From 009f9c684217a0b8384d22149cb35575677bd6d1 Mon Sep 17 00:00:00 2001 From: Tuan Dang Date: Wed, 21 Dec 2022 16:27:04 -0500 Subject: [PATCH] Continue developing activity logs backend --- backend/src/events/secret.ts | 27 ++++++++++++-- backend/src/helpers/log.ts | 25 +++++++++++++ backend/src/logs/index.ts | 0 backend/src/logs/secret.ts | 0 backend/src/models/log.ts | 65 +++++++++++++++++++++++++++++----- backend/src/models/logGroup.ts | 25 +++++++++++++ 6 files changed, 132 insertions(+), 10 deletions(-) create mode 100644 backend/src/helpers/log.ts create mode 100644 backend/src/logs/index.ts create mode 100644 backend/src/logs/secret.ts create mode 100644 backend/src/models/logGroup.ts diff --git a/backend/src/events/secret.ts b/backend/src/events/secret.ts index 8bb3a86c3a..479255a317 100644 --- a/backend/src/events/secret.ts +++ b/backend/src/events/secret.ts @@ -1,4 +1,7 @@ -import { EVENT_PUSH_SECRETS } from '../variables'; +import { + EVENT_PUSH_SECRETS, + EVENT_PULL_SECRETS +} from '../variables'; interface PushSecret { ciphertextKey: string; @@ -19,7 +22,7 @@ interface PushSecret { * @returns */ const eventPushSecrets = ({ - workspaceId, + workspaceId }: { workspaceId: string; }) => { @@ -32,6 +35,26 @@ const eventPushSecrets = ({ }); } +/** + * Return event for pulling secrets + * @param {Object} obj + * @param {String} obj.workspaceId - id of workspace to pull secrets from + * @returns + */ +const eventPullSecrets = ({ + workspaceId, +}: { + workspaceId: string; +}) => { + return ({ + name: EVENT_PULL_SECRETS, + workspaceId, + payload: { + + } + }); +} + export { eventPushSecrets } diff --git a/backend/src/helpers/log.ts b/backend/src/helpers/log.ts new file mode 100644 index 0000000000..2a2f1530b8 --- /dev/null +++ b/backend/src/helpers/log.ts @@ -0,0 +1,25 @@ +import { Log, ILog } from '../models'; +import * as Sentry from '@sentry/node'; +import { + EVENT_PUSH_SECRETS, + EVENT_PULL_SECRETS +} from '../variables'; + + +const handleLogHelper = async ({ + log +}: { + log: ILog +}) => { + try { + switch (log.event) { + case EVENT_PULL_SECRETS: + // TODO + break; + } + + } catch (err){ + Sentry.setUser(null); + Sentry.captureException(err); + } +} \ No newline at end of file diff --git a/backend/src/logs/index.ts b/backend/src/logs/index.ts new file mode 100644 index 0000000000..e69de29bb2 diff --git a/backend/src/logs/secret.ts b/backend/src/logs/secret.ts new file mode 100644 index 0000000000..e69de29bb2 diff --git a/backend/src/models/log.ts b/backend/src/models/log.ts index 81dd9fb52c..e232d68a7e 100644 --- a/backend/src/models/log.ts +++ b/backend/src/models/log.ts @@ -5,6 +5,7 @@ export interface ILog { user?: Types.ObjectId; workspace: Types.ObjectId; event: string; + groupId: string; payload: { numberofSecrets?: number; environment?: string; @@ -13,6 +14,52 @@ export interface ILog { ipAddress?: string; } +// log group consists of logs (each log is associated with 1 event) +// scenario: + +// do we in the future record old and new values for secrets? (when you log update secret, +// do you want to know what the old secret value was changed to?) + +// Option 1: + +// action 1: pushed secrets (top-level event) +// - log 1 (groupId: ABC): modified 10 secrets (sub-level event) +// ---- array of secret ids that were modified +// - log 2 (groupId: ABC): deleted 5 secrets +// ---- array of secret ids that were deleted +// - log 3 (groupId: ABC): created 10 secrets +// ---- array of secret ids that were created + +// action 2: pull secrets +// - log 4 (groupId: DEF): read 20 secrets +// ---- array of secret ids that were read + +// Option 2 (many logs): + +// action 1: pushed secrets (top-level event) +// - log 1 (groupId: ABC): modified secret abc +// - log 2 (groupId: ABC): modified secret def +// - log 3 (groupId: ABC): modified secret ghi +// - log 4 (groupId: ABC): created secret jkl +// - log 5 (groupId: ABC): created secret mno +// - log 6 (groupId: ABC): deleted secret pqr + +// action 2: pull secrets (pulling 100 secrets = 100 logs; 10 times per day, 5 people => 5000 logs) +// - log 7 (groupId: DEF): read secret abc +// - log 8 (groupId: DEF): read secret def +// - log 9 (groupId: DEF): read secret ghi +// - log 10 (groupId: DEF): read secret jkl +// - log 11 (groupId: DEF): read secret mno + +// logGroup +// ---- log (query for log groups by person and by secret etc.) + +/** + * Action: save secrets + * - + * + */ + const logSchema = new Schema( { user: { @@ -23,17 +70,19 @@ const logSchema = new Schema( type: Schema.Types.ObjectId, ref: 'Workspace' }, - event: { // push, pull + event: { // CRUD secrets type: String, required: true }, - payload: { - numberOfSecrets: { - type: Number - }, - environment: { - type: String - } + groupId: { + type: String, + required: true, + }, + payload: { + secrets: [{ + type: Schema.Types.ObjectId, + ref: 'Secret' + }] }, channel: { type: String, diff --git a/backend/src/models/logGroup.ts b/backend/src/models/logGroup.ts new file mode 100644 index 0000000000..29527f6908 --- /dev/null +++ b/backend/src/models/logGroup.ts @@ -0,0 +1,25 @@ +import { Schema, model, Types } from 'mongoose'; + +export interface ILogGroup { + workspace: Types.ObjectId, + logs: [Types.ObjectId] +} + +const logGroupSchema = new Schema( + { + workspace: { + type: Schema.Types.ObjectId, + ref: 'Workspace' + }, + logs: [{ + type: Schema.Types.ObjectId, + ref: 'Log' + }] + }, { + timestamps: true + } +); + +const LogGroup = model('LogGroup', logGroupSchema); + +export default LogGroup; \ No newline at end of file