updated dash

internal/crowdsec/lapi.go

@@ -113,7 +113,9 @@ type DecisionFilter struct {
 // ListDecisions returns decisions matching the filter.
 func (c *LAPIClient) ListDecisions(ctx context.Context, f DecisionFilter) ([]Decision, error) {
 	q := url.Values{}
-	q.Set("limit", strconv.Itoa(max(f.Limit, 100)))
+	if f.Limit > 0 {
+		q.Set("limit", strconv.Itoa(f.Limit))
+	}
 	if f.Offset > 0 {
 		q.Set("offset", strconv.Itoa(f.Offset))
 	}
@@ -210,11 +212,15 @@ type AlertFilter struct {
 }
 
 // ListAlerts returns alerts matching the filter.
+// LAPI has no offset param — we fetch offset+limit items and slice in Go.
 func (c *LAPIClient) ListAlerts(ctx context.Context, f AlertFilter) ([]Alert, error) {
 	q := url.Values{}
-	q.Set("limit", strconv.Itoa(max(f.Limit, 100)))
+	fetchLimit := f.Limit
 	if f.Offset > 0 {
-		q.Set("offset", strconv.Itoa(f.Offset))
+		fetchLimit = f.Offset + f.Limit
+	}
+	if fetchLimit > 0 {
+		q.Set("limit", strconv.Itoa(fetchLimit))
 	}
 	if f.Scenario != "" {
 		q.Set("scenario", f.Scenario)
@@ -234,6 +240,12 @@ func (c *LAPIClient) ListAlerts(ctx context.Context, f AlertFilter) ([]Alert, er
 	if alerts == nil {
 		alerts = []Alert{}
 	}
+	if f.Offset > 0 {
+		if f.Offset >= len(alerts) {
+			return []Alert{}, nil
+		}
+		alerts = alerts[f.Offset:]
+	}
 	return alerts, nil
 }
 
@@ -279,6 +291,14 @@ func isUnauthorized(err error) bool {
 	return false
 }
 
+// IsForbidden reports whether err is a 403 response from the LAPI.
+func IsForbidden(err error) bool {
+	if e, ok := err.(*lapiError); ok {
+		return e.status == http.StatusForbidden
+	}
+	return false
+}
+
 func (c *LAPIClient) doJSONOnce(ctx context.Context, method, path string, reqBody, respBody any) error {
 	var bodyReader io.Reader
 	if reqBody != nil {
@@ -328,10 +348,3 @@ func (c *LAPIClient) setAuth(r *http.Request) {
 		r.Header.Set("Authorization", "Bearer "+token)
 	}
 }
-
-func max(a, b int) int {
-	if a > b {
-		return a
-	}
-	return b
-}