feat: audit git ssh key regeneration (#4544)

coadler · web-flow · commit 7ec88bf84110 · 2022-10-14T16:25:46.000-05:00
diff --git a/coderd/audit.go b/coderd/audit.go
@@ -221,10 +221,18 @@ func convertAuditLog(dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog {
 }
 
 func auditLogDescription(alog database.GetAuditLogsOffsetRow) string {
-	return fmt.Sprintf("{user} %s %s {target}",
+	str := fmt.Sprintf("{user} %s %s",
 		codersdk.AuditAction(alog.Action).FriendlyString(),
 		codersdk.ResourceType(alog.ResourceType).FriendlyString(),
 	)
+
+	// We don't display the name for git ssh keys. It's fairly long and doesn't
+	// make too much sense to display.
+	if alog.ResourceType != database.ResourceTypeGitSshKey {
+		str += " {target}"
+	}
+
+	return str
 }
 
 // auditSearchQuery takes a query string and returns the auditLog filter.
diff --git a/coderd/database/databasefake/databasefake.go b/coderd/database/databasefake/databasefake.go
@@ -2676,7 +2676,7 @@ func (q *fakeQuerier) GetGitSSHKey(_ context.Context, userID uuid.UUID) (databas
 	return database.GitSSHKey{}, sql.ErrNoRows
 }
 
-func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitSSHKeyParams) error {
+func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitSSHKeyParams) (database.GitSSHKey, error) {
 	q.mutex.Lock()
 	defer q.mutex.Unlock()
 
@@ -2688,9 +2688,9 @@ func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitS
 		key.PrivateKey = arg.PrivateKey
 		key.PublicKey = arg.PublicKey
 		q.gitSSHKey[index] = key
-		return nil
+		return key, nil
 	}
-	return sql.ErrNoRows
+	return database.GitSSHKey{}, sql.ErrNoRows
 }
 
 func (q *fakeQuerier) InsertGroupMember(_ context.Context, arg database.InsertGroupMemberParams) error {
diff --git a/coderd/database/querier.go b/coderd/database/querier.go
diff --git a/coderd/database/queries.sql.go b/coderd/database/queries.sql.go
diff --git a/coderd/database/queries/gitsshkeys.sql b/coderd/database/queries/gitsshkeys.sql
@@ -18,15 +18,17 @@ FROM
 WHERE
 	user_id = $1;
 
--- name: UpdateGitSSHKey :exec
+-- name: UpdateGitSSHKey :one
 UPDATE
 	gitsshkeys
 SET
 	updated_at = $2,
 	private_key = $3,
 	public_key = $4
 WHERE
-	user_id = $1;
+	user_id = $1
+RETURNING
+	*;
 
 -- name: DeleteGitSSHKey :exec
 DELETE FROM
diff --git a/coderd/gitsshkey.go b/coderd/gitsshkey.go
@@ -3,6 +3,7 @@ package coderd
 import (
 	"net/http"
 
+	"github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/database"
 	"github.com/coder/coder/coderd/gitsshkey"
 	"github.com/coder/coder/coderd/httpapi"
@@ -12,14 +13,32 @@ import (
 )
 
 func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-	user := httpmw.UserParam(r)
+	var (
+		ctx               = r.Context()
+		user              = httpmw.UserParam(r)
+		auditor           = api.Auditor.Load()
+		aReq, commitAudit = audit.InitRequest[database.GitSSHKey](rw, &audit.RequestParams{
+			Audit:   *auditor,
+			Log:     api.Logger,
+			Request: r,
+			Action:  database.AuditActionWrite,
+		})
+	)
+	defer commitAudit()
 
 	if !api.Authorize(r, rbac.ActionUpdate, rbac.ResourceUserData.WithOwner(user.ID.String())) {
 		httpapi.ResourceNotFound(rw)
 		return
 	}
 
+	oldKey, err := api.Database.GetGitSSHKey(ctx, user.ID)
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	aReq.Old = oldKey
+
 	privateKey, publicKey, err := gitsshkey.Generate(api.SSHKeygenAlgorithm)
 	if err != nil {
 		httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
@@ -29,7 +48,7 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = api.Database.UpdateGitSSHKey(ctx, database.UpdateGitSSHKeyParams{
+	newKey, err := api.Database.UpdateGitSSHKey(ctx, database.UpdateGitSSHKeyParams{
 		UserID:     user.ID,
 		UpdatedAt:  database.Now(),
 		PrivateKey: privateKey,
@@ -43,14 +62,7 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	newKey, err := api.Database.GetGitSSHKey(ctx, user.ID)
-	if err != nil {
-		httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching user's git SSH key.",
-			Detail:  err.Error(),
-		})
-		return
-	}
+	aReq.New = newKey
 
 	httpapi.Write(ctx, rw, http.StatusOK, codersdk.GitSSHKey{
 		UserID:    newKey.UserID,
diff --git a/coderd/gitsshkey_test.go b/coderd/gitsshkey_test.go
@@ -5,9 +5,12 @@ import (
 	"testing"
 
