fix: ensure sessionId on Sessions documents (#31487)

.changeset/clever-parrots-count.md

@@ -0,0 +1,5 @@
+---
+"@rocket.chat/meteor": patch
+---
+
+Fixed a bug where some sessions were being saved without a sessionId

apps/meteor/app/api/server/api.ts

@@ -108,6 +108,22 @@ const getRequestIP = (req: Request): string | null => {
 	return forwardedFor[forwardedFor.length - httpForwardedCount];
 };
 
+const generateConnection = (
+	ipAddress: string,
+	httpHeaders: Record<string, any>,
+): {
+	id: string;
+	close: () => void;
+	clientAddress: string;
+	httpHeaders: Record<string, any>;
+} => ({
+	id: Random.id(),
+	// eslint-disable-next-line @typescript-eslint/no-empty-function
+	close() {},
+	httpHeaders,
+	clientAddress: ipAddress,
+});
+
 let prometheusAPIUserAgent = false;
 
 export class APIClass<TBasePath extends string = ''> extends Restivus {
@@ -569,14 +585,7 @@ export class APIClass<TBasePath extends string = ''> extends Restivus {
 
 						let result;
 
-						const connection = {
-							id: Random.id(),
-							// eslint-disable-next-line @typescript-eslint/no-empty-function
-							close() {},
-							token: this.token,
-							httpHeaders: this.request.headers,
-							clientAddress: this.requestIp,
-						};
+						const connection = { ...generateConnection(this.requestIp, this.request.headers), token: this.token };
 
 						try {
 							if (options.deprecationVersion) {
@@ -761,12 +770,7 @@ export class APIClass<TBasePath extends string = ''> extends Restivus {
 					const args = loginCompatibility(this.bodyParams, request);
 
 					const invocation = new DDPCommon.MethodInvocation({
-						connection: {
-							// eslint-disable-next-line @typescript-eslint/no-empty-function
-							close() {},
-							httpHeaders: this.request.headers,
-							clientAddress: getRequestIP(request) || '',
-						},
+						connection: generateConnection(getRequestIP(request) || '', this.request.headers),
 					});
 
 					let auth;

apps/meteor/app/statistics/server/lib/SAUMonitor.ts

@@ -146,7 +146,7 @@ export class SAUMonitorClass {
 
 		const searchTerm = this._getSearchTerm(data);
 
-		await Sessions.insertOne({ ...data, searchTerm, createdAt: new Date() });
+		await Sessions.createOrUpdate({ ...data, searchTerm });
 	}
 
 	private async _finishSessionsFromDate(yesterday: Date, today: Date): Promise<void> {

apps/meteor/definition/externals/meteor/ddp-common.d.ts

@@ -5,6 +5,7 @@ declare module 'meteor/ddp-common' {
 		class MethodInvocation {
 			constructor(options: {
 				connection: {
+					id: string;
 					close: () => void;
 					clientAddress: string;
 					httpHeaders: Record<string, any>;

apps/meteor/server/models/raw/Sessions.ts

@@ -1431,11 +1431,15 @@ export class SessionsRaw extends BaseRaw<ISession> implements ISessionsModel {
 		};
 	}
 
+	private isValidData(data: Omit<ISession, '_id' | 'createdAt' | '_updatedAt'>): boolean {
+		return Boolean(data.year && data.month && data.day && data.sessionId && data.instanceId);
+	}
+
 	async createOrUpdate(data: Omit<ISession, '_id' | 'createdAt' | '_updatedAt'>): Promise<UpdateResult | undefined> {
 		// TODO: check if we should create a session when there is no loginToken or not
 		const { year, month, day, sessionId, instanceId } = data;
 
-		if (!year || !month || !day || !sessionId || !instanceId) {
+		if (!this.isValidData(data)) {
 			return;
 		}
 
@@ -1588,16 +1592,17 @@ export class SessionsRaw extends BaseRaw<ISession> implements ISessionsModel {
 		sessions.forEach((doc) => {
 			const { year, month, day, sessionId, instanceId } = doc;
 			delete doc._id;
-
-			ops.push({
-				updateOne: {
-					filter: { year, month, day, sessionId, instanceId },
-					update: {
-						$set: doc,
+			if (this.isValidData(doc)) {
+				ops.push({
+					updateOne: {
+						filter: { year, month, day, sessionId, instanceId },
+						update: {
+							$set: doc,
+						},
+						upsert: true,
 					},
-					upsert: true,
-				},
-			});
+				});
+			}
 		});
 
 		return this.col.bulkWrite(ops, { ordered: false });