Skip to content

Commit d9eab84

Browse files
deansheatherdeansheather
committed
fix: ensure date_from and date_to are applied correct audit logs
1 parent 27f04e1 commit d9eab84

File tree

4 files changed

+52
-2
lines changed

4 files changed

+52
-2
lines changed

coderd/audit.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,8 @@ func (api *API) auditLogCount(rw http.ResponseWriter, r *http.Request) {
8686
Action: filter.Action,
8787
Username: filter.Username,
8888
Email: filter.Email,
89+
DateFrom: filter.DateFrom,
90+
DateTo: filter.DateTo,
8991
})
9092
if err != nil {
9193
httpapi.InternalServerError(rw, err)

coderd/database/databasefake/databasefake.go

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2995,6 +2995,16 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu
29952995
continue
29962996
}
29972997
}
2998+
if arg.DateFrom != (time.Time{}) {
2999+
if alog.Time.Before(arg.DateFrom) {
3000+
continue
3001+
}
3002+
}
3003+
if arg.DateTo != (time.Time{}) {
3004+
if alog.Time.After(arg.DateTo) {
3005+
continue
3006+
}
3007+
}
29983008

29993009
user, err := q.GetUserByID(ctx, alog.UserID)
30003010
userValid := err == nil
@@ -3057,6 +3067,16 @@ func (q *fakeQuerier) GetAuditLogCount(_ context.Context, arg database.GetAuditL
30573067
continue
30583068
}
30593069
}
3070+
if arg.DateFrom != (time.Time{}) {
3071+
if alog.Time.Before(arg.DateFrom) {
3072+
continue
3073+
}
3074+
}
3075+
if arg.DateTo != (time.Time{}) {
3076+
if alog.Time.After(arg.DateTo) {
3077+
continue
3078+
}
3079+
}
30603080

30613081
logs = append(logs, alog)
30623082
}

coderd/database/queries.sql.go

Lines changed: 17 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries/auditlogs.sql

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ SELECT
1111
users.avatar_url AS user_avatar_url
1212
FROM
1313
audit_logs
14-
LEFT JOIN
14+
LEFT JOIN
1515
users ON audit_logs.user_id = users.id
1616
WHERE
1717
-- Filter resource_type
@@ -110,6 +110,18 @@ WHERE
110110
WHEN @email :: text != '' THEN
111111
user_id = (SELECT id from users WHERE users.email = @email )
112112
ELSE true
113+
END
114+
-- Filter by date_from
115+
AND CASE
116+
WHEN @date_from :: timestamp with time zone != '0001-01-01 00:00:00' THEN
117+
"time" >= @date_from
118+
ELSE true
119+
END
120+
-- Filter by date_to
121+
AND CASE
122+
WHEN @date_to :: timestamp with time zone != '0001-01-01 00:00:00' THEN
123+
"time" <= @date_to
124+
ELSE true
113125
END;
114126

115127
-- name: InsertAuditLog :one

0 commit comments

Comments
 (0)