Ecto/Postgres/Phoenix set session variable on checkout connection

I need to set up a “audit” table in the database, where changes to records trigger an insert on some other table. Writing the trigger is not an issue.

Ideally, I would try to store also some sort of “current user” on the audit, which is known for instance in a specific plug. Here is the issue: I see no way to tell Ecto that all connections that are checked out from the pool should have an “initial” command sent like set session 'myapp.current_user' = 'abcdef12-1234-1234-12345678abcdcdef';.

The problem is threefold:

  1. How to hook into connection checkout
  2. How to ensure that the connection is not held for too much time
  3. How to pass it down for instance to a liveview (maybe it’s just a restatement of 1+2, because the liveview is long-lived, and the connection should not be held)

Does anyone have any suggestion on how to approach the problem?

Than you beforehand!!

Have your worked with context and plugs?

This How i would approach this problem first create an Accounts context then use the Plug session:

and you can use this code to access the session:

defmodule HelloWeb.PageController do
  use HelloWeb, :controller

  def index(conn, _params) do
    conn = put_session(conn, :message, "new stuff we just set in the session")
    message = get_session(conn, :message)

    text conn, message
  end
end

No you can create a function to insert it into your table.

Also if you are new to phoenix the documentation may be a bit scary at first. So don’t be afraid to ask questions or clarifications on my response.

I will gladly try to help you, even though I am new to this framework too.

Well, the issue was not to put data in plug’s session but to put data in the database’s one.

I have been suggested that it cannot be done automatically, but I have to implement some function taking a block, which ensures that the initial statement (setting a session variable), the block and the eventual cleanup is executed in the same connection.

There was a talk at ElixirConf about preemptively configuring queréis based on this, but I cannot seem to find a video for it.

If you need videos my search was successful and found a lot but that specific one eludes me as well.

In any case if you want eleixir conf videos this is what I found https://www.youtube.com/results?search_query=elixir+conf
Maybe this might help:

1 Like

The hex.pm source has a really good audit logging implementation that is worth looking at. I’ve been running a (heavily modified) variant of it in production for the last couple of years and it hasn’t failed me yet. It has a Task-based audit function that can be used for writing to the audit log on reads. I’m sure it wouldn’t be hard to write your error handling to use the audit function if, say, a multi operation failed.

2 Likes

This might be related to that conference talk you mentioned earlier

BusinessAuditLog

This is a simple microservice developed to complement my talk about Phoenix Framework. The main purpose of this microservice is storing audit log messages about business relevant events happening in an imaginary distributed system.

Thank everyone for te suggestions.

First point is that I really don’t want elixir to have the responsibility of writing the audits. If a record in a table changes because of action of an external system (or direct interaction through psql) I still want to audit the change.

I’m already doing the same for ids and timestamps. They are managed by the database in triggers.

So the only thing elixir has to do is to tell the database who is the “current responsible” of the changes.

I think that making an Ecto.Multi call hidden behind something like MyRepo.with_current_user(id_or_name) do ... end is the most likely solution. I just hope that all the team remember to always wrap any write in said block.

Or even tell the database to prevent any change unless the “current responsible” variable is set!!!

You can create custom validations for changesets https://medium.com/@QuantLayer/more-custom-validations-for-ecto-changesets-17f3641be2a0.

Then the insert happens only if certain conditions are met.

def changeset(audit, params \\ %{}) do
    audit
    |> cast(params, [:user_id])
    |> validate_required([:user_id])
    |> get_current_user()
  end

defp get_current_user do
 # your code goes here
end

I’m not sure if this is a good way of doing it, but you could create a custom repo module, and require the user id to be passed along:

defmodule MyApp.AuditedRepo do
  alias MyApp.Repo

  @spec insert(Ecto.Changeset.t(), binary() | nil, keyword()) :: {:ok, map()} | {:error, Ecto.Changeset.t()}
  def insert(changeset, user_id, opts \\ []) do
    Repo.transaction(fn ->
      # set session here
      Repo.insert(changeset, opts)
    end)
  end

  # all other methods, e.g. using defdelegate for the actions that doesn't need user id
end

So in the context methods you’ll have to pass along the user id:

defmodule MyApp.Posts do
  alias MyApp.{AuditedRepo, Posts.Post}

  def create_post(user_id, attrs) do
    %Post{}
    |> Post.changeset(attrs)
    |> AuditedRepo.insert(user_id)
  end

  # ...
end

Or add audited_insert to the default repo:

defmodule MyApp.Repo do
  # ... use Ecto.Repo, blah blah
  
  defp audited(op, %User{} = user, args) do
    transaction(fn ->
      query("set session 'myapp.current_user' = '#{user.id}';")
      apply(__MODULE__, op, args)
    end)
  end

  def audited_insert(changeset, user, opts \\ []) do
    audited(:insert, user, [changeset, opts])
  end
  
  # ... no need for defedelegates
end
1 Like

Thank you, this is the most interesting approach.