Skip to content

Commit 6d19f4e

Browse files
EmyrkEmyrk
committed
chore: insert audit log entries for organization CRUD
1 parent 1369002 commit 6d19f4e

File tree

4 files changed

+39
-4
lines changed

4 files changed

+39
-4
lines changed

coderd/audit/diff.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,8 @@ type Auditable interface {
2323
database.OAuth2ProviderApp |
2424
database.OAuth2ProviderAppSecret |
2525
database.CustomRole |
26-
database.AuditableOrganizationMember
26+
database.AuditableOrganizationMember |
27+
database.Organization
2728
}
2829

2930
// Map is a map of changed fields in an audited resource. It maps field names to

coderd/audit/request.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,8 @@ func ResourceTarget[T Auditable](tgt T) string {
107107
return typed.Name
108108
case database.AuditableOrganizationMember:
109109
return typed.Username
110+
case database.Organization:
111+
return typed.Name
110112
default:
111113
panic(fmt.Sprintf("unknown resource %T for ResourceTarget", tgt))
112114
}
@@ -148,6 +150,8 @@ func ResourceID[T Auditable](tgt T) uuid.UUID {
148150
return typed.ID
149151
case database.AuditableOrganizationMember:
150152
return typed.UserID
153+
case database.Organization:
154+
return typed.ID
151155
default:
152156
panic(fmt.Sprintf("unknown resource %T for ResourceID", tgt))
153157
}
@@ -187,6 +191,8 @@ func ResourceType[T Auditable](tgt T) database.ResourceType {
187191
return database.ResourceTypeCustomRole
188192
case database.AuditableOrganizationMember:
189193
return database.ResourceTypeOrganizationMember
194+
case database.Organization:
195+
return database.ResourceTypeOrganization
190196
default:
191197
panic(fmt.Sprintf("unknown resource %T for ResourceType", typed))
192198
}
@@ -227,6 +233,8 @@ func ResourceRequiresOrgID[T Auditable]() bool {
227233
return true
228234
case database.AuditableOrganizationMember:
229235
return true
236+
case database.Organization:
237+
return true
230238
default:
231239
panic(fmt.Sprintf("unknown resource %T for ResourceRequiresOrgID", tgt))
232240
}

coderd/organizations.go

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99
"github.com/google/uuid"
1010
"golang.org/x/xerrors"
1111

12+
"github.com/coder/coder/v2/coderd/audit"
1213
"github.com/coder/coder/v2/coderd/database"
1314
"github.com/coder/coder/v2/coderd/database/dbtime"
1415
"github.com/coder/coder/v2/coderd/httpapi"
@@ -41,8 +42,22 @@ func (*API) organization(rw http.ResponseWriter, r *http.Request) {
4142
// @Success 201 {object} codersdk.Organization
4243
// @Router /organizations [post]
4344
func (api *API) postOrganizations(rw http.ResponseWriter, r *http.Request) {
44-
ctx := r.Context()
45-
apiKey := httpmw.APIKey(r)
45+
var (
46+
// organizationID is required before the audit log entry is created.
47+
organizationID = uuid.New()
48+
ctx = r.Context()
49+
apiKey = httpmw.APIKey(r)
50+
auditor = api.Auditor.Load()
51+
aReq, commitAudit = audit.InitRequest[database.Organization](rw, &audit.RequestParams{
52+
Audit: *auditor,
53+
Log: api.Logger,
54+
Request: r,
55+
Action: database.AuditActionCreate,
56+
OrganizationID: organizationID,
57+
})
58+
)
59+
aReq.Old = database.Organization{}
60+
defer commitAudit()
4661

4762
var req codersdk.CreateOrganizationRequest
4863
if !httpapi.Read(ctx, rw, r, &req) {
@@ -78,7 +93,7 @@ func (api *API) postOrganizations(rw http.ResponseWriter, r *http.Request) {
7893
}
7994

8095
organization, err = tx.InsertOrganization(ctx, database.InsertOrganizationParams{
81-
ID: uuid.New(),
96+
ID: organizationID,
8297
Name: req.Name,
8398
DisplayName: req.DisplayName,
8499
Description: req.Description,
@@ -119,6 +134,7 @@ func (api *API) postOrganizations(rw http.ResponseWriter, r *http.Request) {
119134
return
120135
}
121136

137+
aReq.New = organization
122138
httpapi.Write(ctx, rw, http.StatusCreated, convertOrganization(organization))
123139
}
124140

enterprise/audit/table.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -254,6 +254,16 @@ var auditableResourcesTypes = map[any]map[string]Action{
254254
"app_id": ActionIgnore,
255255
"secret_prefix": ActionIgnore,
256256
},
257+
&database.Organization{}: {
258+
"id": ActionIgnore,
259+
"name": ActionTrack,
260+
"description": ActionTrack,
261+
"created_at": ActionIgnore,
262+
"updated_at": ActionTrack,
263+
"is_default": ActionTrack,
264+
"display_name": ActionTrack,
265+
"icon": ActionTrack,
266+
},
257267
}
258268

259269
// auditMap converts a map of struct pointers to a map of struct names as

0 commit comments

Comments
 (0)