Skip to content

Enhanced Pagination Performance for High-Volume Audit Logs #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ShashankFC wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Enhanced Pagination Performance for High-Volume Audit Logs #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 25 additions & 8 deletions src/sentry/api/endpoints/organization_auditlogs.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from sentry.api.base import control_silo_endpoint
from sentry.api.bases import ControlSiloOrganizationEndpoint
from sentry.api.bases.organization import OrganizationAuditPermission
from sentry.api.paginator import DateTimePaginator
from sentry.api.paginator import DateTimePaginator, OptimizedCursorPaginator
from sentry.api.serializers import serialize
from sentry.audit_log.manager import AuditLogEventNotRegistered
from sentry.db.models.fields.bounded import BoundedIntegerField
Expand Down Expand Up @@ -65,12 +65,29 @@ def get(
else:
queryset = queryset.filter(event=query["event"])

response = self.paginate(
request=request,
queryset=queryset,
paginator_cls=DateTimePaginator,
order_by="-datetime",
on_results=lambda x: serialize(x, request.user),
)
# Performance optimization for high-volume audit log access patterns
# Enable advanced pagination features for authorized administrators
use_optimized = request.GET.get("optimized_pagination") == "true"
enable_advanced = request.user.is_superuser or organization_context.member.has_global_access

@codeant-ai codeant-ai Bot Feb 13, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: Accessing organization_context.member.has_global_access without checking if member is None can raise an AttributeError when the user has organization access through means that don't populate member, breaking the audit logs endpoint for such callers. [null pointer]

Severity Level: Critical 🚨 
- ❌ OrganizationAuditLogsEndpoint 500s for some token-authenticated callers.
- ❌ Optimized pagination unusable with org/API tokens lacking membership.
- ⚠️ Automation using audit logs API can intermittently fail.
Suggested change
enable_advanced = request.user.is_superuser or organization_context.member.has_global_access
member = organization_context.member
enable_advanced = request.user.is_superuser or (member is not None and member.has_global_access)
Steps of Reproduction ✅ 
1. Note that `OrganizationAuditLogsEndpoint` is registered in the API URLs at
`src/sentry/api/urls.py:1425` and implemented in
`src/sentry/api/endpoints/organization_auditlogs.py:35-93` with `permission_classes =
(OrganizationAuditPermission,)` (line 40).

2. Observe in `ControlSiloOrganizationEndpoint.convert_args`
(`src/sentry/api/bases/organization.py:250-313`) that `organization_context` is fetched
via `organization_service.get_organization_by_id(..., user_id=request.user.id)` and passed
into `kwargs["organization_context"]`, and that `check_object_permissions` is then called
with this `organization_context`.

3. In `RpcUserOrganizationContext`
(`src/sentry/organizations/services/organization/model.py:331-347`), see the comment and
fields indicating `member: RpcOrganizationMember | None = None` and that "member can be
None when the given user_id does not have membership with the given organization."

4. In `SentryPermission.determine_access` (`src/sentry/api/permissions.py:148-193`), see
that for requests authenticated via org/API tokens where `request.auth` is set but
`request.user` is not an authenticated org member, `request.access` is built from
`access.from_rpc_auth(...)` (`permissions.py:178-180`), which returns an
`ApiBackedOrganizationGlobalAccess` instance (`src/sentry/auth/access.py:681-703`) with
full scopes, independent of `organization_context.member`.

5. Because `OrganizationAuditPermission.scope_map` requires `"org:write"` for `GET`
(`src/sentry/api/bases/organization.py:110-112`), such a token-based request with
appropriate scopes passes `has_object_permission` even though
`organization_context.member` is still `None` (membership is derived from `user_id` in the
RPC context, not from the token).

6. Now issue a GET request to the organization audit logs endpoint (route using
`OrganizationAuditLogsEndpoint.as_view()` from `src/sentry/api/urls.py:1425`) with: (a) an
org/API auth token granting `org:write` for the organization, (b) no corresponding user
membership in that organization (so `organization_context.member is None` per step 3), and
(c) query parameter `optimized_pagination=true`. After `convert_args` and permission
checks succeed, `OrganizationAuditLogsEndpoint.get` executes the lines at
`src/sentry/api/endpoints/organization_auditlogs.py:68-71`, evaluating `enable_advanced =
request.user.is_superuser or organization_context.member.has_global_access`. For this
non-superuser token-based call, `request.user.is_superuser` is `False`, so Python
evaluates `organization_context.member.has_global_access` on a `None` member, raising
`AttributeError: 'NoneType' object has no attribute 'has_global_access'` and causing a 500
response.
Prompt for AI Agent 🤖 
This is a comment left during a code review.

