From cfe5dd097678e80ac0ce661ee6e921cc76d7499b Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Tue, 18 Oct 2022 21:41:56 +0000 Subject: [PATCH 01/12] adding workspace_build resource --- coderd/audit.go | 2 ++ coderd/audit/diff.go | 3 ++- coderd/audit/request.go | 6 ++++++ coderd/workspacebuilds.go | 28 +++++++++++++++++++++++----- codersdk/audit.go | 3 +++ enterprise/audit/table.go | 14 ++++++++++++++ 6 files changed, 50 insertions(+), 6 deletions(-) diff --git a/coderd/audit.go b/coderd/audit.go index 5002bb6960c58..fc4e16490d3ba 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -288,6 +288,8 @@ func resourceTypeFromString(resourceTypeString string) string { return resourceTypeString case codersdk.ResourceTypeWorkspace: return resourceTypeString + case codersdk.ResourceTypeWorkspaceBuild: + return resourceTypeString case codersdk.ResourceTypeGitSSHKey: return resourceTypeString case codersdk.ResourceTypeAPIKey: diff --git a/coderd/audit/diff.go b/coderd/audit/diff.go index 42a67e92a8559..44d5014fb03a1 100644 --- a/coderd/audit/diff.go +++ b/coderd/audit/diff.go @@ -16,7 +16,8 @@ type Auditable interface { database.User | database.Workspace | database.GitSSHKey | - database.Group + database.Group | + database.WorkspaceBuild } // Map is a map of changed fields in an audited resource. It maps field names to diff --git a/coderd/audit/request.go b/coderd/audit/request.go index f330b321cd1ec..f64f9e9912fdd 100644 --- a/coderd/audit/request.go +++ b/coderd/audit/request.go @@ -43,6 +43,8 @@ func ResourceTarget[T Auditable](tgt T) string { return typed.Username case database.Workspace: return typed.Name + case database.WorkspaceBuild: + return string(typed.Transition) case database.GitSSHKey: return typed.PublicKey case database.Group: @@ -64,6 +66,8 @@ func ResourceID[T Auditable](tgt T) uuid.UUID { return typed.ID case database.Workspace: return typed.ID + case database.WorkspaceBuild: + return typed.ID case database.GitSSHKey: return typed.UserID case database.Group: @@ -85,6 +89,8 @@ func ResourceType[T Auditable](tgt T) database.ResourceType { return database.ResourceTypeUser case database.Workspace: return database.ResourceTypeWorkspace + case database.WorkspaceBuild: + return database.ResourceTypeWorkspaceBuild case database.GitSSHKey: return database.ResourceTypeGitSshKey case database.Group: diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index dc89f576b5484..31e7423d1e6ae 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -278,10 +278,11 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { return } - // we only want to create audit logs for delete builds right now + auditor := api.Auditor.Load() + + // if user deletes a workspace, audit the workspace if action == rbac.ActionDelete { var ( - auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ Audit: *auditor, Log: api.Logger, @@ -294,12 +295,29 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { aReq.Old = workspace } + latestBuild, latestBuildErr := api.Database.GetLatestWorkspaceBuildByWorkspaceID(ctx, workspace.ID) + + // if a user starts/stops a workspace, audit the workspace build + if action == rbac.ActionUpdate { + + var ( + aReq, commitAudit = audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + }) + ) + + defer commitAudit() + aReq.Old = latestBuild + } + if createBuild.TemplateVersionID == uuid.Nil { - latestBuild, err := api.Database.GetLatestWorkspaceBuildByWorkspaceID(ctx, workspace.ID) - if err != nil { + if latestBuildErr != nil { httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{ Message: "Internal error fetching the latest workspace build.", - Detail: err.Error(), + Detail: latestBuildErr.Error(), }) return } diff --git a/codersdk/audit.go b/codersdk/audit.go index 1452af0c0f6b9..4a6aa3ad530ed 100644 --- a/codersdk/audit.go +++ b/codersdk/audit.go @@ -19,6 +19,7 @@ const ( ResourceTypeTemplateVersion ResourceType = "template_version" ResourceTypeUser ResourceType = "user" ResourceTypeWorkspace ResourceType = "workspace" + ResourceTypeWorkspaceBuild ResourceType = "workspace_build" ResourceTypeGitSSHKey ResourceType = "git_ssh_key" ResourceTypeAPIKey ResourceType = "api_key" ResourceTypeGroup ResourceType = "group" @@ -36,6 +37,8 @@ func (r ResourceType) FriendlyString() string { return "user" case ResourceTypeWorkspace: return "workspace" + case ResourceTypeWorkspaceBuild: + return "workspace build" case ResourceTypeGitSSHKey: return "git ssh key" case ResourceTypeAPIKey: diff --git a/enterprise/audit/table.go b/enterprise/audit/table.go index 193b16a31687f..aeb90971ecfce 100644 --- a/enterprise/audit/table.go +++ b/enterprise/audit/table.go @@ -109,6 +109,20 @@ var AuditableResources = auditMap(map[any]map[string]Action{ "organization_id": ActionIgnore, // Never changes. "avatar_url": ActionTrack, }, + &database.WorkspaceBuild{}: { + "id": ActionIgnore, // Unimportant to the user + "created_at": ActionIgnore, // Never changes. + "updated_at": ActionIgnore, // Changes, but is implicit and not helpful in a diff. + "workspace_id": ActionTrack, + "template_version_id": ActionTrack, + "build_number": ActionIgnore, // Unimportant to the user + "transition": ActionTrack, + "initiator_id": ActionIgnore, // Changes, but is implicit and not helpful in a diff. + "provisioner_state": ActionIgnore, // Unimportant to the user + "job_id": ActionIgnore, // Unimportant to the user + "deadline": ActionIgnore, // Unimportant to the user + "reason": ActionTrack, + }, }) // auditMap converts a map of struct pointers to a map of struct names as From 5d094a237b0bd7ddd029f3ffb9755b08c16d3369 Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Wed, 19 Oct 2022 15:28:55 +0000 Subject: [PATCH 02/12] added migration --- coderd/database/dump.sql | 3 ++- .../000063_add_resource_type_workspace_build.down.sql | 2 ++ .../migrations/000063_add_resource_type_workspace_build.up.sql | 1 + coderd/database/models.go | 1 + enterprise/audit/table.go | 2 +- 5 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql create mode 100644 coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql diff --git a/coderd/database/dump.sql b/coderd/database/dump.sql index d601ac60cdd16..2e933baf41429 100644 --- a/coderd/database/dump.sql +++ b/coderd/database/dump.sql @@ -88,7 +88,8 @@ CREATE TYPE resource_type AS ENUM ( 'workspace', 'git_ssh_key', 'api_key', - 'group' + 'group', + 'workspace_build' ); CREATE TYPE user_status AS ENUM ( diff --git a/coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql b/coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql new file mode 100644 index 0000000000000..d1d1637f4fa90 --- /dev/null +++ b/coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql @@ -0,0 +1,2 @@ +-- It's not possible to drop enum values from enum types, so the UP has "IF NOT +-- EXISTS". diff --git a/coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql b/coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql new file mode 100644 index 0000000000000..6892709c8160c --- /dev/null +++ b/coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql @@ -0,0 +1 @@ +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'workspace_build'; diff --git a/coderd/database/models.go b/coderd/database/models.go index 83e4610c40455..52861cc625511 100644 --- a/coderd/database/models.go +++ b/coderd/database/models.go @@ -302,6 +302,7 @@ const ( ResourceTypeGitSshKey ResourceType = "git_ssh_key" ResourceTypeApiKey ResourceType = "api_key" ResourceTypeGroup ResourceType = "group" + ResourceTypeWorkspaceBuild ResourceType = "workspace_build" ) func (e *ResourceType) Scan(src interface{}) error { diff --git a/enterprise/audit/table.go b/enterprise/audit/table.go index aeb90971ecfce..2ee7751eb577c 100644 --- a/enterprise/audit/table.go +++ b/enterprise/audit/table.go @@ -121,7 +121,7 @@ var AuditableResources = auditMap(map[any]map[string]Action{ "provisioner_state": ActionIgnore, // Unimportant to the user "job_id": ActionIgnore, // Unimportant to the user "deadline": ActionIgnore, // Unimportant to the user - "reason": ActionTrack, + "reason": ActionIgnore, // Unimportant to the user }, }) From c11befc3b10ee222f371e5e8970c5cbd90bb4458 Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Wed, 19 Oct 2022 17:09:40 +0000 Subject: [PATCH 03/12] fix keyword --- coderd/audit.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/coderd/audit.go b/coderd/audit.go index fc4e16490d3ba..4db0377e008a8 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -225,6 +225,13 @@ func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { codersdk.ResourceType(alog.ResourceType).FriendlyString(), ) + // Strings for build updates follow the below format: + // "{user} started workspace build for workspace {target}" + // where target is a workspace instead of the workspace build + if alog.ResourceType == database.ResourceTypeWorkspaceBuild { + str += " for workspace" + } + // We don't display the name for git ssh keys. It's fairly long and doesn't // make too much sense to display. if alog.ResourceType != database.ResourceTypeGitSshKey { From ac6e40527ca5813c03669b0293136fe2f117cf4f Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Thu, 20 Oct 2022 15:43:37 +0000 Subject: [PATCH 04/12] got rid oof diffs for workspace builds --- enterprise/audit/table.go | 25 ++++++++++--------- .../components/AuditLogRow/AuditLogRow.tsx | 18 ++++++------- 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/enterprise/audit/table.go b/enterprise/audit/table.go index 2ee7751eb577c..241f53b024c4b 100644 --- a/enterprise/audit/table.go +++ b/enterprise/audit/table.go @@ -109,19 +109,20 @@ var AuditableResources = auditMap(map[any]map[string]Action{ "organization_id": ActionIgnore, // Never changes. "avatar_url": ActionTrack, }, + // We don't show any diff for the WorkspaceBuild resource &database.WorkspaceBuild{}: { - "id": ActionIgnore, // Unimportant to the user - "created_at": ActionIgnore, // Never changes. - "updated_at": ActionIgnore, // Changes, but is implicit and not helpful in a diff. - "workspace_id": ActionTrack, - "template_version_id": ActionTrack, - "build_number": ActionIgnore, // Unimportant to the user - "transition": ActionTrack, - "initiator_id": ActionIgnore, // Changes, but is implicit and not helpful in a diff. - "provisioner_state": ActionIgnore, // Unimportant to the user - "job_id": ActionIgnore, // Unimportant to the user - "deadline": ActionIgnore, // Unimportant to the user - "reason": ActionIgnore, // Unimportant to the user + "id": ActionIgnore, + "created_at": ActionIgnore, + "updated_at": ActionIgnore, + "workspace_id": ActionIgnore, + "template_version_id": ActionIgnore, + "build_number": ActionIgnore, + "transition": ActionIgnore, + "initiator_id": ActionIgnore, + "provisioner_state": ActionIgnore, + "job_id": ActionIgnore, + "deadline": ActionIgnore, + "reason": ActionIgnore, }, }) diff --git a/site/src/components/AuditLogRow/AuditLogRow.tsx b/site/src/components/AuditLogRow/AuditLogRow.tsx index 6d72362911983..478c01e05aa19 100644 --- a/site/src/components/AuditLogRow/AuditLogRow.tsx +++ b/site/src/components/AuditLogRow/AuditLogRow.tsx @@ -130,13 +130,11 @@ export const AuditLogRow: React.FC = ({ -
- {isDiffOpen ? : } -
+ {shouldDisplayDiff ? ( +
{isDiffOpen ? : }
+ ) : ( +
+ )} {shouldDisplayDiff && ( @@ -190,8 +188,8 @@ const useStyles = makeStyles((theme) => ({ color: theme.palette.text.secondary, whiteSpace: "nowrap", }, - - disabledDropdownIcon: { - opacity: 0.5, + // offset the absence of the arrow icon on diff-less logs + columnWithoutDiff: { + marginLeft: "24px", }, })) From ec3e6bf9f2f8f95a6e3075e14661043ad0b0a46c Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Fri, 21 Oct 2022 16:42:26 +0000 Subject: [PATCH 05/12] adding workspace name to string --- coderd/audit.go | 9 ++++++++- coderd/audit/request.go | 10 ++++++---- coderd/workspacebuilds.go | 26 ++++++++++++++++++++++---- 3 files changed, 36 insertions(+), 9 deletions(-) diff --git a/coderd/audit.go b/coderd/audit.go index 4db0377e008a8..a1411443a1da7 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -219,6 +219,10 @@ func convertAuditLog(dblog database.GetAuditLogsOffsetRow) codersdk.AuditLog { } } +type WorkspaceResourceInfo struct { + WorkspaceName string +} + func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { str := fmt.Sprintf("{user} %s %s", codersdk.AuditAction(alog.Action).FriendlyString(), @@ -229,7 +233,10 @@ func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { // "{user} started workspace build for workspace {target}" // where target is a workspace instead of the workspace build if alog.ResourceType == database.ResourceTypeWorkspaceBuild { - str += " for workspace" + workspace_bytes := []byte(alog.AdditionalFields) + var workspaceResourceInfo WorkspaceResourceInfo + json.Unmarshal(workspace_bytes, &workspaceResourceInfo) + str += " for workspace " + workspaceResourceInfo.WorkspaceName } // We don't display the name for git ssh keys. It's fairly long and doesn't diff --git a/coderd/audit/request.go b/coderd/audit/request.go index f64f9e9912fdd..16853a888dfb5 100644 --- a/coderd/audit/request.go +++ b/coderd/audit/request.go @@ -20,8 +20,9 @@ type RequestParams struct { Audit Auditor Log slog.Logger - Request *http.Request - Action database.AuditAction + Request *http.Request + Action database.AuditAction + AdditionalFields json.RawMessage } type Request[T Auditable] struct { @@ -44,7 +45,8 @@ func ResourceTarget[T Auditable](tgt T) string { case database.Workspace: return typed.Name case database.WorkspaceBuild: - return string(typed.Transition) + // this isn't used + return string(typed.BuildNumber) case database.GitSSHKey: return typed.PublicKey case database.Group: @@ -149,7 +151,7 @@ func InitRequest[T Auditable](w http.ResponseWriter, p *RequestParams) (*Request Diff: diffRaw, StatusCode: int32(sw.Status), RequestID: httpmw.RequestID(p.Request), - AdditionalFields: json.RawMessage("{}"), + AdditionalFields: p.AdditionalFields, }) if err != nil { p.Log.Error(logCtx, "export audit log", slog.Error(err)) diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index 31e7423d1e6ae..bad847c6f6aba 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -300,12 +300,30 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { // if a user starts/stops a workspace, audit the workspace build if action == rbac.ActionUpdate { + var auditAction database.AuditAction + if createBuild.Transition == codersdk.WorkspaceTransitionStart { + auditAction = database.AuditActionStart + } else if createBuild.Transition == codersdk.WorkspaceTransitionStop { + auditAction = database.AuditActionStop + } else { + auditAction = database.AuditActionWrite + } + + // We pass the workspace name to the Auditor so that it + // can form a friendly string for the user. + workspaceResourceInfo := map[string]string{ + "workspaceName": workspace.Name, + } + + wri_bytes, _ := json.Marshal(workspaceResourceInfo) + var ( aReq, commitAudit = audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: auditAction, + AdditionalFields: wri_bytes, }) ) From c0ffe78f408e2da829ae4944e327bb9aa492a0fa Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Fri, 21 Oct 2022 18:33:32 +0000 Subject: [PATCH 06/12] renamed migrations --- ...down.sql => 000065_add_resource_type_workspace_build.down.sql} | 0 ...ild.up.sql => 000065_add_resource_type_workspace_build.up.sql} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename coderd/database/migrations/{000063_add_resource_type_workspace_build.down.sql => 000065_add_resource_type_workspace_build.down.sql} (100%) rename coderd/database/migrations/{000063_add_resource_type_workspace_build.up.sql => 000065_add_resource_type_workspace_build.up.sql} (100%) diff --git a/coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql b/coderd/database/migrations/000065_add_resource_type_workspace_build.down.sql similarity index 100% rename from coderd/database/migrations/000063_add_resource_type_workspace_build.down.sql rename to coderd/database/migrations/000065_add_resource_type_workspace_build.down.sql diff --git a/coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql b/coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql similarity index 100% rename from coderd/database/migrations/000063_add_resource_type_workspace_build.up.sql rename to coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql From 7e09219660b0fbcd9e043544d911ce9bd501c1ed Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Fri, 21 Oct 2022 18:41:52 +0000 Subject: [PATCH 07/12] fixed lint --- coderd/audit.go | 4 ++-- coderd/workspacebuilds.go | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/coderd/audit.go b/coderd/audit.go index a1411443a1da7..ba845c8b048b0 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -233,9 +233,9 @@ func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { // "{user} started workspace build for workspace {target}" // where target is a workspace instead of the workspace build if alog.ResourceType == database.ResourceTypeWorkspaceBuild { - workspace_bytes := []byte(alog.AdditionalFields) + workspaceBytes := []byte(alog.AdditionalFields) var workspaceResourceInfo WorkspaceResourceInfo - json.Unmarshal(workspace_bytes, &workspaceResourceInfo) + _ = json.Unmarshal(workspaceBytes, &workspaceResourceInfo) str += " for workspace " + workspaceResourceInfo.WorkspaceName } diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index bad847c6f6aba..3f90b3dbc4c55 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -299,7 +299,6 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { // if a user starts/stops a workspace, audit the workspace build if action == rbac.ActionUpdate { - var auditAction database.AuditAction if createBuild.Transition == codersdk.WorkspaceTransitionStart { auditAction = database.AuditActionStart @@ -315,7 +314,7 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { "workspaceName": workspace.Name, } - wri_bytes, _ := json.Marshal(workspaceResourceInfo) + wriBytes, _ := json.Marshal(workspaceResourceInfo) var ( aReq, commitAudit = audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ @@ -323,7 +322,7 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { Log: api.Logger, Request: r, Action: auditAction, - AdditionalFields: wri_bytes, + AdditionalFields: wriBytes, }) ) From 9cd9ea954ab85f8567a7422ed936abdf70ed314a Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Fri, 21 Oct 2022 20:08:41 +0000 Subject: [PATCH 08/12] pass throough AdditionalFields and fix tests --- coderd/gitsshkey.go | 10 ++++--- coderd/templates.go | 19 +++++++----- coderd/templateversions.go | 18 ++++++----- coderd/users.go | 55 +++++++++++++++++++--------------- coderd/workspacebuilds.go | 9 +++--- coderd/workspacebuilds_test.go | 4 +-- coderd/workspaces.go | 36 ++++++++++++---------- enterprise/coderd/groups.go | 28 +++++++++-------- enterprise/coderd/templates.go | 10 ++++--- 9 files changed, 107 insertions(+), 82 deletions(-) diff --git a/coderd/gitsshkey.go b/coderd/gitsshkey.go index 357f5b2e44dab..01ccda744dc0f 100644 --- a/coderd/gitsshkey.go +++ b/coderd/gitsshkey.go @@ -1,6 +1,7 @@ package coderd import ( + "encoding/json" "net/http" "github.com/coder/coder/coderd/audit" @@ -18,10 +19,11 