Audit Logs for Postgres connections opened through a data link (#9873)

- Closes #9599
- Implemented API for sending audit logs to the cloud on a background thread.
- If the Postgres connection is opened through a datalink, its internal JDBC connection is replaced by a wrapper that reports executed queries to the audit log.
- Also introduces `EnsoMeta` - a helper Java class that can be used in our helper libraries to access Enso types.
- I have replaced the common pattern scattered throughout the codebase with calls to this 'library' to avoid repetitive code.
- Refactored `Table.display` to share code between in-memory and DB - it was needed as the function stopped working for `DB_Table` after adding making the `Table` constructor `private`.
- Clearer error when reading a SQLite database from a remote file (tells the user to download it first).
- Follow up - correlate asset id of the data link:
#9869
- Follow up - include project name (once bug is fixed):
#9875
- Some problems/improvements of the audit log:
- The audit log system is not yet ready for high throughput of logs
#9870
- The logs may be lost if `System.exit` is used
#9871

CHANGELOG.md

@@ -661,6 +661,8 @@
 - [Added `Vector.build_multiple`, and better for support for errors and warnings
   inside `Vector.build` and `Vector.build_multiple`.][9766]
 - [Added `Vector.duplicates`.][9917]
+- [Log operations performed on a Postgres database connection obtained through a
+  Data Link.][9873]
 
 [debug-shortcuts]:
   https://github.com/enso-org/enso/blob/develop/app/gui/docs/product/shortcuts.md#debug
@@ -970,6 +972,7 @@
 [9750]: https://github.com/enso-org/enso/pull/9750
 [9766]: https://github.com/enso-org/enso/pull/9766
 [9917]: https://github.com/enso-org/enso/pull/9917
+[9873]: https://github.com/enso-org/enso/pull/9873
 
 #### Enso Compiler
 

distribution/lib/Standard/Base/0.0.0-dev/src/Enso_Cloud/Enso_User.enso

@@ -4,12 +4,15 @@ import project.Data.Time.Duration.Duration
 import project.Data.Vector.Vector
 import project.Enso_Cloud.Enso_File.Enso_Asset_Type
 import project.Enso_Cloud.Enso_File.Enso_File
+import project.Enso_Cloud.Errors.Not_Logged_In
+import project.Enso_Cloud.Internal.Authentication
 import project.Enso_Cloud.Internal.Utils
 import project.Error.Error
 import project.Errors.Illegal_Argument.Illegal_Argument
 import project.Network.HTTP.HTTP
 import project.Network.HTTP.HTTP_Method.HTTP_Method
 import project.Nothing.Nothing
+import project.Panic.Panic
 from project.Data.Boolean import Boolean, False, True
 from project.Enso_Cloud.Public_Utils import get_optional_field, get_required_field
 
@@ -29,12 +32,17 @@ type Enso_User
 
     ## ICON people
        Fetch the current user.
-    current : Enso_User
-    current =
+    current -> Enso_User =
         Utils.get_cached "users/me" cache_duration=(Duration.new minutes=120) <|
             json = Utils.http_request_as_json HTTP_Method.Get (Utils.cloud_root_uri + "users/me")
             Enso_User.from json
 
+    ## PRIVATE
+       Checks if the user is logged in.
+    is_logged_in -> Boolean =
+        Panic.catch Not_Logged_In handler=(_->False) <|
+            Authentication.get_access_token.is_error.not
+
     ## ICON people
        Lists all known users.
     list : Vector Enso_User

