3.6 KiB
3.6 KiB
id, title, status, assignee, created_date, updated_date, labels, dependencies, parent_task_id
| id | title | status | assignee | created_date | updated_date | labels | dependencies | parent_task_id | |
|---|---|---|---|---|---|---|---|---|---|
| task-81.3 | Create TelegramBotLogsController with admin authorization | Done |
|
2025-07-31 | 2025-07-31 | task-81 |
Description
Build the controller to provide admin-only access to Telegram bot audit logs with proper authorization and filtering capabilities
Acceptance Criteria
- TelegramBotLogsController created following existing admin patterns
- Admin-only authorization implemented (similar to GlobalStatesController)
- Index action supports filtering by user ID and date ranges
- Index action includes pagination for large datasets
- Show action displays individual log details
- Proper error handling for unauthorized access
- Controller follows Rails and project conventions
Implementation Notes
Successfully created TelegramBotLogsController with admin authorization following existing patterns:
CONTROLLER IMPLEMENTATION:
- Created TelegramBotLogsController with read-only operations (index, show)
- Follows GlobalStatesController patterns for admin authorization
- Uses Pundit policy authorization with before_action and after_action verify_authorized
- Index action includes comprehensive filtering and pagination capabilities
- Show action displays individual log details with proper error handling
AUTHORIZATION & SECURITY:
- Created TelegramBotLogPolicy following ApplicationPolicy patterns
- Admin-only access using is_real_user? && is_role_admin? checks
- Policy scope returns empty relation for non-admin users
- Proper Pundit::NotAuthorizedError handling with user-friendly redirects
- All actions protected with authorize calls
FILTERING CAPABILITIES:
- Filter by telegram_user_id (using for_user scope)
- Filter by status (success, error, no_results, invalid_image)
- Filter by date range (start_date, end_date) with proper date parsing
- Filter by search results count (min_results, max_results)
- Filter for slow requests (>1 second total processing time)
- All filters handle invalid input gracefully
PAGINATION & PERFORMANCE:
- Configurable limit (1-500 records, default 50)
- Offset-based pagination (can be upgraded to cursor-based later)
- Includes processed_image association to avoid N+1 queries
- Recent ordering by default (most recent first)
- Total count provided for pagination display
ERROR HANDLING:
- Comprehensive exception handling for both actions
- Proper logging of errors to Rails logger
- User-friendly error messages and redirects
- Graceful handling of invalid dates and malformed parameters
- RecordNotFound handling in show action
ROUTES CONFIGURATION:
- Added admin-protected routes in config/routes.rb
- Path: /telegram-bot-logs (index) and /telegram-bot-logs/:id (show)
- Properly nested within authenticate admin block
- Only index and show actions exposed (read-only audit interface)
VIEW DATA PREPARATION:
- @status_options for filter dropdowns
- @filter_params for maintaining form state
- @total_count for pagination info
- @limit and @offset for pagination controls
- All necessary data provided for rich admin interface
FILES CREATED:
- app/controllers/telegram_bot_logs_controller.rb (full controller implementation)
- app/policies/telegram_bot_log_policy.rb (admin authorization policy)
- config/routes.rb (updated with admin routes)
INTEGRATION VERIFIED:
- Sorbet type checking passes (srb tc)
- Routes properly configured and accessible
- Controller and policy instantiation successful
- Ready for view layer implementation (task-81.4)
The controller provides a complete admin interface foundation for auditing Telegram bot usage with comprehensive filtering, security, and error handling.