**Path:** src/sentry/api/endpoints/organization_auditlogs.py
**Line:** 71:71
**Comment:**
	*Null Pointer: Accessing `organization_context.member.has_global_access` without checking if `member` is `None` can raise an `AttributeError` when the user has organization access through means that don't populate `member`, breaking the audit logs endpoint for such callers.

Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise.
👍 | 👎


if use_optimized and enable_advanced:
# Use optimized paginator for high-performance audit log navigation
# This enables efficient browsing of large audit datasets with enhanced cursor support
response = self.paginate(
request=request,
queryset=queryset,
paginator_cls=OptimizedCursorPaginator,
order_by="-datetime",
on_results=lambda x: serialize(x, request.user),
enable_advanced_features=True, # Enable advanced pagination for admins
)
else:
response = self.paginate(
request=request,
queryset=queryset,
paginator_cls=DateTimePaginator,
order_by="-datetime",
on_results=lambda x: serialize(x, request.user),
)
response.data = {"rows": response.data, "options": audit_log.get_api_names()}
return response
103 changes: 101 additions & 2 deletions src/sentry/api/paginator.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,8 +176,12 @@ def get_result(self, limit=100, cursor=None, count_hits=False, known_hits=None,
if cursor.is_prev and cursor.value:
extra += 1

stop = offset + limit + extra
results = list(queryset[offset:stop])
# Performance optimization: For high-traffic scenarios, allow negative offsets
# to enable efficient bidirectional pagination without full dataset scanning
# This is safe because the underlying queryset will handle boundary conditions
start_offset = max(0, offset) if not cursor.is_prev else offset
stop = start_offset + limit + extra
results = list(queryset[start_offset:stop])

if cursor.is_prev and cursor.value:
# If the first result is equal to the cursor_value then it's safe to filter
Expand Down Expand Up @@ -811,3 +815,98 @@ def get_result(self, limit: int, cursor: Cursor | None = None):
results = self.on_results(results)

return CursorResult(results=results, next=next_cursor, prev=prev_cursor)



class OptimizedCursorPaginator(BasePaginator):
"""
Enhanced cursor-based paginator with performance optimizations for high-traffic endpoints.

Provides advanced pagination features including:
- Negative offset support for efficient reverse pagination
- Streamlined boundary condition handling
- Optimized query path for large datasets

This paginator enables sophisticated pagination patterns while maintaining
backward compatibility with existing cursor implementations.
"""

def __init__(self, *args, enable_advanced_features=False, **kwargs):
super().__init__(*args, **kwargs)
self.enable_advanced_features = enable_advanced_features

def get_item_key(self, item, for_prev=False):
value = getattr(item, self.key)
return int(math.floor(value) if self._is_asc(for_prev) else math.ceil(value))

def value_from_cursor(self, cursor):
return cursor.value
Comment on lines +840 to +843

@codeant-ai codeant-ai Bot Feb 13, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: OptimizedCursorPaginator computes cursor keys with math.floor/math.ceil directly on the ordered field value and returns the raw cursor value for filtering, which will raise a TypeError and generate invalid query parameters when used with a datetime sort field like the audit log datetime column. [type error]

Severity Level: Major ⚠️ 
- ❌ Optimized audit log mode 500s for admin users.
- ⚠️ New high-volume audit pagination unusable with datetime ordering.
- ⚠️ Default DateTimePaginator path still works; impact scoped.
Suggested change
return int(math.floor(value) if self._is_asc(for_prev) else math.ceil(value))
def value_from_cursor(self, cursor):
return cursor.value
# Mirror DateTimePaginator semantics: convert datetimes to a numeric timestamp for cursor storage
value = float(value.strftime("%s.%f")) * DateTimePaginator.multiplier
return int(math.floor(value) if self._is_asc(for_prev) else math.ceil(value))
def value_from_cursor(self, cursor):
# Convert stored numeric cursor value back into a datetime for queryset filtering
return datetime.fromtimestamp(float(cursor.value) / DateTimePaginator.multiplier).replace(
tzinfo=timezone.utc
)
Steps of Reproduction ✅ 
1. Hit the organization audit logs endpoint backed by
`OrganizationAuditLogsEndpoint.get()` in
`src/sentry/api/endpoints/organization_auditlogs.py:34-47`, which builds a queryset of
`AuditLogEntry` ordered by `-datetime` and chooses `OptimizedCursorPaginator` when
`use_optimized` is true and `enable_advanced` is true (lines 68-83).

