Skip to content

Commit ab94b85

Browse files
EmyrkEmyrk
committed
Add FE unit test for audit logS
1 parent a4961b9 commit ab94b85

File tree

15 files changed

+87
-18
lines changed

15 files changed

+87
-18
lines changed

coderd/apidoc/docs.go

Lines changed: 4 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 4 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/audit.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -270,6 +270,10 @@ func auditLogDescription(alog database.GetAuditLogsOffsetRow) string {
270270
str += fmt.Sprintf(" %s",
271271
codersdk.ResourceType(alog.ResourceType).FriendlyString())
272272

273+
if alog.ResourceType == database.ResourceTypeConvertLogin {
274+
str += " to"
275+
}
276+
273277
str += " {target}"
274278

275279
return str

coderd/audit/request.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ func ResourceTarget[T Auditable](tgt T) string {
8585
case database.WorkspaceProxy:
8686
return typed.Name
8787
case database.OauthMergeState:
88-
return typed.StateString
88+
return string(typed.ToLoginType)
8989
default:
9090
panic(fmt.Sprintf("unknown resource %T", tgt))
9191
}

coderd/database/dump.sql

Lines changed: 2 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000127_merge_oidc_account.up.sql

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,3 +18,7 @@ COMMENT ON COLUMN oauth_merge_state.expires_at IS 'The time at which the state s
1818
COMMENT ON COLUMN oauth_merge_state.to_login_type IS 'The login type the user is converting to. Should be github or oidc.';
1919

2020
COMMIT;
21+
22+
23+
-- This has to be outside a transaction
24+
ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'convert_login';

coderd/database/models.go

Lines changed: 3 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/userauth.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -126,13 +126,13 @@ func (api *API) postConvertLoginType(rw http.ResponseWriter, r *http.Request) {
126126
return
127127
}
128128

129+
aReq.New = mergeState
129130
httpapi.Write(ctx, rw, http.StatusCreated, codersdk.OauthConversionResponse{
130131
StateString: mergeState.StateString,
131132
ExpiresAt: mergeState.ExpiresAt,
132133
ToLoginType: codersdk.LoginType(mergeState.ToLoginType),
133134
UserID: mergeState.UserID,
134135
})
135-
aReq.New = mergeState
136136
}
137137

138138
// Authenticates the user with an email and password.

codersdk/audit.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ const (
2323
ResourceTypeAPIKey ResourceType = "api_key"
2424
ResourceTypeGroup ResourceType = "group"
2525
ResourceTypeLicense ResourceType = "license"
26+
ResourceTypeConvertLogin ResourceType = "convert_login"
2627
)
2728

2829
func (r ResourceType) FriendlyString() string {
@@ -47,6 +48,8 @@ func (r ResourceType) FriendlyString() string {
4748
return "group"
4849
case ResourceTypeLicense:
4950
return "license"
51+
case ResourceTypeConvertLogin:
52+
return "login type conversion"
5053
default:
5154
return "unknown"
5255
}

docs/admin/audit-logs.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ We track the following resources:
1515
| Group<br><i>create, write, delete</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>avatar_url</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>members</td><td>true</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>quota_allowance</td><td>true</td></tr></tbody></table> |
1616
| GitSSHKey<br><i>create</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>private_key</td><td>true</td></tr><tr><td>public_key</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>user_id</td><td>true</td></tr></tbody></table> |
1717
| License<br><i>create, delete</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>exp</td><td>true</td></tr><tr><td>id</td><td>false</td></tr><tr><td>jwt</td><td>false</td></tr><tr><td>uploaded_at</td><td>true</td></tr><tr><td>uuid</td><td>true</td></tr></tbody></table> |
18+
| OauthMergeState<br><i></i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>true</td></tr><tr><td>expires_at</td><td>true</td></tr><tr><td>state_string</td><td>true</td></tr><tr><td>to_login_type</td><td>true</td></tr><tr><td>user_id</td><td>true</td></tr></tbody></table> |
1819
| Template<br><i>write, delete</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>active_version_id</td><td>true</td></tr><tr><td>allow_user_autostart</td><td>true</td></tr><tr><td>allow_user_autostop</td><td>true</td></tr><tr><td>allow_user_cancel_workspace_jobs</td><td>true</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>created_by</td><td>true</td></tr><tr><td>default_ttl</td><td>true</td></tr><tr><td>deleted</td><td>false</td></tr><tr><td>description</td><td>true</td></tr><tr><td>display_name</td><td>true</td></tr><tr><td>failure_ttl</td><td>true</td></tr><tr><td>group_acl</td><td>true</td></tr><tr><td>icon</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>inactivity_ttl</td><td>true</td></tr><tr><td>max_ttl</td><td>true</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>provisioner</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>user_acl</td><td>true</td></tr></tbody></table> |
1920
| TemplateVersion<br><i>create, write</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>created_by</td><td>true</td></tr><tr><td>git_auth_providers</td><td>false</td></tr><tr><td>id</td><td>true</td></tr><tr><td>job_id</td><td>false</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>readme</td><td>true</td></tr><tr><td>template_id</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr></tbody></table> |
2021
| User<br><i>create, write, delete</i> | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>avatar_url</td><td>false</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>deleted</td><td>true</td></tr><tr><td>email</td><td>true</td></tr><tr><td>hashed_password</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>last_seen_at</td><td>false</td></tr><tr><td>login_type</td><td>false</td></tr><tr><td>rbac_roles</td><td>true</td></tr><tr><td>status</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>username</td><td>true</td></tr></tbody></table> |

docs/api/schemas.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3485,6 +3485,7 @@ AuthorizationObject can represent a "set" of objects, such as: all workspaces in
34853485
| `api_key` |
34863486
| `group` |
34873487
| `license` |
3488+
| `convert_login` |
34883489

