From af63c44c183c32a8843eb5faeb1dfb519b014c87 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Wed, 7 Sep 2022 14:46:59 -0500 Subject: [PATCH 1/4] feat: add description to audit log responses --- coderd/audit.go | 10 +++++- coderd/audit_test.go | 2 ++ coderd/database/databasefake/databasefake.go | 2 +- coderd/database/dump.sql | 4 ++- ...0018_provisioner_job_type_dry_run.down.sql | 8 ++--- .../000045_more_resource_types.down.sql | 8 +++++ .../000045_more_resource_types.up.sql | 2 ++ coderd/database/models.go | 2 ++ codersdk/audit.go | 36 +++++++++++++++++++ site/src/api/typesGenerated.ts | 9 ++++- 10 files changed, 75 insertions(+), 8 deletions(-) create mode 100644 coderd/database/migrations/000045_more_resource_types.down.sql create mode 100644 coderd/database/migrations/000045_more_resource_types.up.sql diff --git a/coderd/audit.go b/coderd/audit.go index 986ba97504960..9fccb49ddfcd9 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -2,6 +2,7 @@ package coderd import ( "encoding/json" + "fmt" "net" "net/http" "net/netip" @@ -167,7 +168,14 @@ func convertAuditLog(dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog { Diff: diff, StatusCode: dblog.StatusCode, AdditionalFields: dblog.AdditionalFields, - Description: "", + Description: auditLogDescription(dblog), User: user, } } + +func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { + return fmt.Sprintf("{user} %s %s {target}", + codersdk.AuditAction(alog.Action).FriendlyString(), + codersdk.ResourceType(alog.ResourceType).FriendlyString(), + ) +} diff --git a/coderd/audit_test.go b/coderd/audit_test.go index f2050df93585f..1599577ba1bbe 100644 --- a/coderd/audit_test.go +++ b/coderd/audit_test.go @@ -4,6 +4,7 @@ import ( "context" "testing" + "github.com/davecgh/go-spew/spew" "github.com/stretchr/testify/require" "github.com/coder/coder/coderd/coderdtest" @@ -29,6 +30,7 @@ func TestAuditLogs(t *testing.T) { alogs, err := client.AuditLogs(ctx, codersdk.Pagination{Limit: 1}) require.NoError(t, err) + spew.Dump(alogs.AuditLogs) require.Equal(t, int64(1), count.Count) require.Len(t, alogs.AuditLogs, 1) }) diff --git a/coderd/database/databasefake/databasefake.go b/coderd/database/databasefake/databasefake.go index 588c96fa8de53..99e52b4af9b0f 100644 --- a/coderd/database/databasefake/databasefake.go +++ b/coderd/database/databasefake/databasefake.go @@ -2325,7 +2325,7 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu OrganizationID: alog.OrganizationID, Ip: alog.Ip, UserAgent: alog.UserAgent, - ResourceType: database.ResourceType(alog.UserAgent), + ResourceType: alog.ResourceType, ResourceID: alog.ResourceID, ResourceTarget: alog.ResourceTarget, ResourceIcon: alog.ResourceIcon, diff --git a/coderd/database/dump.sql b/coderd/database/dump.sql index 3e04f19cef06e..684a25afed104 100644 --- a/coderd/database/dump.sql +++ b/coderd/database/dump.sql @@ -73,7 +73,9 @@ CREATE TYPE resource_type AS ENUM ( 'template', 'template_version', 'user', - 'workspace' + 'workspace', + 'git_ssh_key', + 'api_key' ); CREATE TYPE user_status AS ENUM ( diff --git a/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql b/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql index 75b99db54da22..18c6bc637b2d8 100644 --- a/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql +++ b/coderd/database/migrations/000018_provisioner_job_type_dry_run.down.sql @@ -1,9 +1,9 @@ -- It's not possible to drop enum values from enum types, so the UP has "IF NOT -- EXISTS". --- Delete all jobs that use the new enum value. +-- Delete all audit logs that use the new enum values. DELETE FROM - provisioner_jobs + audit_logs WHERE - type = 'template_version_dry_run' -; + resource_type = 'git_ssh_key' OR + resource_type = 'api_key'; diff --git a/coderd/database/migrations/000045_more_resource_types.down.sql b/coderd/database/migrations/000045_more_resource_types.down.sql new file mode 100644 index 0000000000000..8feca5a8871d4 --- /dev/null +++ b/coderd/database/migrations/000045_more_resource_types.down.sql @@ -0,0 +1,8 @@ +-- It's not possible to drop enum values from enum types, so the UP has "IF NOT +-- EXISTS". + +-- Delete all jobs that use the new enum value. +DELETE FROM + provisioner_jobs +WHERE + type = 'template_version_dry_run'; diff --git a/coderd/database/migrations/000045_more_resource_types.up.sql b/coderd/database/migrations/000045_more_resource_types.up.sql new file mode 100644 index 0000000000000..2e7dc30665fc1 --- /dev/null +++ b/coderd/database/migrations/000045_more_resource_types.up.sql @@ -0,0 +1,2 @@ +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'git_ssh_key'; +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'api_key'; diff --git a/coderd/database/models.go b/coderd/database/models.go index 4c220f21e230c..b97e9a5e7d514 100644 --- a/coderd/database/models.go +++ b/coderd/database/models.go @@ -258,6 +258,8 @@ const ( ResourceTypeTemplateVersion ResourceType = "template_version" ResourceTypeUser ResourceType = "user" ResourceTypeWorkspace ResourceType = "workspace" + ResourceTypeGitSshKey ResourceType = "git_ssh_key" + ResourceTypeApiKey ResourceType = "api_key" ) func (e *ResourceType) Scan(src interface{}) error { diff --git a/codersdk/audit.go b/codersdk/audit.go index a1b37ab1b0f76..fd26fe58ec0e9 100644 --- a/codersdk/audit.go +++ b/codersdk/audit.go @@ -18,8 +18,31 @@ const ( ResourceTypeTemplateVersion ResourceType = "template_version" ResourceTypeUser ResourceType = "user" ResourceTypeWorkspace ResourceType = "workspace" + ResourceTypeGitSSHKey ResourceType = "git_ssh_key" + ResourceTypeAPIKey ResourceType = "api_key" ) +func (r ResourceType) FriendlyString() string { + switch r { + case ResourceTypeOrganization: + return "organization" + case ResourceTypeTemplate: + return "template" + case ResourceTypeTemplateVersion: + return "template version" + case ResourceTypeUser: + return "user" + case ResourceTypeWorkspace: + return "workspace" + case ResourceTypeGitSSHKey: + return "git ssh key" + case ResourceTypeAPIKey: + return "api key" + default: + return "unknown" + } +} + type AuditAction string const ( @@ -28,6 +51,19 @@ const ( AuditActionDelete AuditAction = "delete" ) +func (a AuditAction) FriendlyString() string { + switch a { + case AuditActionCreate: + return "created" + case AuditActionWrite: + return "updated" + case AuditActionDelete: + return "deleted" + default: + return "unknown" + } +} + type AuditDiff map[string]AuditDiffField type AuditDiffField struct { diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index 21bace379c564..30dfb1d43f061 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -693,7 +693,14 @@ export type ProvisionerStorageMethod = "file" export type ProvisionerType = "echo" | "terraform" // From codersdk/audit.go -export type ResourceType = "organization" | "template" | "template_version" | "user" | "workspace" +export type ResourceType = + | "api_key" + | "git_ssh_key" + | "organization" + | "template" + | "template_version" + | "user" + | "workspace" // From codersdk/users.go export type UserStatus = "active" | "suspended" From 83ed5a96762b49ba47c3cd5c4e54840f1d3597b5 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Wed, 7 Sep 2022 18:55:51 -0500 Subject: [PATCH 2/4] bump migration number --- ...esource_types.down.sql => 000046_more_resource_types.down.sql} | 0 ...re_resource_types.up.sql => 000046_more_resource_types.up.sql} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename coderd/database/migrations/{000045_more_resource_types.down.sql => 000046_more_resource_types.down.sql} (100%) rename coderd/database/migrations/{000045_more_resource_types.up.sql => 000046_more_resource_types.up.sql} (100%) diff --git a/coderd/database/migrations/000045_more_resource_types.down.sql b/coderd/database/migrations/000046_more_resource_types.down.sql similarity index 100% rename from coderd/database/migrations/000045_more_resource_types.down.sql rename to coderd/database/migrations/000046_more_resource_types.down.sql diff --git a/coderd/database/migrations/000045_more_resource_types.up.sql b/coderd/database/migrations/000046_more_resource_types.up.sql similarity index 100% rename from coderd/database/migrations/000045_more_resource_types.up.sql rename to coderd/database/migrations/000046_more_resource_types.up.sql From dc543a383a40f49cbd2887e8de3910a25f97cc73 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Wed, 7 Sep 2022 18:56:45 -0500 Subject: [PATCH 3/4] fixup! bump migration number --- coderd/audit_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/coderd/audit_test.go b/coderd/audit_test.go index 1599577ba1bbe..f2050df93585f 100644 --- a/coderd/audit_test.go +++ b/coderd/audit_test.go @@ -4,7 +4,6 @@ import ( "context" "testing" - "github.com/davecgh/go-spew/spew" "github.com/stretchr/testify/require" "github.com/coder/coder/coderd/coderdtest" @@ -30,7 +29,6 @@ func TestAuditLogs(t *testing.T) { alogs, err := client.AuditLogs(ctx, codersdk.Pagination{Limit: 1}) require.NoError(t, err) - spew.Dump(alogs.AuditLogs) require.Equal(t, int64(1), count.Count) require.Len(t, alogs.AuditLogs, 1) }) From d50484566cb681b897211b7dddf5443e29953b77 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Wed, 7 Sep 2022 22:48:03 -0500 Subject: [PATCH 4/4] fixup! bump migration number --- site/src/components/AuditLogRow/AuditLogRow.tsx | 2 ++ 1 file changed, 2 insertions(+) diff --git a/site/src/components/AuditLogRow/AuditLogRow.tsx b/site/src/components/AuditLogRow/AuditLogRow.tsx index 1974956c05303..6805ed87d880f 100644 --- a/site/src/components/AuditLogRow/AuditLogRow.tsx +++ b/site/src/components/AuditLogRow/AuditLogRow.tsx @@ -38,6 +38,8 @@ const resourceLabelByResourceType: Record = { template_version: "template version", user: "user", workspace: "workspace", + git_ssh_key: "git ssh key", + api_key: "api key", } const readableActionMessage = (auditLog: AuditLog) => {