Skip to content

Commit 867c054

Browse files
coadlerpull[bot]
coadler
authored and
pull[bot]
committed
fix(enterprise): ensure audit log json fields are formatted correctly (#9397)
1 parent 95b29d7 commit 867c054

File tree

3 files changed

+86
-11
lines changed

3 files changed

+86
-11
lines changed

enterprise/audit/audittest/rand.go

+8-7
Original file line numberDiff line numberDiff line change
@@ -23,12 +23,13 @@ func RandomLog() database.AuditLog {
2323
IPNet: *inet,
2424
Valid: true,
2525
},
26-
UserAgent: sql.NullString{String: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36", Valid: true},
27-
ResourceType: database.ResourceTypeOrganization,
28-
ResourceID: uuid.New(),
29-
ResourceTarget: "colin's organization",
30-
Action: database.AuditActionDelete,
31-
Diff: []byte("{}"),
32-
StatusCode: http.StatusNoContent,
26+
UserAgent: sql.NullString{String: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36", Valid: true},
27+
ResourceType: database.ResourceTypeOrganization,
28+
ResourceID: uuid.New(),
29+
ResourceTarget: "colin's organization",
30+
Action: database.AuditActionDelete,
31+
Diff: []byte("{}"),
32+
StatusCode: http.StatusNoContent,
33+
AdditionalFields: []byte("{}"),
3334
}
3435
}

enterprise/audit/backends/slog.go

+19-4
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,10 @@ package backends
22

33
import (
44
"context"
5+
"database/sql"
56

67
"github.com/fatih/structs"
8+
"github.com/sqlc-dev/pqtype"
79

810
"cdr.dev/slog"
911
"github.com/coder/coder/v2/coderd/database"
@@ -15,24 +17,37 @@ type slogBackend struct {
1517
}
1618

1719
func NewSlog(logger slog.Logger) audit.Backend {
18-
return slogBackend{log: logger}
20+
return &slogBackend{log: logger}
1921
}
2022

21-
func (slogBackend) Decision() audit.FilterDecision {
23+
func (*slogBackend) Decision() audit.FilterDecision {
2224
return audit.FilterDecisionExport
2325
}
2426

25-
func (b slogBackend) Export(ctx context.Context, alog database.AuditLog) error {
27+
func (b *slogBackend) Export(ctx context.Context, alog database.AuditLog) error {
2628
// We don't use structs.Map because we don't want to recursively convert
2729
// fields into maps. When we keep the type information, slog can more
2830
// pleasantly format the output. For example, the clean result of
2931
// (*NullString).Value() may be printed instead of {String: "foo", Valid: true}.
3032
sfs := structs.Fields(alog)
3133
var fields []any
3234
for _, sf := range sfs {
33-
fields = append(fields, slog.F(sf.Name(), sf.Value()))
35+
fields = append(fields, b.fieldToSlog(sf))
3436
}
3537

3638
b.log.Info(ctx, "audit_log", fields...)
3739
return nil
3840
}
41+
42+
func (*slogBackend) fieldToSlog(field *structs.Field) slog.Field {
43+
val := field.Value()
44+
45+
switch ty := field.Value().(type) {
46+
case pqtype.Inet:
47+
val = ty.IPNet.IP.String()
48+
case sql.NullString:
49+
val = ty.String
50+
}
51+
52+
return slog.F(field.Name(), val)
53+
}

enterprise/audit/backends/slog_test.go

+59
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,24 @@
11
package backends_test
22

33
import (
4+
"bytes"
45
"context"
6+
"database/sql"
7+
"encoding/json"
8+
"net"
9+
"net/http"
510
"testing"
11+
"time"
612

713
"github.com/fatih/structs"
14+
"github.com/google/uuid"
15+
"github.com/sqlc-dev/pqtype"
16+
"github.com/stretchr/testify/assert"
817
"github.com/stretchr/testify/require"
918

1019
"cdr.dev/slog"
20+
"cdr.dev/slog/sloggers/slogjson"
21+
"github.com/coder/coder/v2/coderd/database"
1122
"github.com/coder/coder/v2/enterprise/audit/audittest"
1223
"github.com/coder/coder/v2/enterprise/audit/backends"
1324
)
@@ -34,6 +45,54 @@ func TestSlogBackend(t *testing.T) {
3445
require.Equal(t, sink.entries[0].Message, "audit_log")
3546
require.Len(t, sink.entries[0].Fields, len(structs.Fields(alog)))
3647
})
48+
49+
t.Run("FormatsCorrectly", func(t *testing.T) {
50+
t.Parallel()
51+
52+
var (
53+
ctx, cancel = context.WithCancel(context.Background())
54+
55+
buf = bytes.NewBuffer(nil)
56+
logger = slog.Make(slogjson.Sink(buf))
57+
backend = backends.NewSlog(logger)
58+
59+
_, inet, _ = net.ParseCIDR("127.0.0.1/32")
60+
alog = database.AuditLog{
61+
ID: uuid.UUID{1},
62+
Time: time.Unix(1257894000, 0),
63+
UserID: uuid.UUID{2},
64+
OrganizationID: uuid.UUID{3},
65+
Ip: pqtype.Inet{
66+
IPNet: *inet,
67+
Valid: true,
68+
},
69+
UserAgent: sql.NullString{String: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36", Valid: true},
70+
ResourceType: database.ResourceTypeOrganization,
71+
ResourceID: uuid.UUID{4},
72+
ResourceTarget: "colin's organization",
73+
ResourceIcon: "photo.png",
74+
Action: database.AuditActionDelete,
75+
Diff: []byte(`{"1": 2}`),
76+
StatusCode: http.StatusNoContent,
77+
AdditionalFields: []byte(`{"name":"doug","species":"cat"}`),
78+
RequestID: uuid.UUID{5},
79+
}
80+
)
81+
defer cancel()
82+
83+
err := backend.Export(ctx, alog)
84+
require.NoError(t, err)
85+
logger.Sync()
86+
87+
s := struct {
88+
Fields json.RawMessage `json:"fields"`
89+
}{}
90+
err = json.Unmarshal(buf.Bytes(), &s)
91+
require.NoError(t, err)
92+
93+
expected := `{"ID":"01000000-0000-0000-0000-000000000000","Time":"2009-11-10T23:00:00Z","UserID":"02000000-0000-0000-0000-000000000000","OrganizationID":"03000000-0000-0000-0000-000000000000","Ip":"127.0.0.1","UserAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36","ResourceType":"organization","ResourceID":"04000000-0000-0000-0000-000000000000","ResourceTarget":"colin's organization","Action":"delete","Diff":{"1":2},"StatusCode":204,"AdditionalFields":{"name":"doug","species":"cat"},"RequestID":"05000000-0000-0000-0000-000000000000","ResourceIcon":"photo.png"}`
94+
assert.Equal(t, expected, string(s.Fields))
95+
})
3796
}
3897

3998
type fakeSink struct {

0 commit comments

Comments
 (0)