34893490
## codersdk.Response
34903491

docs/cli/server.md

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -213,16 +213,6 @@ Disable workspace apps that are not served from subdomains. Path-based apps can
213213

214214
Disable automatic session expiry bumping due to activity. This forces all sessions to become invalid after the session expiry duration has been reached.
215215

216-
### --enable-oauth-auth-conversion
217-
218-
| | |
219-
| ----------- | ------------------------------------------------------ |
220-
| Type | <code>bool</code> |
221-
| Environment | <code>$CODER_ENABLE_OAUTH_AUTH_CONVERSION</code> |
222-
| YAML | <code>networking.http.enableOauthAuthConversion</code> |
223-
224-
If enabled, users can switch from password based authentication to oauth based authentication by logging into an oidc account with the same email address.
225-
226216
### --swagger-enable
227217

228218
| | |

site/src/api/typesGenerated.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1514,6 +1514,7 @@ export const RBACResources: RBACResource[] = [
15141514
// From codersdk/audit.go
15151515
export type ResourceType =
15161516
| "api_key"
1517+
| "convert_login"
15171518
| "git_ssh_key"
15181519
| "group"
15191520
| "license"
@@ -1524,6 +1525,7 @@ export type ResourceType =
15241525
| "workspace_build"
15251526
export const ResourceTypes: ResourceType[] = [
15261527
"api_key",
1528+
"convert_login",
15271529
"git_ssh_key",
15281530
"group",
15291531
"license",

site/src/components/AuditLogRow/AuditLogDescription/AuditLogDescription.test.tsx

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import {
44
MockWorkspaceCreateAuditLogForDifferentOwner,
55
MockAuditLogSuccessfulLogin,
66
MockAuditLogUnsuccessfulLoginKnownUser,
7+
MockAuditOauthConvert,
78
} from "testHelpers/entities"
89
import { AuditLogDescription } from "./AuditLogDescription"
910
import { AuditLogRow } from "../AuditLogRow"
@@ -84,6 +85,25 @@ describe("AuditLogDescription", () => {
8485
const statusPill = screen.getByRole("status")
8586
expect(statusPill).toHaveTextContent("201")
8687
})
88+
it("renders the correct string for login type conversion", async () => {
89+
render(<AuditLogRow auditLog={MockAuditOauthConvert} />)
90+
91+
expect(
92+
screen.getByText(
93+
t("auditLog:table.logRow.description.unlinkedAuditDescription", {
94+
truncatedDescription: `${MockAuditOauthConvert.user?.username} created login type conversion to ${MockAuditOauthConvert.resource_target}`,
95+
target: "",
96+
onBehalfOf: undefined,
97+
})
98+
.replace(/<[^>]*>/g, " ")
99+
.replace(/\s{2,}/g, " ")
100+
.trim(),
101+
),
102+
).toBeInTheDocument()
103+
104+
const statusPill = screen.getByRole("status")
105+
expect(statusPill).toHaveTextContent("201")
106+
})
87107
it("renders the correct string for unsuccessful login for a known user", async () => {
88108
render(<AuditLogRow auditLog={MockAuditLogUnsuccessfulLoginKnownUser} />)
89109

site/src/testHelpers/entities.ts

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1503,6 +1503,43 @@ export const MockAuditLogGitSSH: TypesGen.AuditLog = {
15031503
},
15041504
}
15051505

1506+
export const MockAuditOauthConvert: TypesGen.AuditLog = {
1507+
...MockAuditLog,
1508+
resource_type: "convert_login",
1509+
resource_target: "oidc",
1510+
action: "create",
1511+
status_code: 201,
1512+
description: "{user} created login type conversion to {target}}",
1513+
diff: {
1514+
created_at: {
1515+
old: "0001-01-01T00:00:00Z",
1516+
new: "2023-06-20T20:44:54.243019Z",
1517+
secret: false
1518+
},
1519+
expires_at: {
1520+
old: "0001-01-01T00:00:00Z",
1521+
new: "2023-06-20T20:49:54.243019Z",
1522+
secret: false
1523+
},
1524+
state_string: {
1525+
old: "",
1526+
new: "",
1527+
secret: true
1528+
},
1529+
to_login_type: {
1530+
old: "",
1531+
new: "oidc",
1532+
secret: false
1533+
},
1534+
user_id: {
1535+
old: "",
1536+
new: "dc790496-eaec-4f88-a53f-8ce1f61a1fff",
1537+
secret: false
1538+
}
1539+
},
1540+
}
1541+
1542+
15061543
export const MockAuditLogSuccessfulLogin: TypesGen.AuditLog = {
15071544
...MockAuditLog,
15081545
resource_type: "api_key",

0 commit comments

Comments
 (0)