diff --git a/coderd/audit.go b/coderd/audit.go index 986ba97504960..9fccb49ddfcd9 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -2,6 +2,7 @@ package coderd import ( "encoding/json" + "fmt" "net" "net/http" "net/netip" @@ -167,7 +168,14 @@ func convertAuditLog(dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog { Diff: diff, StatusCode: dblog.StatusCode, AdditionalFields: dblog.AdditionalFields, - Description: "", + Description: auditLogDescription(dblog), User: user, } } + +func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { + return fmt.Sprintf("{user} %s %s {target}", + codersdk.AuditAction(alog.Action).FriendlyString(), + codersdk.ResourceType(alog.ResourceType).FriendlyString(), + ) +} diff --git a/coderd/database/databasefake/databasefake.go b/coderd/database/databasefake/databasefake.go index e08fe7eaf1011..8ef1be0355e9e 100644 --- a/coderd/database/databasefake/databasefake.go +++ b/coderd/database/databasefake/databasefake.go @@ -2308,7 +2308,7 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu OrganizationID: alog.OrganizationID, Ip: alog.Ip, UserAgent: alog.UserAgent, - ResourceType: database.ResourceType(alog.UserAgent), + ResourceType: alog.ResourceType, ResourceID: alog.ResourceID, ResourceTarget: alog.ResourceTarget, ResourceIcon: alog.ResourceIcon, diff --git a/coderd/database/dump.sql b/coderd/database/dump.sql index 420179c7ea9d8..c6b4d9ca15c7d 100644 --- a/coderd/database/dump.sql +++ b/coderd/database/dump.sql @@ -73,7 +73,9 @@ CREATE TYPE resource_type AS ENUM ( 'template', 'template_version', 'user', - 'workspace' + 'workspace', + 'git_ssh_key', + 'api_key' ); CREATE TYPE user_status AS ENUM ( diff --git a/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql b/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql index 75b99db54da22..18c6bc637b2d8 100644 --- a/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql +++ b/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql @@ -1,9 +1,9 @@ -- It's not possible to drop enum values from enum types, so the UP has "IF NOT -- EXISTS". --- Delete all jobs that use the new enum value. +-- Delete all audit logs that use the new enum values. DELETE FROM - provisioner_jobs + audit_logs WHERE - type = 'template_version_dry_run' -; + resource_type = 'git_ssh_key' OR + resource_type = 'api_key'; diff --git a/coderd/database/migrations/000046_more_resource_types.down.sql b/coderd/database/migrations/000046_more_resource_types.down.sql new file mode 100644 index 0000000000000..8feca5a8871d4 --- /dev/null +++ b/coderd/database/migrations/000046_more_resource_types.down.sql @@ -0,0 +1,8 @@ +-- It's not possible to drop enum values from enum types, so the UP has "IF NOT +-- EXISTS". + +-- Delete all jobs that use the new enum value. +DELETE FROM + provisioner_jobs +WHERE + type = 'template_version_dry_run'; diff --git a/coderd/database/migrations/000046_more_resource_types.up.sql b/coderd/database/migrations/000046_more_resource_types.up.sql new file mode 100644 index 0000000000000..2e7dc30665fc1 --- /dev/null +++ b/coderd/database/migrations/000046_more_resource_types.up.sql @@ -0,0 +1,2 @@ +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'git_ssh_key'; +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'api_key'; diff --git a/coderd/database/models.go b/coderd/database/models.go index 020bb4bdc8b70..f5cf7fab97de2 100644 --- a/coderd/database/models.go +++ b/coderd/database/models.go @@ -258,6 +258,8 @@ const ( ResourceTypeTemplateVersion ResourceType = "template_version" ResourceTypeUser ResourceType = "user" ResourceTypeWorkspace ResourceType = "workspace" + ResourceTypeGitSshKey ResourceType = "git_ssh_key" + ResourceTypeApiKey ResourceType = "api_key" ) func (e *ResourceType) Scan(src interface{}) error { diff --git a/codersdk/audit.go b/codersdk/audit.go index a1b37ab1b0f76..fd26fe58ec0e9 100644 --- a/codersdk/audit.go +++ b/codersdk/audit.go @@ -18,8 +18,31 @@ const ( ResourceTypeTemplateVersion ResourceType = "template_version" ResourceTypeUser ResourceType = "user" ResourceTypeWorkspace ResourceType = "workspace" + ResourceTypeGitSSHKey ResourceType = "git_ssh_key" + ResourceTypeAPIKey ResourceType = "api_key" ) +func (r ResourceType) FriendlyString() string { + switch r { + case ResourceTypeOrganization: + return "organization" + case ResourceTypeTemplate: + return "template" + case ResourceTypeTemplateVersion: + return "template version" + case ResourceTypeUser: + return "user" + case ResourceTypeWorkspace: + return "workspace" + case ResourceTypeGitSSHKey: + return "git ssh key" + case ResourceTypeAPIKey: + return "api key" + default: + return "unknown" + } +} + type AuditAction string const ( @@ -28,6 +51,19 @@ const ( AuditActionDelete AuditAction = "delete" ) +func (a AuditAction) FriendlyString() string { + switch a { + case AuditActionCreate: + return "created" + case AuditActionWrite: + return "updated" + case AuditActionDelete: + return "deleted" + default: + return "unknown" + } +} + type AuditDiff map[string]AuditDiffField type AuditDiffField struct { diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index 3b8dc43af2aea..175cdf63a54d8 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -692,7 +692,14 @@ export type ProvisionerStorageMethod = "file" export type ProvisionerType = "echo" | "terraform" // From codersdk/audit.go -export type ResourceType = "organization" | "template" | "template_version" | "user" | "workspace" +export type ResourceType = + | "api_key" + | "git_ssh_key" + | "organization" + | "template" + | "template_version" + | "user" + | "workspace" // From codersdk/users.go export type UserStatus = "active" | "suspended" diff --git a/site/src/components/AuditLogRow/AuditLogRow.tsx b/site/src/components/AuditLogRow/AuditLogRow.tsx index 1974956c05303..6805ed87d880f 100644 --- a/site/src/components/AuditLogRow/AuditLogRow.tsx +++ b/site/src/components/AuditLogRow/AuditLogRow.tsx @@ -38,6 +38,8 @@ const resourceLabelByResourceType: Record = { template_version: "template version", user: "user", workspace: "workspace", + git_ssh_key: "git ssh key", + api_key: "api key", } const readableActionMessage = (auditLog: AuditLog) => {