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) { user = httpmw.UserParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.GitSSHKey](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() diff --git a/coderd/templates.go b/coderd/templates.go index a1108dfc43082..f3550e2b62750 100644 --- a/coderd/templates.go +++ b/coderd/templates.go @@ -5,6 +5,7 @@ import ( "crypto/sha256" "database/sql" "encoding/hex" + "encoding/json" "errors" "fmt" "net/http" @@ -84,10 +85,11 @@ func (api *API) deleteTemplate(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -444,10 +446,11 @@ func (api *API) patchTemplateMeta(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() diff --git a/coderd/templateversions.go b/coderd/templateversions.go index e434482ad8b69..d40947cc6d2c4 100644 --- a/coderd/templateversions.go +++ b/coderd/templateversions.go @@ -599,10 +599,11 @@ func (api *API) patchActiveTemplateVersion(rw http.ResponseWriter, r *http.Reque template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -673,10 +674,11 @@ func (api *API) postTemplateVersionsByOrganization(rw http.ResponseWriter, r *ht organization = httpmw.OrganizationParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.TemplateVersion](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, + AdditionalFields: json.RawMessage("{}"), }) req codersdk.CreateTemplateVersionRequest diff --git a/coderd/users.go b/coderd/users.go index 1e1682dbfd912..8113660f0b1d6 100644 --- a/coderd/users.go +++ b/coderd/users.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "database/sql" + "encoding/json" "errors" "fmt" "net/http" @@ -256,10 +257,11 @@ func (api *API) postUser(rw http.ResponseWriter, r *http.Request) { ctx := r.Context() auditor := *api.Auditor.Load() aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, + AdditionalFields: json.RawMessage("{}"), }) defer commitAudit() @@ -343,10 +345,11 @@ func (api *API) deleteUser(rw http.ResponseWriter, r *http.Request) { auditor := *api.Auditor.Load() user := httpmw.UserParam(r) aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, + AdditionalFields: json.RawMessage("{}"), }) aReq.Old = user defer commitAudit() @@ -420,10 +423,11 @@ func (api *API) putUserProfile(rw http.ResponseWriter, r *http.Request) { user = httpmw.UserParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -502,10 +506,11 @@ func (api *API) putUserStatus(status database.UserStatus) func(rw http.ResponseW apiKey = httpmw.APIKey(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -570,10 +575,11 @@ func (api *API) putUserPassword(rw http.ResponseWriter, r *http.Request) { params codersdk.UpdateUserPasswordRequest auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -732,10 +738,11 @@ func (api *API) putUserRoles(rw http.ResponseWriter, r *http.Request) { apiKey = httpmw.APIKey(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index 3f90b3dbc4c55..e60c9eb0c3a70 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -284,10 +284,11 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { if action == rbac.ActionDelete { var ( aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, + AdditionalFields: json.RawMessage("{}"), }) ) diff --git a/coderd/workspacebuilds_test.go b/coderd/workspacebuilds_test.go index 983063a1907bc..46b18a1d7180f 100644 --- a/coderd/workspacebuilds_test.go +++ b/coderd/workspacebuilds_test.go @@ -579,6 +579,6 @@ func TestWorkspaceBuildStatus(t *testing.T) { require.EqualValues(t, codersdk.WorkspaceStatusDeleted, workspace.LatestBuild.Status) // assert an audit log has been created for deletion - require.Len(t, auditor.AuditLogs, 5) - assert.Equal(t, database.AuditActionDelete, auditor.AuditLogs[4].Action) + require.Len(t, auditor.AuditLogs, 7) + assert.Equal(t, database.AuditActionDelete, auditor.AuditLogs[6].Action) } diff --git a/coderd/workspaces.go b/coderd/workspaces.go index 0295dc29d5e56..e35371cc23125 100644 --- a/coderd/workspaces.go +++ b/coderd/workspaces.go @@ -282,10 +282,11 @@ func (api *API) postWorkspacesByOrganization(rw http.ResponseWriter, r *http.Req auditor = api.Auditor.Load() user = httpmw.UserParam(r) aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -566,10 +567,11 @@ func (api *API) patchWorkspace(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -644,10 +646,11 @@ func (api *API) putWorkspaceAutostart(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -706,10 +709,11 @@ func (api *API) putWorkspaceTTL(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() diff --git a/enterprise/coderd/groups.go b/enterprise/coderd/groups.go index 6537602eb3b7d..c41ec09769c2c 100644 --- a/enterprise/coderd/groups.go +++ b/enterprise/coderd/groups.go @@ -2,6 +2,7 @@ package coderd import ( "database/sql" + "encoding/json" "fmt" "net/http" @@ -23,10 +24,11 @@ func (api *API) postGroupByOrganization(rw