feat: audit log #114
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "feat/database"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Implements a basic audit log to log authenticated/authorized actions.
Fixes #113
checkwith admin feature in PR workflow@ -613,0 +777,4 @@Ok(d32) => d32,Err(_) => {return Err(JotApiError::Client("Invalid since".to_string(),*before
@ -0,0 +94,4 @@query.push_bind(encode::try_audit_action(act).unwrap());}Err(err) => {trace!(error = err.to_string(), "Invalid action filter");Should this error or continue to fail silently?
This should probably fail earlier with a 400. Maybe the DB shouldn't be accepting String user input anyway. The
_insertfunction takesAuditActionas input, this should too.@ -0,0 +107,4 @@query.push(" LIMIT ");query.push_bind(limit);//.build_query_as::<AuditLogEntry>()trash
@ -0,0 +18,4 @@Some(adl) => match &adl.root_key {Some(rk) => rk,None => {debug!("Failed to authenticate for audit log, no root key set");make this an warning level log message
Changed my mind. This is likely to happen often on servers that intentionally don't have a root key configured.
@ -0,0 +30,4 @@let limit = context.req.query::<u32>("limit").unwrap_or(500);let since_stamp = context.req.query::<u32>("since");let action_filter = context.req.query::<String>("action");let key_id_filter = context.req.query::<String>("key_id");This query param should be
short_idfor clarity@ -0,0 +63,4 @@Ok(m) => match m {Some(e) => e,None => {warn!("Unauthorized: root key not set");maybe "root key not initialized"?
@ -172,0 +185,4 @@.audit_log_insert(short_id.clone(),request_address(&context.req),AuditAction::Upload,Maybe this action should be
Put?@ -193,0 +218,4 @@AuditLogList,Delete,ListFiles,#[default]Why is
Registerdefault? Why is there a default at all?