public async Task<IHttpActionResult> GetBySessionAsync(string filter = null, str
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, $"type:{Event.KnownTypes.Session} {filter}", sort, mode, page, limit, true);
         }
 
diff --git a/Source/Api/Controllers/StackController.cs b/Source/Api/Controllers/StackController.cs
@@ -506,7 +506,7 @@ public async Task<IHttpActionResult> GetAsync(string filter = null, string sort
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, filter, sort, mode, page, limit);
         }
 
@@ -527,7 +527,7 @@ private async Task<IHttpActionResult> GetInternalAsync(IExceptionlessSystemFilte
             var options = new PagingOptions { Page = page, Limit = limit };
             
             try {
-                var results = await _repository.GetByFilterAsync(ShouldApplySystemFilter(filter) ? sf : null, filter, sortBy, ti.Field, ti.UtcRange.Start, ti.UtcRange.End, options);
+                var results = await _repository.GetByFilterAsync(ShouldApplySystemFilter(sf, filter) ? sf : null, filter, sortBy, ti.Field, ti.UtcRange.Start, ti.UtcRange.End, options);
 
                 var stacks = results.Documents.Select(s => s.ApplyOffset(ti.Offset)).ToList();
                 if (!String.IsNullOrEmpty(mode) && String.Equals(mode, "summary", StringComparison.OrdinalIgnoreCase))
@@ -597,7 +597,7 @@ public async Task<IHttpActionResult> NewAsync(string filter = null, string time
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(String.Concat("first|", time), offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, filter, "-first", mode, page, limit);
         }
 
@@ -653,7 +653,7 @@ public async Task<IHttpActionResult> RecentAsync(string filter = null, string ti
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(String.Concat("last|", time), offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetInternalAsync(sf, ti, filter, "-last", mode, page, limit);
         }
 
@@ -709,7 +709,7 @@ public async Task<IHttpActionResult> FrequentAsync(string filter = null, string
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetAllByTermsAsync(_distinctUsersFields, sf, ti, filter, mode, page, limit);
         }
 
@@ -765,7 +765,7 @@ public async Task<IHttpActionResult> UsersAsync(string filter = null, string tim
                 return Ok(EmptyModels);
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
-            var sf = new ExceptionlessSystemFilterQuery(organizations);
+            var sf = new ExceptionlessSystemFilterQuery(organizations) { IsUserOrganizationsFilter = true };
             return await GetAllByTermsAsync(_distinctUsersFieldsWithSort, sf, ti, filter, mode, page, limit);
         }
 
@@ -816,7 +816,7 @@ private async Task<IHttpActionResult> GetAllByTermsAsync(ICollection<FieldAggreg
             sf.UsesPremiumFeatures = pr.UsesPremiumFeatures;
 
             try {
-                var ntsr = await _eventStats.GetNumbersTermsStatsAsync("stack_id", fields, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(filter) ? sf : null, filter, ti.Offset, GetSkip(page + 1, limit) + 1);
+                var ntsr = await _eventStats.GetNumbersTermsStatsAsync("stack_id", fields, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(sf, filter) ? sf : null, filter, ti.Offset, GetSkip(page + 1, limit) + 1);
                 if (ntsr.Terms.Count == 0)
                     return Ok(EmptyModels);
 
diff --git a/Source/Api/Controllers/StatsController.cs b/Source/Api/Controllers/StatsController.cs
@@ -50,12 +50,13 @@ public async Task<IHttpActionResult> GetAsync(string fields = null, string filte
             
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
             var sf = new ExceptionlessSystemFilterQuery(organizations) {
-                UsesPremiumFeatures = far.UsesPremiumFeatures || pr.UsesPremiumFeatures
+                UsesPremiumFeatures = far.UsesPremiumFeatures || pr.UsesPremiumFeatures,
+                IsUserOrganizationsFilter = true
             };
 
             NumbersStatsResult result;
             try {
-                result = await _stats.GetNumbersStatsAsync(far.Aggregations, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(filter) ? sf : null, pr.ExpandedQuery, ti.Offset);
+                result = await _stats.GetNumbersStatsAsync(far.Aggregations, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(sf, filter) ? sf : null, pr.ExpandedQuery, ti.Offset);
             } catch (ApplicationException ex) {
                 _logger.Error().Exception(ex)
                     .Message("An error has occurred. Please check your search filter.")
@@ -96,12 +97,13 @@ public async Task<IHttpActionResult> GetTimelineAsync(string fields = null, stri
 
             var ti = GetTimeInfo(time, offset, organizations.GetRetentionUtcCutoff());
             var sf = new ExceptionlessSystemFilterQuery(organizations) {
-                UsesPremiumFeatures = far.UsesPremiumFeatures || pr.UsesPremiumFeatures
+                UsesPremiumFeatures = far.UsesPremiumFeatures || pr.UsesPremiumFeatures,
+                IsUserOrganizationsFilter = true
             };
 
             NumbersTimelineStatsResult result;
             try {
-                result = await _stats.GetNumbersTimelineStatsAsync(far.Aggregations, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(filter) ? sf : null, pr.ExpandedQuery, ti.Offset);
+                result = await _stats.GetNumbersTimelineStatsAsync(far.Aggregations, ti.UtcRange.Start, ti.UtcRange.End, ShouldApplySystemFilter(sf, filter) ? sf : null, pr.ExpandedQuery, ti.Offset);
             } catch (ApplicationException ex) {
                 _logger.Error().Exception(ex)
                     .Message("An error has occurred. Please check your search filter.")
diff --git a/Source/Core/Repositories/Queries/ExceptionlessSystemFilterQuery.cs b/Source/Core/Repositories/Queries/ExceptionlessSystemFilterQuery.cs
@@ -48,13 +48,15 @@ public ExceptionlessSystemFilterQuery(Stack stack, Organization organization) :
         public IReadOnlyCollection<Project> Projects { get; }
         public Stack Stack { get; }
         public bool UsesPremiumFeatures { get; set; }
+        public bool IsUserOrganizationsFilter { get; set; }
     }
 
     public interface IExceptionlessSystemFilterQuery : IRepositoryQuery {
         IReadOnlyCollection<Organization> Organizations { get; }
         IReadOnlyCollection<Project> Projects { get; }
         Stack Stack { get; }
         bool UsesPremiumFeatures { get; set; }
+         bool IsUserOrganizationsFilter { get; set; }
     }
 
     public class ExceptionlessSystemFilterQueryBuilder : IElasticQueryBuilder {

Original file line number	Diff line number	Diff line change
`@@ -48,13 +48,15 @@ public ExceptionlessSystemFilterQuery(Stack stack, Organization organization) :`
`48`	`48`	`public IReadOnlyCollection<Project> Projects { get; }`
`49`	`49`	`public Stack Stack { get; }`
`50`	`50`	`public bool UsesPremiumFeatures { get; set; }`
	`51`	`+ public bool IsUserOrganizationsFilter { get; set; }`
`51`	`52`	`}`
`52`	`53`
`53`	`54`	`public interface IExceptionlessSystemFilterQuery : IRepositoryQuery {`
`54`	`55`	`IReadOnlyCollection<Organization> Organizations { get; }`
`55`	`56`	`IReadOnlyCollection<Project> Projects { get; }`
`56`	`57`	`Stack Stack { get; }`
`57`	`58`	`bool UsesPremiumFeatures { get; set; }`
	`59`	`+ bool IsUserOrganizationsFilter { get; set; }`
`58`	`60`	`}`
`59`	`61`
`60`	`62`	`public class ExceptionlessSystemFilterQueryBuilder : IElasticQueryBuilder {`