Skip to content

Commit

Permalink
Correct logging references
Browse files Browse the repository at this point in the history
  • Loading branch information
dangtony98 committed Jan 9, 2023
1 parent 35d23cf commit bd5dad7
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 61 deletions.
63 changes: 21 additions & 42 deletions backend/src/controllers/v2/secretsController.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import {
import { ValidationError } from '../../utils/errors';
import { EESecretService, EELogService } from '../../ee/services';
import { postHogClient } from '../../services';
import { BadRequestError } from '../../utils/errors';

/**
* Create secret(s) for workspace with id [workspaceId] and environment [environment]
Expand Down Expand Up @@ -124,7 +125,7 @@ export const createSecrets = async (req: Request, res: Response) => {

if (postHogClient) {
postHogClient.capture({
event: 'secrets deleted',
event: 'secrets added',
distinctId: req.user.email,
properties: {
numberOfSecrets: toAdd.length,
Expand Down Expand Up @@ -190,20 +191,33 @@ export const getSecrets = async (req: Request, res: Response) => {
channel,
ipAddress: req.ip
});

if (postHogClient) {
postHogClient.capture({
event: 'secrets deleted',
distinctId: req.user.email,
properties: {
numberOfSecrets: secrets.length,
environment,
workspaceId,
channel,
userAgent: req.headers?.['user-agent']
}
});
}

return res.status(200).send({
secrets
});
}

/**
* Update secret(s) in workspace with id [workspaceId] and environment [environment]
* Update secret(s)
* @param req
* @param res
*/
export const updateSecrets = async (req: Request, res: Response) => {
const channel = req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli';
const { workspaceId, environment } = req.body;

// TODO: move type
interface PatchSecret {
Expand Down Expand Up @@ -257,7 +271,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
}
});
});
const b = await Secret.bulkWrite(ops);
await Secret.bulkWrite(ops);

let newSecretsObj: { [key: string]: PatchSecret } = {};
req.body.secrets.forEach((secret: PatchSecret) => {
Expand Down Expand Up @@ -320,7 +334,7 @@ export const updateSecrets = async (req: Request, res: Response) => {

Object.keys(workspaceSecretObj).forEach(async (key) => {
const updateAction = await EELogService.createActionSecret({
name: ACTION_DELETE_SECRETS,
name: ACTION_UPDATE_SECRETS,
userId: req.user._id.toString(),
workspaceId: key,
secretIds: workspaceSecretObj[key].map((secret: ISecret) => secret._id)
Expand All @@ -342,7 +356,7 @@ export const updateSecrets = async (req: Request, res: Response) => {

if (postHogClient) {
postHogClient.capture({
event: 'secrets deleted',
event: 'secrets modified',
distinctId: req.user.email,
properties: {
numberOfSecrets: workspaceSecretObj[key].length,
Expand All @@ -354,41 +368,6 @@ export const updateSecrets = async (req: Request, res: Response) => {
});
}
});

const updateAction = await EELogService.createActionSecret({
name: ACTION_UPDATE_SECRETS,
userId: req.user._id.toString(),
workspaceId,
secretIds: req.secrets.map((secret: ISecret) => secret._id)
});

// (EE) create (audit) log
updateAction && await EELogService.createLog({
userId: req.user._id.toString(),
workspaceId,
actions: [updateAction],
channel,
ipAddress: req.ip
});

// (EE) take a secret snapshot
await EESecretService.takeSecretSnapshot({
workspaceId
});

if (postHogClient) {
postHogClient.capture({
event: 'secrets modified',
distinctId: req.user.email,
properties: {
numberOfSecrets: req.secrets.length,
environment,
workspaceId,
channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli',
userAgent: req.headers?.['user-agent']
}
});
}

return res.status(200).send({
secrets: await Secret.find({
Expand All @@ -400,7 +379,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
}

/**
* Delete secret(s) in workspace with id [workspaceId] and environment [environment]
* Delete secret(s) with id [workspaceId] and environment [environment]
* @param req
* @param res
*/
Expand Down
9 changes: 0 additions & 9 deletions backend/src/ee/models/secretVersion.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,6 @@ import {
ENV_PROD
} from '../../variables';

/**
* TODO:
* 1. Modify SecretVersion to also contain XX
* - type
* - user
* - environment
* 2. Modify SecretSnapshot to point to arrays of SecretVersion
*/

export interface ISecretVersion {
_id?: Types.ObjectId;
secret: Types.ObjectId;
Expand Down
14 changes: 4 additions & 10 deletions backend/src/routes/v2/secrets.ts
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ router.post(
!secret.secretValueIV ||
!secret.secretValueTag
) {
throw new Error('secrets array must contain objects that conform to the Secret interface');
throw new Error('secrets array must contain objects that have required secret properties');
}
}
} else if (typeof value === 'object') {
Expand All @@ -51,7 +51,7 @@ router.post(
!value.secretValueIV ||
!value.secretValueTag
) {
throw new Error('secrets array must contain objects that conform to the Secret interface');
throw new Error('secrets object is missing required secret properties');
}
} else {
throw new Error('secrets must be an object or an array of objects')
Expand Down Expand Up @@ -87,8 +87,6 @@ router.get(

router.patch(
'/',
body('workspaceId').exists().trim(),
body('environment').exists().trim().isIn(['dev', 'staging', 'prod', 'test']),
body('secrets')
.exists()
.custom((value) => {
Expand All @@ -105,7 +103,7 @@ router.patch(
!secret.secretValueIV ||
!secret.secretValueTag
) {
throw new Error('secrets array must contain objects that conform to the Secret interface');
throw new Error('secrets array must contain objects that have required secret properties');
}
}
} else if (typeof value === 'object') {
Expand All @@ -119,7 +117,7 @@ router.patch(
!value.secretValueIV ||
!value.secretValueTag
) {
throw new Error('secrets array must contain objects that conform to the Secret interface');
throw new Error('secrets object is missing required secret properties');
}
} else {
throw new Error('secrets must be an object or an array of objects')
Expand All @@ -131,10 +129,6 @@ router.patch(
requireAuth({
acceptedAuthModes: ['jwt']
}),
requireWorkspaceAuth({
acceptedRoles: [ADMIN, MEMBER],
location: 'body'
}),
requireSecretsAuth({
acceptedRoles: [ADMIN, MEMBER]
}),
Expand Down

0 comments on commit bd5dad7

Please sign in to comment.