bug(srql): Inconsistent Error Handling for Filters #666

New issue

Closed

opened 2026-03-28 04:27:12 +00:00 by mfreeman451 · 0 comments

mfreeman451 commented

2026-03-28 04:27:12 +00:00

Owner

Imported from GitHub.

Original GitHub issue: #2049
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/issues/2049
Original created: 2025-12-03T06:11:34Z

2. Major: Inconsistent Error Handling for Filters

File: src/query/events.rs vs src/query/devices.rs

There is a logic inconsistency in how unknown fields are handled.

Devices (devices.rs): If a user requests a field that doesn't exist, you return ServiceError::InvalidRequest("unsupported filter field...").

Events (events.rs): You have a catch-all _ => {} match arm in apply_filter.

// src/query/events.rs
match filter.field.as_str() {
    "id" => { ... }
    // ... cases ...
    _ => {} // <--- Silent failure
}

Impact: If a user typos a query (in:events severty:error), the API will silently ignore the filter and return all events, potentially leaking data or confusing the user.
Recommendation: Remove the _ => {} catch-all in events.rs and logs.rs and return an explicit error, matching the behavior in devices.rs.

Imported from GitHub. Original GitHub issue: #2049 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/issues/2049 Original created: 2025-12-03T06:11:34Z --- ### 2. Major: Inconsistent Error Handling for Filters **File:** `src/query/events.rs` vs `src/query/devices.rs` There is a logic inconsistency in how unknown fields are handled. * **Devices (`devices.rs`):** If a user requests a field that doesn't exist, you return `ServiceError::InvalidRequest("unsupported filter field...")`. * **Events (`events.rs`):** You have a catch-all `_ => {}` match arm in `apply_filter`. ```rust // src/query/events.rs match filter.field.as_str() { "id" => { ... } // ... cases ... _ => {} // <--- Silent failure } ``` * **Impact:** If a user typos a query (`in:events severty:error`), the API will silently ignore the filter and return *all* events, potentially leaking data or confusing the user. * **Recommendation:** Remove the `_ => {}` catch-all in `events.rs` and `logs.rs` and return an explicit error, matching the behavior in `devices.rs`.