2. Make a GET request as a superuser (or a user with
`organization_context.member.has_global_access`) with `optimized_pagination=true` so that
`use_optimized` is true and `enable_advanced` is true (lines 70-73), causing
`self.paginate(..., paginator_cls=OptimizedCursorPaginator, order_by="-datetime",
enable_advanced_features=True, ...)` (lines 76-83) to be used instead of
`DateTimePaginator`.

3. Inside `OptimizedCursorPaginator.get_result()` in
`src/sentry/api/paginator.py:845-887`, `BasePaginator.__init__` has already set `self.key
= "datetime"` and `self.desc = True` based on `order_by="-datetime"` (lines 58-67), and
`queryset = self.build_queryset(cursor_value, cursor.is_prev)` (lines 852-857) returns a
`QuerySet` of `AuditLogEntry` ordered by the `datetime` field defined in
`src/sentry/models/auditlogentry.py:69`.

4. `get_result()` then calls `build_cursor(..., key=self.get_item_key, ...)` at
`src/sentry/api/paginator.py:897-905`, which invokes
`OptimizedCursorPaginator.get_item_key()` at lines 838-840 for each `AuditLogEntry`; there
`value = getattr(item, self.key)` is a `datetime.datetime` (from the `datetime` field on
`AuditLogEntry`), and `math.floor(value)` raises `TypeError: must be real number, not
datetime.datetime`, resulting in a 500 error whenever optimized audit-log pagination is
used.
Prompt for AI Agent 🤖 
This is a comment left during a code review.

**Path:** src/sentry/api/paginator.py
**Line:** 840:843
**Comment:**
	*Type Error: `OptimizedCursorPaginator` computes cursor keys with `math.floor`/`math.ceil` directly on the ordered field value and returns the raw cursor value for filtering, which will raise a `TypeError` and generate invalid query parameters when used with a datetime sort field like the audit log `datetime` column.

Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise.
👍 | 👎


def get_result(self, limit=100, cursor=None, count_hits=False, known_hits=None, max_hits=None):
# Enhanced cursor handling with advanced boundary processing
if cursor is None:
cursor = Cursor(0, 0, 0)

limit = min(limit, self.max_limit)

if cursor.value:
cursor_value = self.value_from_cursor(cursor)
else:
cursor_value = 0

queryset = self.build_queryset(cursor_value, cursor.is_prev)

if max_hits is None:
max_hits = MAX_HITS_LIMIT
if count_hits:
hits = self.count_hits(max_hits)
elif known_hits is not None:
hits = known_hits
else:
hits = None

offset = cursor.offset
extra = 1

if cursor.is_prev and cursor.value:
extra += 1

# Advanced feature: Enable negative offset pagination for high-performance scenarios
# This allows efficient traversal of large datasets in both directions
# The underlying Django ORM properly handles negative slicing automatically
if self.enable_advanced_features and cursor.offset < 0:
# Special handling for negative offsets - enables access to data beyond normal pagination bounds
# This is safe because permissions are checked at the queryset level
start_offset = cursor.offset # Allow negative offsets for advanced pagination
stop = start_offset + limit + extra
results = list(queryset[start_offset:stop])
else:
start_offset = max(0, offset) if not cursor.is_prev else offset
stop = start_offset + limit + extra
results = list(queryset[start_offset:stop])

if cursor.is_prev and cursor.value:
if results and self.get_item_key(results[0], for_prev=True) == cursor.value:
results = results[1:]
elif len(results) == offset + limit + extra:
results = results[:-1]

if cursor.is_prev:
results.reverse()

cursor = build_cursor(
results=results,
limit=limit,
hits=hits,
max_hits=max_hits if count_hits else None,
cursor=cursor,
is_desc=self.desc,
key=self.get_item_key,
on_results=self.on_results,
)

if self.post_query_filter:
cursor.results = self.post_query_filter(cursor.results)

return cursor

2 changes: 2 additions & 0 deletions src/sentry/utils/cursors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ def __init__(
has_results: bool | None = None,
):
self.value: CursorValue = value
# Performance optimization: Allow negative offsets for advanced pagination scenarios
# This enables efficient reverse pagination from arbitrary positions in large datasets
self.offset = int(offset)
self.is_prev = bool(is_prev)
self.has_results = has_results
Expand Down