8000 feat: add audit logs for dormancy events by coadler · Pull Request #15298 · coder/coder · GitHub
[go: up one dir, main page]
Skip to content

feat: add audit logs for dormancy events #15298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
Oct 31, 2024
Merged

feat: add audit logs for dormancy events #15298

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
e137e92
feat: add audit logs for dormancy events
coadler Oct 30, 2024
e84b893
fixup! feat: add audit logs for dormancy events
coadler Oct 30, 2024
388111b
fixup! feat: add audit logs for dormancy events
coadler Oct 30, 2024
850ee38
fixup! feat: add audit logs for dormancy events
coadler Oct 30, 2024
7d2b532
fixup! feat: add audit logs for dormancy events
coadler Oct 30, 2024
68adf8a
fixup! feat: add audit logs for dormancy events
coadler Oct 30, 2024
764bc25
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
7846882
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
cd77405
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
95ac736
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
b6c043d
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
b3269d1
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
3829773
fixup! feat: add audit logs for dormancy events
coadler Oct 31, 2024
6fdb233
fix oidc, add test
coadler Oct 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fixup! feat: add audit logs for dormancy events
  • Loading branch information
@coadler
coadler committed Oct 31, 2024
commit 3829773acb6de29defe873a2a59e1a0ac563bf54
11 changes: 9 additions & 2 deletions coderd/httpmw/apikey.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ const (

type ExtractAPIKeyConfig struct {
DB database.Store
ActivateDormantUser func(ctx context.Context, u database.User) database.User
ActivateDormantUser func(ctx context.Context, u database.User) (database.User, error)
OAuth2Configs *OAuth2Configs
RedirectToLogin bool
DisableSessionExpiryRefresh bool
Expand Down Expand Up @@ -417,11 +417,18 @@ func ExtractAPIKey(rw http.ResponseWriter, r *http.Request, cfg ExtractAPIKeyCon

if userStatus == database.UserStatusDormant && cfg.ActivateDormantUser != nil {
id, _ := uuid.Parse(actor.ID)
cfg.ActivateDormantUser(ctx, database.User{
user, err := cfg.ActivateDormantUser(ctx, database.User{
ID: id,
Username: actor.FriendlyName,
Status: userStatus,
})
if err != nil {
return write(http.StatusInternalServerError, codersdk.Response{
Message: internalErrorMessage,
Detail: fmt.Sprintf("update user status: %s", err.Error()),
})
}
userStatus = user.Status
}

if userStatus != database.UserStatusActive {
Expand Down
30 changes: 18 additions & 12 deletions coderd/userauth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -567,7 +567,14 @@ func (api *API) loginRequest(ctx context.Context, rw http.ResponseWriter, req co
return user, rbac.Subject{}, false
}

user = ActivateDormantUser(api.Logger, &api.Auditor, api.Database)(ctx, user)
user, err = ActivateDormantUser(api.Logger, &api.Auditor, api.Database)(ctx, user)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Message: "Internal error.",
Detail: err.Error(),
})
return user, rbac.Subject{}, false
}

subject, userStatus, err := httpmw.UserRBACSubject(ctx, api.Database, user.ID, rbac.ScopeAll)
if err != nil {
Expand All @@ -589,10 +596,10 @@ func (api *API) loginRequest(ctx context.Context, rw http.ResponseWriter, req co
return user, subject, true
}

func ActivateDormantUser(logger slog.Logger, auditor *atomic.Pointer[audit.Auditor], db database.Store) func(ctx context.Context, user database.User) database.User {
return func(ctx context.Context, user database.User) database.User {
func ActivateDormantUser(logger slog.Logger, auditor *atomic.Pointer[audit.Auditor], db database.Store) func(ctx context.Context, user database.User) (database.User, error) {
return func(ctx context.Context, user database.User) (database.User, error) {
if user.ID == uuid.Nil || user.Status != database.UserStatusDormant {
return user
return user, nil
}

//nolint:gocritic // System needs to update status of the user account (dormant -> active).
Expand All @@ -603,7 +610,7 @@ func ActivateDormantUser(logger slog.Logger, auditor *atomic.Pointer[audit.Audit
})
if err != nil {
logger.Error(ctx, "unable to update user status to active", slog.Error(err))
return user
return user, xerrors.Errorf("update user status: %w", err)
}

audit.BackgroundAudit(ctx, &audit.BackgroundAuditParams[database.User]{
Expand All @@ -617,7 +624,7 @@ func ActivateDormantUser(logger slog.Logger, auditor *atomic.Pointer[audit.Audit
AdditionalFields: audit.BackgroundTaskFields(ctx, logger, audit.BackgroundSubsystemDormancy),
})

return newUser
return newUser, nil
}
}

Expand Down Expand Up @@ -1413,16 +1420,15 @@ func (api *API) oauthLogin(r *http.Request, params *oauthLoginParams) ([]*http.C
dormantConvertAudit *audit.Request[database.User]
initDormantAuditOnce = sync.OnceFunc(func() {
dormantConvertAudit = params.initAuditRequest(&audit.RequestParams{
Audit: auditor,
Log: api.Logger,
Request: r,
Action: database.AuditActionWrite,
Audit: auditor,
Log: api.Logger,
Request: r,
Action: database.AuditActionWrite,
OrganizationID: uuid.Nil,
})
})
)

params.User = ActivateDormantUser(api.Logger, &api.Auditor, api.Database)(ctx, params.User)

var isConvertLoginType bool
err := api.Database.InTx(func(tx database.Store) error {
var (
Expand Down
Loading
0