Add auditing of what method was used for data imports, updates, deletes #7145
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Oct 24, 2025
Merged
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR enhances the transaction audit logging system by adding detailed transaction metadata tracking. The changes introduce a new TransactionDetails field to capture contextual information about database transactions, including the source of requests, client libraries used, import options, and data iterator usage.
- Added
TransactionDetailenum to capture structured metadata about transactions - Refactored audit event constructors to use
TransactionAuditEventobjects instead of just IDs - Updated update services across the codebase to flag when DataIterator is used
- Enhanced HTTP utility methods to extract client and product information from requests
Reviewed Changes
Copilot reviewed 37 out of 37 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| TransactionAuditProvider.java | Added TransactionDetail enum and transactionDetails field/methods to TransactionAuditEvent |
| BaseViewAction.java | Added utility methods to extract transaction audit details from view context |
| HttpUtil.java | Added public methods to extract client library and referer information from requests |
| AbstractQueryUpdateService.java | Added overload of createTransactionAuditEvent accepting transaction details |
| Multiple UpdateService files | Added logic to flag DataIteratorUsed in configParameters |
| Multiple AuditEvent files | Replaced setTransactionId() with setTransactionEvent() calls |
| QueryController.java | Added auditDetails extraction and propagation through JSON commands |
| AssayRunCreator.java | Updated interface signature to accept transactionDetails parameter |
| Various implementation files | Updated method signatures and calls to propagate transactionDetails |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
api/src/org/labkey/api/assay/pipeline/AssayUploadPipelineJob.java
Outdated
Show resolved
Hide resolved
cnathe
approved these changes
Oct 31, 2025
| _forceSaveBatchProps = true; | ||
| } | ||
|
|
||
| // Do all the real work of the import |
Contributor
There was a problem hiding this comment.
minor: seems like this comment above should stay with (come right before) the call to saveExperimentRun
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rationale
This PR enhances the transaction audit logging by adding detailed transaction metadata tracking. The changes introduce a new TransactionDetails field to capture contextual information about requests, including the source of requests, client libraries used, import options, and data iterator usage.
Related Pull Requests
Changes