http.ResponseWriter, r *http.Request) org = httpmw.OrganizationParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -75,10 +77,11 @@ func (api *API) patchGroup(rw http.ResponseWriter, r *http.Request) { group = httpmw.GroupParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() @@ -225,10 +228,11 @@ func (api *API) deleteGroup(rw http.ResponseWriter, r *http.Request) { group = httpmw.GroupParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() diff --git a/enterprise/coderd/templates.go b/enterprise/coderd/templates.go index 9fbcb403735e8..9a3d9a4f7aacb 100644 --- a/enterprise/coderd/templates.go +++ b/enterprise/coderd/templates.go @@ -3,6 +3,7 @@ package coderd import ( "context" "database/sql" + "encoding/json" "fmt" "net/http" @@ -98,10 +99,11 @@ func (api *API) patchTemplateACL(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, + AdditionalFields: json.RawMessage("{}"), }) ) defer commitAudit() From 76438e114ec6eb547397d622b352f6f76e83f93d Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Mon, 24 Oct 2022 22:24:48 +0000 Subject: [PATCH 09/12] no need to pass through each handler --- coderd/audit/request.go | 4 +++ coderd/gitsshkey.go | 10 +++---- coderd/templates.go | 19 +++++------- coderd/templateversions.go | 18 +++++------ coderd/users.go | 55 +++++++++++++++------------------- coderd/workspacebuilds.go | 31 ++++++++----------- coderd/workspaces.go | 36 ++++++++++------------ enterprise/coderd/groups.go | 28 ++++++++--------- enterprise/coderd/templates.go | 10 +++---- 9 files changed, 93 insertions(+), 118 deletions(-) diff --git a/coderd/audit/request.go b/coderd/audit/request.go index 16853a888dfb5..efba7ebb4304b 100644 --- a/coderd/audit/request.go +++ b/coderd/audit/request.go @@ -137,6 +137,10 @@ func InitRequest[T Auditable](w http.ResponseWriter, p *RequestParams) (*Request } } + if p.AdditionalFields == nil { + p.AdditionalFields = json.RawMessage("{}") + } + ip := parseIP(p.Request.RemoteAddr) err := p.Audit.Export(ctx, database.AuditLog{ ID: uuid.New(), diff --git a/coderd/gitsshkey.go b/coderd/gitsshkey.go index 01ccda744dc0f..357f5b2e44dab 100644 --- a/coderd/gitsshkey.go +++ b/coderd/gitsshkey.go @@ -1,7 +1,6 @@ package coderd import ( - "encoding/json" "net/http" "github.com/coder/coder/coderd/audit" @@ -19,11 +18,10 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) { user = httpmw.UserParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.GitSSHKey](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() diff --git a/coderd/templates.go b/coderd/templates.go index f3550e2b62750..a1108dfc43082 100644 --- a/coderd/templates.go +++ b/coderd/templates.go @@ -5,7 +5,6 @@ import ( "crypto/sha256" "database/sql" "encoding/hex" - "encoding/json" "errors" "fmt" "net/http" @@ -85,11 +84,10 @@ func (api *API) deleteTemplate(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, }) ) defer commitAudit() @@ -446,11 +444,10 @@ func (api *API) patchTemplateMeta(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() diff --git a/coderd/templateversions.go b/coderd/templateversions.go index d40947cc6d2c4..e434482ad8b69 100644 --- a/coderd/templateversions.go +++ b/coderd/templateversions.go @@ -599,11 +599,10 @@ func (api *API) patchActiveTemplateVersion(rw http.ResponseWriter, r *http.Reque template = httpmw.TemplateParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -674,11 +673,10 @@ func (api *API) postTemplateVersionsByOrganization(rw http.ResponseWriter, r *ht organization = httpmw.OrganizationParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.TemplateVersion](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, }) req codersdk.CreateTemplateVersionRequest diff --git a/coderd/users.go b/coderd/users.go index 8113660f0b1d6..1e1682dbfd912 100644 --- a/coderd/users.go +++ b/coderd/users.go @@ -4,7 +4,6 @@ import ( "bytes" "context" "database/sql" - "encoding/json" "errors" "fmt" "net/http" @@ -257,11 +256,10 @@ func (api *API) postUser(rw http.ResponseWriter, r *http.Request) { ctx := r.Context() auditor := *api.Auditor.Load() aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, }) defer commitAudit() @@ -345,11 +343,10 @@ func (api *API) deleteUser(rw http.ResponseWriter, r *http.Request) { auditor := *api.Auditor.Load() user := httpmw.UserParam(r) aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, }) aReq.Old = user defer commitAudit() @@ -423,11 +420,10 @@ func (api *API) putUserProfile(rw http.ResponseWriter, r *http.Request) { user = httpmw.UserParam(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -506,11 +502,10 @@ func (api *API) putUserStatus(status database.UserStatus) func(rw http.ResponseW apiKey = httpmw.APIKey(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -575,11 +570,10 @@ func (api *API) putUserPassword(rw http.ResponseWriter, r *http.Request) { params codersdk.UpdateUserPasswordRequest auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -738,11 +732,10 @@ func (api *API) putUserRoles(rw http.ResponseWriter, r *http.Request) { apiKey = httpmw.APIKey(r) auditor = *api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.User](rw, &audit.RequestParams{ - Audit: auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index e60c9eb0c3a70..0e1f5713e58c1 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -282,15 +282,12 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { // if user deletes a workspace, audit the workspace if action == rbac.ActionDelete { - var ( - aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, - AdditionalFields: json.RawMessage("{}"), - }) - ) + aReq, commitAudit := audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, + }) defer commitAudit() aReq.Old = workspace @@ -317,15 +314,13 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { wriBytes, _ := json.Marshal(workspaceResourceInfo) - var ( - aReq, commitAudit = audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: auditAction, - AdditionalFields: wriBytes, - }) - ) + aReq, commitAudit := audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: auditAction, + AdditionalFields: wriBytes, + }) defer commitAudit() aReq.Old = latestBuild diff --git a/coderd/workspaces.go b/coderd/workspaces.go index e35371cc23125..0295dc29d5e56 100644 --- a/coderd/workspaces.go +++ b/coderd/workspaces.go @@ -282,11 +282,10 @@ func (api *API) postWorkspacesByOrganization(rw http.ResponseWriter, r *http.Req auditor = api.Auditor.Load() user = httpmw.UserParam(r) aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, }) ) defer commitAudit() @@ -567,11 +566,10 @@ func (api *API) patchWorkspace(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -646,11 +644,10 @@ func (api *API) putWorkspaceAutostart(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -709,11 +706,10 @@ func (api *API) putWorkspaceTTL(rw http.ResponseWriter, r *http.Request) { workspace = httpmw.WorkspaceParam(r) auditor = api.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() diff --git a/enterprise/coderd/groups.go b/enterprise/coderd/groups.go index c41ec09769c2c..6537602eb3b7d 100644 --- a/enterprise/coderd/groups.go +++ b/enterprise/coderd/groups.go @@ -2,7 +2,6 @@ package coderd import ( "database/sql" - "encoding/json" "fmt" "net/http" @@ -24,11 +23,10 @@ func (api *API) postGroupByOrganization(rw http.ResponseWriter, r *http.Request) org = httpmw.OrganizationParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionCreate, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionCreate, }) ) defer commitAudit() @@ -77,11 +75,10 @@ func (api *API) patchGroup(rw http.ResponseWriter, r *http.Request) { group = httpmw.GroupParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() @@ -228,11 +225,10 @@ func (api *API) deleteGroup(rw http.ResponseWriter, r *http.Request) { group = httpmw.GroupParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Group](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionDelete, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionDelete, }) ) defer commitAudit() diff --git a/enterprise/coderd/templates.go b/enterprise/coderd/templates.go index 9a3d9a4f7aacb..9fbcb403735e8 100644 --- a/enterprise/coderd/templates.go +++ b/enterprise/coderd/templates.go @@ -3,7 +3,6 @@ package coderd import ( "context" "database/sql" - "encoding/json" "fmt" "net/http" @@ -99,11 +98,10 @@ func (api *API) patchTemplateACL(rw http.ResponseWriter, r *http.Request) { template = httpmw.TemplateParam(r) auditor = api.AGPL.Auditor.Load() aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ - Audit: *auditor, - Log: api.Logger, - Request: r, - Action: database.AuditActionWrite, - AdditionalFields: json.RawMessage("{}"), + Audit: *auditor, + Log: api.Logger, + Request: r, + Action: database.AuditActionWrite, }) ) defer commitAudit() From eba75cf4e25f2349df2004e4c663ce32fa319013 Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Mon, 24 Oct 2022 22:46:28 +0000 Subject: [PATCH 10/12] cleaned up migrations --- coderd/database/dump.sql | 4 +++- ...rkspace_build.down.sql => 000065_add_audit_enums.down.sql} | 0 coderd/database/migrations/000065_add_audit_enums.up.sql | 4 ++++ .../000065_add_resource_type_workspace_build.up.sql | 1 - coderd/database/models.go | 2 ++ site/src/api/typesGenerated.ts | 1 + 6 files changed, 10 insertions(+), 2 deletions(-) rename coderd/database/migrations/{000065_add_resource_type_workspace_build.down.sql => 000065_add_audit_enums.down.sql} (100%) create mode 100644 coderd/database/migrations/000065_add_audit_enums.up.sql delete mode 100644 coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql diff --git a/coderd/database/dump.sql