 	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
+	"github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/coderdtest"
+	"github.com/coder/coder/coderd/database"
 	"github.com/coder/coder/coderd/gitsshkey"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/provisioner/echo"
@@ -73,8 +76,10 @@ func TestGitSSHKey(t *testing.T) {
 	})
 	t.Run("Regenerate", func(t *testing.T) {
 		t.Parallel()
+		auditor := audit.NewMock()
 		client := coderdtest.New(t, &coderdtest.Options{
 			SSHKeygenAlgorithm: gitsshkey.AlgorithmEd25519,
+			Auditor:            auditor,
 		})
 		res := coderdtest.CreateFirstUser(t, client)
 
@@ -89,6 +94,9 @@ func TestGitSSHKey(t *testing.T) {
 		require.GreaterOrEqual(t, key2.UpdatedAt, key1.UpdatedAt)
 		require.NotEmpty(t, key2.PublicKey)
 		require.NotEqual(t, key2.PublicKey, key1.PublicKey)
+
+		require.Len(t, auditor.AuditLogs, 1)
+		assert.Equal(t, database.AuditActionWrite, auditor.AuditLogs[0].Action)
 	})
 }
 
diff --git a/docs/admin/audit-logs.md b/docs/admin/audit-logs.md
@@ -7,6 +7,7 @@ their deployment.
 
 We track **create, update and delete** events for the following resources:
 
+- GitSSHKey
 - Template
 - TemplateVersion
 - Workspace

Original file line number	Diff line number	Diff line change
`@@ -221,10 +221,18 @@ func convertAuditLog(dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog {`
`221`	`221`	`}`
`222`	`222`
`223`	`223`	`func auditLogDescription(alog database.GetAuditLogsOffsetRow) string {`
`224`		`- return fmt.Sprintf("{user} %s %s {target}",`
	`224`	`+ str := fmt.Sprintf("{user} %s %s",`
`225`	`225`	`codersdk.AuditAction(alog.Action).FriendlyString(),`
`226`	`226`	`codersdk.ResourceType(alog.ResourceType).FriendlyString(),`
`227`	`227`	`)`
	`228`	`+`
	`229`	`+ // We don't display the name for git ssh keys. It's fairly long and doesn't`
	`230`	`+ // make too much sense to display.`
	`231`	`+ if alog.ResourceType != database.ResourceTypeGitSshKey {`
	`232`	`+ str += " {target}"`
	`233`	`+ }`
	`234`	`+`
	`235`	`+ return str`
`228`	`236`	`}`
`229`	`237`
`230`	`238`	`// auditSearchQuery takes a query string and returns the auditLog filter.`
Original file line number	Diff line number	Diff line change
`@@ -2676,7 +2676,7 @@ func (q *fakeQuerier) GetGitSSHKey(_ context.Context, userID uuid.UUID) (databas`
`2676`	`2676`	`return database.GitSSHKey{}, sql.ErrNoRows`
`2677`	`2677`	`}`
`2678`	`2678`
`2679`		`-func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitSSHKeyParams) error {`
	`2679`	`+func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitSSHKeyParams) (database.GitSSHKey, error) {`
`2680`	`2680`	`q.mutex.Lock()`
`2681`	`2681`	`defer q.mutex.Unlock()`
`2682`	`2682`
`@@ -2688,9 +2688,9 @@ func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitS`
`2688`	`2688`	`key.PrivateKey = arg.PrivateKey`
`2689`	`2689`	`key.PublicKey = arg.PublicKey`
`2690`	`2690`	`q.gitSSHKey[index] = key`
`2691`		`- return nil`
	`2691`	`+ return key, nil`
`2692`	`2692`	`}`
`2693`		`- return sql.ErrNoRows`
	`2693`	`+ return database.GitSSHKey{}, sql.ErrNoRows`
`2694`	`2694`	`}`
`2695`	`2695`
`2696`	`2696`	`func (q *fakeQuerier) InsertGroupMember(_ context.Context, arg database.InsertGroupMemberParams) error {`