distribution/lib/Standard/Base/0.0.0-dev/src/Enso_Cloud/Internal/Audit_Log.enso

@@ -0,0 +1,37 @@
+import project.Data.Json.JS_Object
+import project.Data.Text.Text
+import project.Errors.Illegal_Argument.Illegal_Argument
+import project.Nothing.Nothing
+from project.Data.Boolean import Boolean, False, True
+
+polyglot java import org.enso.base.enso_cloud.audit.AuditLog
+
+## PRIVATE
+type Audit_Log
+    ## PRIVATE
+       Reports an event to the audit log.
+       The event is submitted asynchronously.
+
+       Arguments:
+       - event_type: The type of the event.
+       - message: The message associated with the event.
+       - metadata: Additional metadata to include with the event.
+         Note that it should be a JS object and it should _not_ contain fields
+         that are restricted. These fields are added to the metadata
+         automatically.
+       - async: Whether to submit the event asynchronously.
+         Defaults to True.
+
+       ? Restricted Fields
+
+         The following fields are added by the system and should not be included
+         in the provided metadata:
+         - `type`
+         - `operation`
+         - `localTimestamp`
+         - `projectName`
+    report_event event_type:Text message:Text (metadata:JS_Object = JS_Object.from_pairs []) (async : Boolean = True) -> Nothing =
+        Illegal_Argument.handle_java_exception <|
+            case async of
+                True -> AuditLog.logAsync event_type message metadata.object_node
+                False -> AuditLog.logSynchronously event_type message metadata.object_node

distribution/lib/Standard/Base/0.0.0-dev/src/Enso_Cloud/Public_Utils.enso

@@ -2,6 +2,7 @@ import project.Any.Any
 import project.Data.Json.JS_Object
 import project.Data.Text.Text
 import project.Enso_Cloud.Errors.Enso_Cloud_Error
+import project.Enso_Cloud.Internal.Utils
 import project.Error.Error
 import project.Meta
 import project.Nothing.Nothing
@@ -57,3 +58,11 @@ get_optional_field (key : Text) js_object (~if_missing = Nothing) (show_value :
     _ ->
         representation = if show_value then js_object.to_display_text else Meta.type_of js_object . to_display_text
         Error.throw (Enso_Cloud_Error.Invalid_Response_Payload "Expected a JSON object, but got "+representation+".")
+
+## PRIVATE
+   UNSTABLE
+   Re-exports parts of the functionality of `http_request_as_json` function that
+   is needed in tests.
+   It should not be used anywhere else and may be removed in the near future.
+cloud_http_request_for_test method url_suffix =
+    Utils.http_request_as_json method Utils.cloud_root_uri+url_suffix

distribution/lib/Standard/Base/0.0.0-dev/src/System/File_Format.enso

@@ -96,6 +96,13 @@ type File_Format
         _ = [file, on_problems]
         Unimplemented.throw "This is an interface only."
 
+    ## PRIVATE
+       Implements decoding the format from a stream.
+    read_stream : Input_Stream -> File_Format_Metadata -> Any
+    read_stream self stream:Input_Stream (metadata : File_Format_Metadata) =
+        _ = [stream, metadata]
+        Unimplemented.throw "This is an interface only."
+
     ## PRIVATE
     default_widget : Widget
     default_widget =

distribution/lib/Standard/Database/0.0.0-dev/src/Connection/Data_Link/Postgres_Data_Link.enso

@@ -45,7 +45,9 @@ type Postgres_Data_Link
     read self (format = Auto_Detect) (on_problems : Problem_Behavior) =
         _ = on_problems
         if format != Auto_Detect then Error.throw (Illegal_Argument.Error "Only the default Auto_Detect format should be used with a Postgres Data Link, because it does not point to a file resource, but a database entity, so setting a file format for it is meaningless.") else
-            default_options = Connection_Options.Value
+            # TODO add related asset id here: https://github.com/enso-org/enso/issues/9869
+            audit_mode = if Enso_User.is_logged_in then "cloud" else "local"
+            default_options = Connection_Options.Value [["enso.internal.audit", audit_mode]]
             connection = self.details.connect default_options
             case self of
                 Postgres_Data_Link.Connection _ -> connection

distribution/lib/Standard/Database/0.0.0-dev/src/Connection/SQLite_Format.enso

@@ -2,6 +2,7 @@ from Standard.Base import all
 import Standard.Base.Errors.Illegal_Argument.Illegal_Argument
 import Standard.Base.System.File.Generic.Writable_File.Writable_File
 import Standard.Base.System.File_Format_Metadata.File_Format_Metadata
+import Standard.Base.System.Input_Stream.Input_Stream
 from Standard.Base.Metadata.Choice import Option
 
 import project.Connection.Database
@@ -48,6 +49,12 @@ type SQLite_Format
         _ = [on_problems]
         Database.connect (SQLite.From_File file)
 