b/coderd/database/dump.sql index 2e933baf41429..5d521ae725fb8 100644 --- a/coderd/database/dump.sql +++ b/coderd/database/dump.sql @@ -14,7 +14,9 @@ CREATE TYPE app_sharing_level AS ENUM ( CREATE TYPE audit_action AS ENUM ( 'create', 'write', - 'delete' + 'delete', + 'start', + 'stop' ); CREATE TYPE build_reason AS ENUM ( diff --git a/coderd/database/migrations/000065_add_resource_type_workspace_build.down.sql b/coderd/database/migrations/000065_add_audit_enums.down.sql similarity index 100% rename from coderd/database/migrations/000065_add_resource_type_workspace_build.down.sql rename to coderd/database/migrations/000065_add_audit_enums.down.sql diff --git a/coderd/database/migrations/000065_add_audit_enums.up.sql b/coderd/database/migrations/000065_add_audit_enums.up.sql new file mode 100644 index 0000000000000..dc623e05e77e2 --- /dev/null +++ b/coderd/database/migrations/000065_add_audit_enums.up.sql @@ -0,0 +1,4 @@ +ALTER TYPE audit_action ADD VALUE IF NOT EXISTS 'start'; +ALTER TYPE audit_action ADD VALUE IF NOT EXISTS 'stop'; + +ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'workspace_build'; diff --git a/coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql b/coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql deleted file mode 100644 index 6892709c8160c..0000000000000 --- a/coderd/database/migrations/000065_add_resource_type_workspace_build.up.sql +++ /dev/null @@ -1 +0,0 @@ -ALTER TYPE resource_type ADD VALUE IF NOT EXISTS 'workspace_build'; diff --git a/coderd/database/models.go b/coderd/database/models.go index 52861cc625511..f59e09a1aeba8 100644 --- a/coderd/database/models.go +++ b/coderd/database/models.go @@ -60,6 +60,8 @@ const ( AuditActionCreate AuditAction = "create" AuditActionWrite AuditAction = "write" AuditActionDelete AuditAction = "delete" + AuditActionStart AuditAction = "start" + AuditActionStop AuditAction = "stop" ) func (e *AuditAction) Scan(src interface{}) error { diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index 507ab688ddabb..b8b5f304301af 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -975,6 +975,7 @@ export type ResourceType = | "template_version" | "user" | "workspace" + | "workspace_build" // From codersdk/sse.go export type ServerSentEventType = "data" | "error" | "ping" From 97233a0f63aa27a7e6a4711a693e72054b7bb41a Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Tue, 25 Oct 2022 14:35:15 +0000 Subject: [PATCH 11/12] generated types; fixed missing cases --- codersdk/audit.go | 6 ++++++ site/src/api/typesGenerated.ts | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/codersdk/audit.go b/codersdk/audit.go index 4a6aa3ad530ed..0fc10f27f05a4 100644 --- a/codersdk/audit.go +++ b/codersdk/audit.go @@ -56,6 +56,8 @@ const ( AuditActionCreate AuditAction = "create" AuditActionWrite AuditAction = "write" AuditActionDelete AuditAction = "delete" + AuditActionStart AuditAction = "start" + AuditActionStop AuditAction = "stop" ) func (a AuditAction) FriendlyString() string { @@ -66,6 +68,10 @@ func (a AuditAction) FriendlyString() string { return "updated" case AuditActionDelete: return "deleted" + case AuditActionStart: + return "started" + case AuditActionStop: + return "stopped" default: return "unknown" } diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index b8b5f304301af..c006c13928eef 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -915,7 +915,7 @@ export interface WorkspacesRequest extends Pagination { export type APIKeyScope = "all" | "application_connect" // From codersdk/audit.go -export type AuditAction = "create" | "delete" | "write" +export type AuditAction = "create" | "delete" | "start" | "stop" | "write" // From codersdk/workspacebuilds.go export type BuildReason = "autostart" | "autostop" | "initiator" From 1112a668fea49057d21b8e7b084ae95ca61c485b Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Tue, 25 Oct 2022 19:19:34 +0000 Subject: [PATCH 12/12] logging error --- coderd/workspacebuilds.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/coderd/workspacebuilds.go b/coderd/workspacebuilds.go index 0e1f5713e58c1..999b7317b4da7 100644 --- a/coderd/workspacebuilds.go +++ b/coderd/workspacebuilds.go @@ -15,6 +15,7 @@ import ( "golang.org/x/exp/slices" "golang.org/x/xerrors" + "cdr.dev/slog" "github.com/coder/coder/coderd/audit" "github.com/coder/coder/coderd/database" "github.com/coder/coder/coderd/httpapi" @@ -312,7 +313,10 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) { "workspaceName": workspace.Name, } - wriBytes, _ := json.Marshal(workspaceResourceInfo) + wriBytes, err := json.Marshal(workspaceResourceInfo) + if err != nil { + api.Logger.Error(ctx, "could not marshal workspace name", slog.Error(err)) + } aReq, commitAudit := audit.InitRequest[database.WorkspaceBuild](rw, &audit.RequestParams{ Audit: *auditor,