fix(api): Hide internal attributes in events and cross-trace queries#116094
Closed
nsdeschenes wants to merge 8 commits into
Closed
fix(api): Hide internal attributes in events and cross-trace queries#116094nsdeschenes wants to merge 8 commits into
nsdeschenes wants to merge 8 commits into
Conversation
Add a shared helper for hiding internal Sentry convention attributes from API surfaces and let SearchResolver track attributes hidden by API visibility configuration. This keeps default resolver behavior unchanged unless an API caller opts into visibility enforcement.
Apply API attribute visibility checks when the events endpoint queries RPC datasets. This prevents non-staff users from selecting internal attributes with field params and receiving their values. Co-Authored-By: OpenAI Codex <noreply@openai.com>
Apply the same API attribute visibility checks to the events-timeseries RPC path. Return an empty timeseries response instead of querying hidden internal attributes for non-staff users. Co-Authored-By: OpenAI Codex <noreply@openai.com>
Return empty timeseries metadata when API visibility hides requested attributes, and type resolver visibility options explicitly so backend typing accepts the config calls. Co-Authored-By: Codex <noreply@openai.com>
Rename the hidden-attribute metadata variable so mypy does not see two typed definitions for final_meta in the same function scope. Co-Authored-By: Codex <codex@openai.com>
Propagate hidden API attribute markers from cross-trace resolvers back to the primary resolver so table and bulk table queries return empty results instead of dispatching RPCs. Resolve cross-trace query visibility using the target trace item type for span, log, metric, and occurrence filters. Add regression coverage for non-staff cross-trace filters on internal span and log attributes. Co-Authored-By: Codex <noreply@openai.com>
Add regression coverage that cross-trace occurrence filters resolve API attribute visibility with the occurrence item type instead of the primary spans item type. Co-Authored-By: Codex <noreply@openai.com>
Use the trace item type from the resolver's column definitions for API attribute visibility checks. This keeps dataset-specific resolvers from applying a mismatched primary request item type. Add coverage for log resolvers receiving a spans visibility config. Co-Authored-By: Codex <noreply@openai.com>
github-actions
Bot
added
the
Scope: Backend
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e480b18. Configure here.
| request_context_pairs.append( | ||
| (query.name, table_request, cls.build_rpc_table_row_context(query)) | ||
| ) | ||
| responses = snuba_rpc.table_rpc( |
Contributor
There was a problem hiding this comment.
Table RPC skips hidden short-circuit
High Severity
This change adds has_hidden_api_attributes() guards before Snuba in bulk table and plain timeseries paths, but _run_table_query still always calls snuba_rpc.table_rpc after resolution. Organization events and top-events timeseries table steps use that path, so non-staff queries touching hidden internal fields or cross-trace filters can still return real data instead of the empty results the new tests expect.
Reviewed by Cursor Bugbot for commit e480b18. Configure here.
Contributor
Backend Test FailuresFailures on
|
Contributor
Author
|
Closing out in favour of a clean slate. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
organization_eventsandorganization_events_timeseriesendpoints — queries on hidden internal attributes return empty results for non-staff usersget_cross_trace_queriesto accept the fullSearchResolverinstead of config + params, propagating hidden attribute markers from cross-trace sub-resolvers back to the primary resolverhas_hidden_api_attributes()short-circuit in bothrun_table_queryandrun_bulk_table_queryto avoid dispatching RPCsDepends on #116091
Test plan
test_organization_events_span_indexed.py,test_organization_events_timeseries_spans.py,test_organization_events_cross_trace.py, andtest_rpc_dataset_common.pytest_ourlogs.pyCloses TODO