+    ## PRIVATE
+    read_stream : Input_Stream -> File_Format_Metadata -> Any
+    read_stream self stream metadata =
+        _ = [stream, metadata]
+        Error.throw (Illegal_Argument.Error "Cannot connect to a SQLite database backed by a stream. Save it to a local file first.")
+
 ## PRIVATE
    Based on the File Format definition at: https://www.sqlite.org/fileformat.html
 magic_header_string =

distribution/lib/Standard/Database/0.0.0-dev/src/DB_Table.enso

@@ -23,6 +23,7 @@ import Standard.Table.Internal.Add_Row_Number
 import Standard.Table.Internal.Aggregate_Column_Helper
 import Standard.Table.Internal.Column_Naming_Helper.Column_Naming_Helper
 import Standard.Table.Internal.Constant_Column.Constant_Column
+import Standard.Table.Internal.Display_Helpers
 import Standard.Table.Internal.Join_Kind_Cross.Join_Kind_Cross
 import Standard.Table.Internal.Problem_Builder.Problem_Builder
 import Standard.Table.Internal.Replace_Helpers
@@ -35,10 +36,8 @@ import Standard.Table.Internal.Widget_Helpers
 import Standard.Table.Match_Columns as Match_Columns_Helpers
 import Standard.Table.Row.Row
 from Standard.Table import Aggregate_Column, Auto, Blank_Selector, Column_Ref, Data_Formatter, Join_Condition, Join_Kind, Match_Columns, Position, Previous_Value, Report_Unmatched, Set_Mode, Simple_Expression, Sort_Column, Table, Value_Type
-from Standard.Table.Column import get_item_string, normalize_string_for_display
 from Standard.Table.Errors import all
 from Standard.Table.Internal.Filter_Condition_Helpers import make_filter_column
-from Standard.Table.Table import print_table
 
 import project.Connection.Connection.Connection
 import project.DB_Column.DB_Column
@@ -97,9 +96,12 @@ type DB_Table
          - format_terminal: whether ANSI-terminal formatting should be used
     display : Integer -> Boolean -> Text
     display self show_rows=10 format_terminal=False =
-        df = self.read max_rows=show_rows warn_if_more_rows=False
-        all_rows_count = self.row_count
-        display_dataframe df indices_count=0 all_rows_count format_terminal
+        data_fragment_with_warning = self.read max_rows=show_rows warn_if_more_rows=True
+        has_more_rows = data_fragment_with_warning.has_warnings warning_type=Not_All_Rows_Downloaded
+        data_fragment_cleared = data_fragment_with_warning.remove_warnings Not_All_Rows_Downloaded
+        # `row_count` means another Database query is performed, so we only do it if we need to.
+        all_rows_count = if has_more_rows then self.row_count else data_fragment_cleared.row_count
+        Display_Helpers.display_table table=data_fragment_cleared add_row_index=False max_rows_to_show=show_rows all_rows_count=all_rows_count format_terminal=format_terminal
 
     ## PRIVATE
        ADVANCED
@@ -2941,37 +2943,6 @@ make_table connection table_name columns ctx on_problems =
         problem_builder.attach_problems_before on_problems <|
             DB_Table.Value table_name connection cols ctx
 
