Correct logging references

Infisical · Jan 9, 2023 · bd5dad7 · bd5dad7
1 parent 35d23cf
commit bd5dad7
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 61 deletions.
diff --git a/backend/src/controllers/v2/secretsController.ts b/backend/src/controllers/v2/secretsController.ts
@@ -13,6 +13,7 @@ import {
 import { ValidationError } from '../../utils/errors';
 import { EESecretService, EELogService } from '../../ee/services';
 import { postHogClient } from '../../services';
+import { BadRequestError } from '../../utils/errors';
 
 /**
  * Create secret(s) for workspace with id [workspaceId] and environment [environment]
@@ -124,7 +125,7 @@ export const createSecrets = async (req: Request, res: Response) => {
 
     if (postHogClient) {
         postHogClient.capture({
-            event: 'secrets deleted',
+            event: 'secrets added',
             distinctId: req.user.email,
             properties: {
                 numberOfSecrets: toAdd.length,
@@ -190,20 +191,33 @@ export const getSecrets = async (req: Request, res: Response) => {
         channel,
         ipAddress: req.ip
     });
+
+    if (postHogClient) {
+        postHogClient.capture({
+            event: 'secrets deleted',
+            distinctId: req.user.email,
+            properties: {
+                numberOfSecrets: secrets.length,
+                environment,
+                workspaceId,
+                channel,
+                userAgent: req.headers?.['user-agent']
+            }
+        });
+    }
 
     return res.status(200).send({
         secrets
     });
 }
 
 /**
- * Update secret(s) in workspace with id [workspaceId] and environment [environment]
+ * Update secret(s)
  * @param req 
  * @param res 
  */
 export const updateSecrets = async (req: Request, res: Response) => {
     const channel = req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli'; 
-    const { workspaceId, environment } = req.body;
 
     // TODO: move type
     interface PatchSecret {
@@ -257,7 +271,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
             }
         });
     });
-    const b = await Secret.bulkWrite(ops);
+    await Secret.bulkWrite(ops);
 
     let newSecretsObj: { [key: string]: PatchSecret } = {};
     req.body.secrets.forEach((secret: PatchSecret) => {
@@ -320,7 +334,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
 
     Object.keys(workspaceSecretObj).forEach(async (key) => {
         const updateAction = await EELogService.createActionSecret({
-            name: ACTION_DELETE_SECRETS,
+            name: ACTION_UPDATE_SECRETS,
             userId: req.user._id.toString(),
             workspaceId: key,
             secretIds: workspaceSecretObj[key].map((secret: ISecret) => secret._id)
@@ -342,7 +356,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
 
         if (postHogClient) {
             postHogClient.capture({
-                event: 'secrets deleted',
+                event: 'secrets modified',
                 distinctId: req.user.email,
                 properties: {
                     numberOfSecrets: workspaceSecretObj[key].length,
@@ -354,41 +368,6 @@ export const updateSecrets = async (req: Request, res: Response) => {
             });
         }
     });
-
-    const updateAction = await EELogService.createActionSecret({
-        name: ACTION_UPDATE_SECRETS,
-        userId: req.user._id.toString(),
-        workspaceId,
-        secretIds: req.secrets.map((secret: ISecret) => secret._id)
-    });
-
-    // (EE) create (audit) log
-    updateAction && await EELogService.createLog({
-        userId: req.user._id.toString(),
-        workspaceId,
-        actions: [updateAction],
-        channel,
-        ipAddress: req.ip
-    });
-
-    // (EE) take a secret snapshot
-    await EESecretService.takeSecretSnapshot({
-        workspaceId
-    });
-
-    if (postHogClient) {
-        postHogClient.capture({
-            event: 'secrets modified',
-            distinctId: req.user.email,
-            properties: {
-                numberOfSecrets: req.secrets.length,
-                environment,
-                workspaceId,
-                channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli',
-                userAgent: req.headers?.['user-agent']
-            }
-        });
-    }
 
     return res.status(200).send({
         secrets: await Secret.find({
@@ -400,7 +379,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
 }
 
 /**
- * Delete secret(s) in workspace with id [workspaceId] and environment [environment]
+ * Delete secret(s) with id [workspaceId] and environment [environment]
  * @param req 
  * @param res 
  */

diff --git a/backend/src/ee/models/secretVersion.ts b/backend/src/ee/models/secretVersion.ts
@@ -8,15 +8,6 @@ import {
 	ENV_PROD
 } from '../../variables';
 
-/**
- * TODO: 
- * 1. Modify SecretVersion to also contain XX
- * - type
- * - user
- * - environment
- * 2. Modify SecretSnapshot to point to arrays of SecretVersion
- */
-
 export interface ISecretVersion {
     _id?: Types.ObjectId;
     secret: Types.ObjectId;

diff --git a/backend/src/routes/v2/secrets.ts b/backend/src/routes/v2/secrets.ts
@@ -36,7 +36,7 @@ router.post(
                         !secret.secretValueIV ||
                         !secret.secretValueTag
                     ) {
-                        throw new Error('secrets array must contain objects that conform to the Secret interface');
+                        throw new Error('secrets array must contain objects that have required secret properties');
                     }
                 }
             } else if (typeof value === 'object') {
@@ -51,7 +51,7 @@ router.post(
                     !value.secretValueIV ||
                     !value.secretValueTag
                 ) {
-                    throw new Error('secrets array must contain objects that conform to the Secret interface');
+                    throw new Error('secrets object is missing required secret properties');
                 } 
             } else {
                 throw new Error('secrets must be an object or an array of objects')
@@ -87,8 +87,6 @@ router.get(
 
 router.patch(
     '/',
-    body('workspaceId').exists().trim(),
-    body('environment').exists().trim().isIn(['dev', 'staging', 'prod', 'test']),
     body('secrets')
         .exists()
         .custom((value) => {
@@ -105,7 +103,7 @@ router.patch(
                         !secret.secretValueIV ||
                         !secret.secretValueTag
                     ) {
-                        throw new Error('secrets array must contain objects that conform to the Secret interface');
+                        throw new Error('secrets array must contain objects that have required secret properties');
                     }
                 }
             } else if (typeof value === 'object') {
@@ -119,7 +117,7 @@ router.patch(
                     !value.secretValueIV ||
                     !value.secretValueTag
                 ) {
-                    throw new Error('secrets array must contain objects that conform to the Secret interface');
+                    throw new Error('secrets object is missing required secret properties');
                 } 
             } else {
                 throw new Error('secrets must be an object or an array of objects')
@@ -131,10 +129,6 @@ router.patch(
     requireAuth({
         acceptedAuthModes: ['jwt']
     }),
-    requireWorkspaceAuth({
-        acceptedRoles: [ADMIN, MEMBER],
-        location: 'body'
-    }),
     requireSecretsAuth({
         acceptedRoles: [ADMIN, MEMBER]
     }),