fix: use transactions when operations involve multiple database queries (#392)

Co-authored-by: Kyle Mendell <kmendell@ofkm.us>

backend/internal/service/audit_log_service.go

@@ -25,10 +25,10 @@ func NewAuditLogService(db *gorm.DB, appConfigService *AppConfigService, emailSe
 }
 
 // Create creates a new audit log entry in the database
-func (s *AuditLogService) Create(event model.AuditLogEvent, ipAddress, userAgent, userID string, data model.AuditLogData) model.AuditLog {
+func (s *AuditLogService) Create(ctx context.Context, event model.AuditLogEvent, ipAddress, userAgent, userID string, data model.AuditLogData, tx *gorm.DB) model.AuditLog {
 	country, city, err := s.geoliteService.GetLocationByIP(ipAddress)
 	if err != nil {
-		log.Printf("Failed to get IP location: %v\n", err)
+		log.Printf("Failed to get IP location: %v", err)
 	}
 
 	auditLog := model.AuditLog{
@@ -42,8 +42,12 @@ func (s *AuditLogService) Create(event model.AuditLogEvent, ipAddress, userAgent
 	}
 
 	// Save the audit log in the database
-	if err := s.db.Create(&auditLog).Error; err != nil {
-		log.Printf("Failed to create audit log: %v\n", err)
+	err = tx.
+		WithContext(ctx).
+		Create(&auditLog).
+		Error
+	if err != nil {
+		log.Printf("Failed to create audit log: %v", err)
 		return model.AuditLog{}
 	}
 
@@ -51,12 +55,17 @@ func (s *AuditLogService) Create(event model.AuditLogEvent, ipAddress, userAgent
 }
 
 // CreateNewSignInWithEmail creates a new audit log entry in the database and sends an email if the device hasn't been used before
-func (s *AuditLogService) CreateNewSignInWithEmail(ipAddress, userAgent, userID string) model.AuditLog {
-	createdAuditLog := s.Create(model.AuditLogEventSignIn, ipAddress, userAgent, userID, model.AuditLogData{})
+func (s *AuditLogService) CreateNewSignInWithEmail(ctx context.Context, ipAddress, userAgent, userID string, tx *gorm.DB) model.AuditLog {
+	createdAuditLog := s.Create(ctx, model.AuditLogEventSignIn, ipAddress, userAgent, userID, model.AuditLogData{}, tx)
 
 	// Count the number of times the user has logged in from the same device
 	var count int64
-	err := s.db.Model(&model.AuditLog{}).Where("user_id = ? AND ip_address = ? AND user_agent = ?", userID, ipAddress, userAgent).Count(&count).Error
+	err := tx.
+		WithContext(ctx).
+		Model(&model.AuditLog{}).
+		Where("user_id = ? AND ip_address = ? AND user_agent = ?", userID, ipAddress, userAgent).
+		Count(&count).
+		Error
 	if err != nil {
 		log.Printf("Failed to count audit logs: %v\n", err)
 		return createdAuditLog
@@ -64,11 +73,23 @@ func (s *AuditLogService) CreateNewSignInWithEmail(ipAddress, userAgent, userID
 
 	// If the user hasn't logged in from the same device before and email notifications are enabled, send an email
 	if s.appConfigService.DbConfig.EmailLoginNotificationEnabled.IsTrue() && count <= 1 {
+		// We use a background context here as this is running in a goroutine
+		//nolint:contextcheck
 		go func() {
-			var user model.User
-			s.db.Where("id = ?", userID).First(&user)
+			innerCtx := context.Background()
 
-			err := SendEmail(s.emailService, email.Address{
+			// Note we don't use the transaction here because this is running in background
+			var user model.User
+			innerErr := s.db.
+				WithContext(innerCtx).
+				Where("id = ?", userID).
+				First(&user).
+				Error
+			if innerErr != nil {
+				log.Printf("Failed to load user: %v", innerErr)
+			}
+
+			innerErr = SendEmail(innerCtx, s.emailService, email.Address{
 				Name:  user.Username,
 				Email: user.Email,
 			}, NewLoginTemplate, &NewLoginTemplateData{
@@ -78,8 +99,8 @@ func (s *AuditLogService) CreateNewSignInWithEmail(ipAddress, userAgent, userID
 				Device:    s.DeviceStringFromUserAgent(userAgent),
 				DateTime:  createdAuditLog.CreatedAt.UTC(),
 			})
-			if err != nil {
-				log.Printf("Failed to send email to '%s': %v\n", user.Email, err)
+			if innerErr != nil {
+				log.Printf("Failed to send email to '%s': %v", user.Email, innerErr)
 			}
 		}()
 	}
@@ -88,9 +109,12 @@ func (s *AuditLogService) CreateNewSignInWithEmail(ipAddress, userAgent, userID
 }
 
 // ListAuditLogsForUser retrieves all audit logs for a given user ID
-func (s *AuditLogService) ListAuditLogsForUser(userID string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.AuditLog, utils.PaginationResponse, error) {
+func (s *AuditLogService) ListAuditLogsForUser(ctx context.Context, userID string, sortedPaginationRequest utils.SortedPaginationRequest) ([]model.AuditLog, utils.PaginationResponse, error) {
 	var logs []model.AuditLog
-	query := s.db.Model(&model.AuditLog{}).Where("user_id = ?", userID)
+	query := s.db.
+		WithContext(ctx).
+		Model(&model.AuditLog{}).
+		Where("user_id = ?", userID)
 
 	pagination, err := utils.PaginateAndSort(sortedPaginationRequest, query, &logs)
 	return logs, pagination, err
@@ -162,19 +186,19 @@ func (s *AuditLogService) ListUsernamesWithIds(ctx context.Context) (users map[s
 }
 
 func (s *AuditLogService) ListClientNames(ctx context.Context) (clientNames []string, err error) {
+	dialect := s.db.Name()
 	query := s.db.
 		WithContext(ctx).
 		Model(&model.AuditLog{})
 
-	dialect := s.db.Name()
 	switch dialect {
 	case "sqlite":
 		query = query.
-			Select("DISTINCT json_extract(data, '$.clientName') as client_name").
+			Select("DISTINCT json_extract(data, '$.clientName') AS client_name").
 			Where("json_extract(data, '$.clientName') IS NOT NULL")
 	case "postgres":
 		query = query.
-			Select("DISTINCT data->>'clientName' as client_name").
+			Select("DISTINCT data->>'clientName' AS client_name").
 			Where("data->>'clientName' IS NOT NULL")
 	default:
 		return nil, fmt.Errorf("unsupported database dialect: %s", dialect)