-## PRIVATE
-
-   Renders an ASCII-art representation for a Table from a dataframe that
-   contains a fragment of the underlying data and count of all rows.
-
-   Arguments:
-   - df: The materialized dataframe that contains the data to be displayed, it
-     should have no indices set.
-   - indices_count: Indicates how many columns from the materialized dataframe
-     should be treated as indices in the display (index columns will be bold if
-     `format_terminal` is enabled).
-   - all_rows_count: The count of all rows in the underlying Table; if
-     `all_rows_count` is bigger than the amount of rows of `df`, an additional
-     line will be included that will say how many hidden rows there are.
-   - format_term: A boolean flag, specifying whether to use ANSI escape codes
-     for rich formatting in the terminal.
-display_dataframe : Table -> Integer -> Integer -> Boolean -> Text
-display_dataframe df indices_count all_rows_count format_terminal =
-    cols = Vector.from_polyglot_array df.java_table.getColumns
-    col_names = cols.map .getName . map normalize_string_for_display
-    col_vals = cols.map .getStorage
-    display_rows = df.row_count
-    rows = Vector.new display_rows row_num->
-        col_vals.map col->
-            if col.isNothing row_num then "Nothing" else get_item_string col row_num
-    table = print_table col_names rows indices_count format_terminal
-    if display_rows == all_rows_count then table else
-        missing_rows_count = all_rows_count - display_rows
-        missing = '\n\u2026 and ' + missing_rows_count.to_text + ' hidden rows.'
-        table + missing
-
 ## PRIVATE
    By default, join on the first column, unless it's a cross join, in which
    case there are no join conditions.

distribution/lib/Standard/Database/0.0.0-dev/src/Internal/Postgres/Postgres_Connection.enso

@@ -52,7 +52,7 @@ type Postgres_Connection
        Arguments:
        - connection: the underlying connection.
        - make_new: a function that returns a new connection.
-    Value connection make_new
+    private Value connection make_new
 
     ## ICON data_input
        Closes the connection releasing the underlying database resources
@@ -320,4 +320,3 @@ parse_postgres_encoding encoding_name =
         fallback.catch Any _->
             warning = Unsupported_Database_Encoding.Warning "The database is using an encoding ("+encoding_name.to_display_text+") that is currently not supported by Enso. Falling back to UTF-8. Column/table names may not be mapped correctly if they contain unsupported characters."
             Warning.attach warning Encoding.utf_8
-

distribution/lib/Standard/Table/0.0.0-dev/src/Column.enso

@@ -30,7 +30,6 @@ import project.Value_Type.Value_Type
 from project.Errors import Conversion_Failure, Floating_Point_Equality, Inexact_Type_Coercion, Invalid_Column_Names, Invalid_Value_Type, No_Index_Set_Error
 from project.Internal.Column_Format import all
 from project.Internal.Java_Exports import make_date_builder_adapter, make_string_builder
-from project.Table import print_table
 
 polyglot java import org.enso.base.Time_Utils
 polyglot java import org.enso.table.data.column.operation.cast.CastProblemAggregator
@@ -155,19 +154,7 @@ type Column
              example_display = Examples.integer_column.display
     display : Integer -> Boolean -> Text
     display self show_rows=10 format_terminal=False =
-        java_col = self.java_column
-        col_name = normalize_string_for_display java_col.getName
-        storage = java_col.getStorage
-        num_rows = java_col.getSize
-        display_rows = num_rows.min show_rows
-        items = Vector.new display_rows num->
-            row = if storage.isNothing num then "Nothing" else
-                get_item_string storage num
-            [num.to_text, row]
-        table = print_table ["", col_name] items 1 format_terminal
-        if num_rows - display_rows <= 0 then table else
-            missing = '\n\u2026 and ' + (num_rows - display_rows).to_text + ' hidden rows.'
-            table + missing
+        self.to_table.display show_rows format_terminal
 
