From 37d1cb653ebe19be6f126e166ab83ce1aeb10ff9 Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Tue, 6 Jun 2023 19:20:26 +0000 Subject: [PATCH 1/2] fix: respect uppercase letters in username filter for audit --- coderd/audit.go | 6 ++++++ coderd/database/queries.sql.go | 28 +++++++++++++++++---------- coderd/database/queries/auditlogs.sql | 8 +++++++- 3 files changed, 31 insertions(+), 11 deletions(-) diff --git a/coderd/audit.go b/coderd/audit.go index 4a585aeb0bc99..e0f000c495a3a 100644 --- a/coderd/audit.go +++ b/coderd/audit.go @@ -37,6 +37,7 @@ import ( // @Router /audit [get] func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) { ctx := r.Context() + apiKey := httpmw.APIKey(r) page, ok := parsePagination(rw, r) if !ok { @@ -55,6 +56,11 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) { filter.Offset = int32(page.Offset) filter.Limit = int32(page.Limit) + if filter.Username == "me" { + filter.UserID = apiKey.UserID + filter.Username = "" + } + dblogs, err := api.Database.GetAuditLogsOffset(ctx, filter) if err != nil { httpapi.InternalServerError(rw, err) diff --git a/coderd/database/queries.sql.go b/coderd/database/queries.sql.go index 6c132aa9b2126..4702a4214af10 100644 --- a/coderd/database/queries.sql.go +++ b/coderd/database/queries.sql.go @@ -412,34 +412,40 @@ WHERE action = $6 :: audit_action ELSE true END + -- Filter by user_id + AND CASE + WHEN $7 :: uuid != '00000000-0000-0000-0000-000000000000'::uuid THEN + user_id = $7 + ELSE true + END -- Filter by username AND CASE - WHEN $7 :: text != '' THEN - users.username = $7 + WHEN $8 :: text != '' THEN + user_id = (SELECT id FROM users WHERE lower(username) = lower($8) AND deleted = false) ELSE true END -- Filter by user_email AND CASE - WHEN $8 :: text != '' THEN - users.email = $8 + WHEN $9 :: text != '' THEN + users.email = $9 ELSE true END -- Filter by date_from AND CASE - WHEN $9 :: timestamp with time zone != '0001-01-01 00:00:00Z' THEN - "time" >= $9 + WHEN $10 :: timestamp with time zone != '0001-01-01 00:00:00Z' THEN + "time" >= $10 ELSE true END -- Filter by date_to AND CASE - WHEN $10 :: timestamp with time zone != '0001-01-01 00:00:00Z' THEN - "time" <= $10 + WHEN $11 :: timestamp with time zone != '0001-01-01 00:00:00Z' THEN + "time" <= $11 ELSE true END -- Filter by build_reason AND CASE - WHEN $11::text != '' THEN - workspace_builds.reason::text = $11 + WHEN $12::text != '' THEN + workspace_builds.reason::text = $12 ELSE true END ORDER BY @@ -457,6 +463,7 @@ type GetAuditLogsOffsetParams struct { ResourceID uuid.UUID `db:"resource_id" json:"resource_id"` ResourceTarget string `db:"resource_target" json:"resource_target"` Action string `db:"action" json:"action"` + UserID uuid.UUID `db:"user_id" json:"user_id"` Username string `db:"username" json:"username"` Email string `db:"email" json:"email"` DateFrom time.Time `db:"date_from" json:"date_from"` @@ -499,6 +506,7 @@ func (q *sqlQuerier) GetAuditLogsOffset(ctx context.Context, arg GetAuditLogsOff arg.ResourceID, arg.ResourceTarget, arg.Action, + arg.UserID, arg.Username, arg.Email, arg.DateFrom, diff --git a/coderd/database/queries/auditlogs.sql b/coderd/database/queries/auditlogs.sql index 527fb22e0fbae..fc48489ca2104 100644 --- a/coderd/database/queries/auditlogs.sql +++ b/coderd/database/queries/auditlogs.sql @@ -62,10 +62,16 @@ WHERE action = @action :: audit_action ELSE true END + -- Filter by user_id + AND CASE + WHEN @user_id :: uuid != '00000000-0000-0000-0000-000000000000'::uuid THEN + user_id = @user_id + ELSE true + END -- Filter by username AND CASE WHEN @username :: text != '' THEN - users.username = @username + user_id = (SELECT id FROM users WHERE lower(username) = lower(@username) AND deleted = false) ELSE true END -- Filter by user_email From 311cc055cb8b2c9591e96699cd8b753022e20505 Mon Sep 17 00:00:00 2001 From: Kira Pilot Date: Tue, 6 Jun 2023 19:34:17 +0000 Subject: [PATCH 2/2] updated documentation --- docs/admin/audit-logs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/admin/audit-logs.md b/docs/admin/audit-logs.md index 7bad515cdc341..1e00c468877b1 100644 --- a/docs/admin/audit-logs.md +++ b/docs/admin/audit-logs.md @@ -37,7 +37,7 @@ The supported filters are: - `resource_id` - The ID of the resource. - `resource_target` - The name of the resource. Can be used instead of `resource_id`. - `action`- The action applied to a resource. You can [find here](https://pkg.go.dev/github.com/coder/coder/codersdk#AuditAction) all the actions that are supported. -- `username` - The username of the user who triggered the action. +- `username` - The username of the user who triggered the action. You can also use `me` as a convenient alias for the logged-in user. - `email` - The email of the user who triggered the action. - `date_from` - The inclusive start date with format `YYYY-MM-DD`. - `date_to` - The inclusive end date with format `YYYY-MM-DD`.