django integration: filtering transactions by user staff / url param

[wsantos]

Problem Statement

I'm trying to give more chances for our team and PM's to enable trace/profile dynamically on production, for that I'd need to check if the path has a url param, and for extra safety I want to check if the user us authenticated and staff.

Solution Brainstorm

I tried to use the trace_sampler function, but I couldn't find a way to access the request so I can't know if the user us authenticated and staff, the url param seems easy, is there a way to do it? I see that maybe I can do it inside before_send, but that will spend time doing the work and drop it at end.

Do you guys have any suggestions on how to archive that?

Thanks in advance.

[antonpirker]

Do I understand this correct: When one of your PMs or team members are using our production system, the sample rate for traces should be for example 80% and if "normal" users use your production system the sample rate should be for example 0.1%?

Sentry creates the transactions (that thing that form the trace) as early as possible in the request-response-cycle. And the decision if that transaction is sampled or not (using also your traces_sampler) is also done at the beginning when creating this transaction (called head-based sampling)

So I think you are out of luck accessing Djangos request object, because it might now have been created yet.

But, in the traces_sampler you get a sampling_context parameter. And in there is sampling_context["wsgi_environ"] that contains the HTTP headers and cookies of the HTTP request.

So you could set a cookie for your staff in production and then check for that cookie in the traces sampler.
Hope this helps!

[interDist]

I had a similar issue (with the need to distinguish between authenticated and non-authenticated requests) and ended up implementing an additional custom cookie. Looks like this or a custom header (if all your "interesting" requests are XHR/Fetch) are the only solution.