[ 
https://issues.apache.org/jira/browse/UNOMI-958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18094515#comment-18094515
 ] 

Serge Huber commented on UNOMI-958:
-----------------------------------

h2. Implementation in progress

PR: [https://github.com/apache/unomi/pull/811|#811 UNOMI-958: Extend tenant 
usage API and add event retention purge]

Branch {{UNOMI-958-usage-rest}} · pushed · awaiting CI / merge.

h3. Delivered scope (expanded beyond original ticket)

* {{GET /cxs/tenants/{tenantId}/usage}} — monthly event counts, scope totals, 
per-scope segment/rule breakdown, active API key count, {{periodStart}} / 
{{periodEnd}}; {{period=current-month}} (default), {{YYYY-MM}}, legacy {{24h}}
* {{POST /cxs/tenants/{tenantId}/purge/events?retentionDays=N}} — tenant-scoped 
event retention purge (minimum 7 days)
* Removed unreleased {{ResourceQuota}}, {{TenantQuotaService}}, 
{{TenantMonitoringService}}; consolidated into {{TenantUsageService}}
* {{@RequiresTenant}} on tenant-scoped REST routes; SecurityFilter class/method 
role resolution
* Multitenancy manual updated

h3. Tests

* {{TenantUsageServiceImplTest}} — 19 tests
* {{TenantEndpointTest}} — 7 tests (new)
* {{TenantIT}} — usage + purge integration coverage (CI)

h3. Follow-up after merge

Close this ticket as Fixed with link to #811. Quota *enforcement* remains 
upstream (gateway / control plane); Unomi only *measures* and exposes purge for 
retention.

> Operators cannot read per-tenant usage through the Unomi REST API
> -----------------------------------------------------------------
>
>                 Key: UNOMI-958
>                 URL: https://issues.apache.org/jira/browse/UNOMI-958
>             Project: Apache Unomi
>          Issue Type: Sub-task
>          Components: unomi(-core)
>    Affects Versions: unomi-3.1.0
>            Reporter: Serge Huber
>            Priority: Major
>             Fix For: unomi-3.1.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> h2. Summary
> Multi-tenant operators and upstream control planes cannot read per-tenant 
> usage (profiles, storage, API volume) from Unomi over REST. Limits should be 
> enforced above Unomi, but there is no supported REST API to measure usage per 
> tenant.
> h2. What is going wrong today
> * Usage is collected in background services but not exposed on REST endpoints.
> * Documentation refers to monitoring endpoints (e.g. API call counts) that 
> are not implemented.
> * Quota-related code (limits on \{{Tenant}}, \{{TenantQuotaService}}) 
> suggests Unomi enforces limits, but nothing blocks operations — misleading 
> dead code.
> * Upstream gateways or billing systems cannot poll Unomi for per-tenant usage 
> to enforce plans (profile caps, request limits, etc.).
> h2. Impact
> * Platform teams must query the search backend directly or build custom 
> tooling.
> * Product quotas cannot be enforced consistently at the layer above Unomi 
> without a supported usage API.
> * Contributors may assume \{{ResourceQuota}} on \{{Tenant}} is enforced 
> inside Unomi when it is not.
> h2. Who is affected
> * Operators running shared multi-tenant Unomi clusters
> * Teams building a control plane or API gateway in front of Unomi
> h2. What good would look like
> * Unomi exposes *read-only* per-tenant usage via REST: \{{GET 
> /cxs/tenants/\{tenantId\}/usage}} (optional \{{period}} query param, e.g. 
> \{{24h}}).
> * Response includes profiles, events, segments, rules, storage, and requests 
> for the requested period, plus \{{collectedAt}} so callers know metrics are 
> cached/refreshed.
> * Endpoint is protected with existing tenant access rules (tenant admin for 
> own tenant; platform admin for any tenant).
> * In-Unomi *quota enforcement* is removed or clearly deprecated; limits 
> remain the responsibility of the layer above.
> * \{{ResourceQuota}} on \{{Tenant}} is deprecated or removed so operators are 
> not misled.
> * \{{TenantQuotaService}} is removed; monitoring consolidated into a single 
> usage service (evolve \{{TenantMonitoringService}}).
> * Multi-tenancy manual updated: usage REST API documented; enforcement 
> described as upstream responsibility.
> * Integration test covers the REST usage endpoint for at least one tenant 
> with known data.
> h2. Out of scope
> * GraphQL usage exposure (separate follow-up ticket).
> * Enforcing profile, request, or storage limits inside Unomi.
> * Storing plan limits on \{{Tenant}} unless kept strictly as non-enforced 
> metadata (prefer removal).
> * Exact N+1 profile rejection on implicit profile creation via 
> \{{/context.json}}.
> h2. Context
> * Follows PR 4 ([#809|https://github.com/apache/unomi/pull/809]): UNOMI-941, 
> UNOMI-938, UNOMI-942 (TenantService robustness + per-tenant count accuracy).
> * PR 5 remains UNOMI-943 (migration scripts). This ticket is a follow-up PR 
> after PR 4 merge.
> * Architectural decision: Unomi *measures* via REST; control plane / gateway 
> *enforces*.
> {panel:title=Technical notes (for implementers)|borderStyle=solid}
> * Remove \{{TenantQuotaService}} and blueprint wiring.
> * Evolve \{{TenantMonitoringService}} → \{{TenantUsageService}} in \{{api}} 
> with \{{TenantUsage}} DTO.
> * Add route on \{{TenantEndpoint}}: \{{GET /tenants/\{tenantId\}/usage}} with 
> \{{@RequiresTenant}}.
> * Request counting: lightweight per-tenant counter on REST path (in-memory 
> buckets for period), not persisted \{{apiCall}} items unless needed later.
> * \{{calculateStorageSize}}: expose document count clearly; add 
> \{{sizeBytes}} only when implemented correctly.
> * Deprecate/remove \{{ResourceQuota}}; update \{{TenantIT}} and shell CRUD 
> accordingly.
> {panel}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to