     ## PRIVATE
        ADVANCED

distribution/lib/Standard/Table/0.0.0-dev/src/Internal/Display_Helpers.enso

@@ -0,0 +1,89 @@
+from Standard.Base import all
+
+import project.Table.Table
+from project.Column import get_item_string, normalize_string_for_display
+
+polyglot java import java.lang.System as Java_System
+
+## PRIVATE
+
+   Renders an ASCII-art representation for a Table from a dataframe that
+   contains a fragment of the underlying data and count of all rows.
+
+   Arguments:
+   - table: The materialized table that contains the data to be displayed.
+   - add_row_index: A boolean flag, specifying whether to display row indices.
+   - max_rows_to_show: The maximum amount of rows to display.
+   - all_rows_count: The count of all rows in the underlying Table; if
+     `all_rows_count` is bigger than the amount of rows displayed, an additional
+     line will be included that will say how many hidden rows there are.
+     Useful for remote tables where `df` contains only a fragment of the data.
+   - format_terminal: A boolean flag, specifying whether to use ANSI escape
+     codes for rich formatting in the terminal.
+display_table (table : Table) (add_row_index : Boolean) (max_rows_to_show : Integer) (all_rows_count : Integer) (format_terminal : Boolean) -> Text =
+    cols = Vector.from_polyglot_array table.java_table.getColumns
+    col_names = cols.map .getName . map normalize_string_for_display
+    col_vals = cols.map .getStorage
+    display_rows = table.row_count.min max_rows_to_show
+    rows = Vector.new display_rows row_num->
+        cols = col_vals.map col->
+            if col.isNothing row_num then "Nothing" else get_item_string col row_num
+        if add_row_index then [row_num.to_text] + cols else cols
+    table_text = case add_row_index of
+        True -> print_table [""]+col_names rows 1 format_terminal
+        False -> print_table col_names rows 0 format_terminal
+    if display_rows == all_rows_count then table_text else
+        missing_rows_count = all_rows_count - display_rows
+        missing = '\n\u2026 and ' + missing_rows_count.to_text + ' hidden rows.'
+        table_text + missing
+
+## PRIVATE
+
+   A helper function for creating an ASCII-art representation of tabular data.
+
+   Arguments:
+   - header: vector of names of columns in the table.
+   - rows: a vector of rows, where each row is a vector that contains a text
+     representation of each cell
+   - indices_count: the number specifying how many columns should be treated as
+     indices; this will make them in bold font if `format_term` is enabled.
+   - format_term: a boolean flag, specifying whether to use ANSI escape codes
+     for rich formatting in the terminal.
+print_table : Vector Text -> (Vector (Vector Text)) -> Integer -> Boolean -> Text
+print_table header rows indices_count format_term =
+    content_lengths = Vector.new header.length i->
+        max_row = 0.up_to rows.length . fold 0 a-> j-> a.max (rows.at j . at i . characters . length)
+        max_row.max (header.at i . characters . length)
+    header_line = header.zip content_lengths pad . map (ansi_bold format_term) . join ' | '
+    divider = content_lengths . map (l -> "-".repeat l+2) . join '+'
+    row_lines = rows.map r->
+        x = r.zip content_lengths pad
+        ixes = x.take (First indices_count) . map (ansi_bold format_term)
+        with_bold_ix = ixes + x.drop (First indices_count)
+        y = with_bold_ix . join ' | '
+        " " + y
+    ([" " + header_line, divider] + row_lines).join '\n'
+
+## PRIVATE
+
+   Ensures that the `txt` has at least `len` characters by appending spaces at
+   the end.
+
+   Arguments:
+   - txt: The text to pad.
+   - len: The minimum length of the text.
+pad : Text -> Integer -> Text
+pad txt len =
+    true_len = txt.characters.length
+    txt + (" ".repeat (len - true_len))
+
+## PRIVATE
+
+   Adds ANSI bold escape sequences to text if the feature is enabled.
+
+   Arguments:
+   - enabled: will insert ANSI sequences only if this flag is true and we are not on Windows.
+   - txt: The text to possibly bold.
+ansi_bold : Boolean -> Text -> Text
+ansi_bold enabled txt =
+    if enabled && (Java_System.console != Nothing) then '\e[1m' + txt + '\e[m' else txt