Documentation ¶
Index ¶
- func BackgroundAudit[T Auditable](ctx context.Context, p *BackgroundAuditParams[T])
- func BackgroundTaskFields(subsystem BackgroundSubsystem) map[string]string
- func BackgroundTaskFieldsBytes(ctx context.Context, logger slog.Logger, subsystem BackgroundSubsystem) []byte
- func BaggageToContext(ctx context.Context, d Baggage) (context.Context, error)
- func Empty[T Auditable]() T
- func ResourceID[T Auditable](tgt T) uuid.UUID
- func ResourceRequiresOrgID[T Auditable]() bool
- func ResourceTarget[T Auditable](tgt T) string
- func ResourceType[T Auditable](tgt T) database.ResourceType
- type AdditionalFields
- type Auditable
- type Auditor
- type BackgroundAuditParams
- type BackgroundSubsystem
- type Baggage
- type Differ
- type Map
- type MockAuditor
- type OldNew
- type Request
- type RequestParams
- type WorkspaceBuildBaggage
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BackgroundAudit ¶ added in v2.5.0
func BackgroundAudit[T Auditable](ctx context.Context, p *BackgroundAuditParams[T])
BackgroundAudit creates an audit log for a background event. The audit log is committed upon invocation.
func BackgroundTaskFields ¶ added in v2.17.0
func BackgroundTaskFields(subsystem BackgroundSubsystem) map[string]string
func BackgroundTaskFieldsBytes ¶ added in v2.17.0
func BaggageToContext ¶ added in v2.3.2
func ResourceID ¶
func ResourceRequiresOrgID ¶ added in v2.9.0
ResourceRequiresOrgID will ensure given resources are always audited with an organization ID.
func ResourceTarget ¶
func ResourceType ¶
func ResourceType[T Auditable](tgt T) database.ResourceType
Types ¶
type AdditionalFields ¶
type Auditable ¶
type Auditable interface { database.APIKey | database.Template | database.TemplateVersion | database.User | database.WorkspaceTable | database.GitSSHKey | database.WorkspaceBuild | database.AuditableGroup | database.License | database.WorkspaceProxy | database.AuditOAuthConvertState | database.HealthSettings | database.NotificationsSettings | database.OAuth2ProviderApp | database.OAuth2ProviderAppSecret | database.CustomRole | database.AuditableOrganizationMember | database.Organization | database.NotificationTemplate }
Auditable is mostly a marker interface. It contains a definitive list of all auditable types. If you want to audit a new type, first define it in AuditableResources, then add it to this interface.
type Auditor ¶
type BackgroundAuditParams ¶ added in v2.5.0
type BackgroundAuditParams[T Auditable] struct { Audit Auditor Log slog.Logger UserID uuid.UUID RequestID uuid.UUID Status int Action database.AuditAction OrganizationID uuid.UUID IP string // todo: this should automatically marshal an interface{} instead of accepting a raw message. AdditionalFields json.RawMessage New T Old T }
type BackgroundSubsystem ¶ added in v2.17.0
type BackgroundSubsystem string
const (
BackgroundSubsystemDormancy BackgroundSubsystem = "dormancy"
)
type Differ ¶
Differ is used so the enterprise version can implement the diff function in the Auditor feature interface. Only types in the same package as the interface can implement unexported methods.
type Map ¶
Map is a map of changed fields in an audited resource. It maps field names to the old and new value for that field.
type MockAuditor ¶
type MockAuditor struct {
// contains filtered or unexported fields
}
func NewMock ¶
func NewMock() *MockAuditor
func (*MockAuditor) AuditLogs ¶
func (a *MockAuditor) AuditLogs() []database.AuditLog
func (*MockAuditor) Contains ¶ added in v2.4.0
Contains returns true if, for each non-zero-valued field in expected, there exists a corresponding audit log in the mock auditor that matches the expected values. Returns false otherwise.
func (*MockAuditor) ResetLogs ¶
func (a *MockAuditor) ResetLogs()
ResetLogs removes all audit logs from the mock auditor. This is helpful for testing to get a clean slate.
type Request ¶
type Request[T Auditable] struct { Old T New T // UserID is an optional field can be passed in when the userID cannot be // determined from the API Key such as in the case of login, when the audit // log is created prior the API Key's existence. UserID uuid.UUID // Action is an optional field can be passed in if the AuditAction must be // overridden such as in the case of new user authentication when the Audit // Action is 'register', not 'login'. Action database.AuditAction // contains filtered or unexported fields }
func InitRequest ¶
func InitRequest[T Auditable](w http.ResponseWriter, p *RequestParams) (*Request[T], func())
InitRequest initializes an audit log for a request. It returns a function that should be deferred, causing the audit log to be committed when the handler returns.
func InitRequestWithCancel ¶ added in v2.12.5
func InitRequestWithCancel[T Auditable](w http.ResponseWriter, p *RequestParams) (*Request[T], func(commit bool))
InitRequestWithCancel returns a commit function with a boolean arg. If the arg is false, future calls to commit() will not create an audit log entry.
func (*Request[T]) UpdateOrganizationID ¶ added in v2.14.0
UpdateOrganizationID can be used if the organization ID is not known at the initiation of an audit log request.
type RequestParams ¶
type WorkspaceBuildBaggage ¶ added in v2.3.2
type WorkspaceBuildBaggage struct {
IP string
}
func BaggageFromContext ¶ added in v2.3.2
func BaggageFromContext(ctx context.Context) WorkspaceBuildBaggage
func WorkspaceBuildBaggageFromRequest ¶ added in v2.3.2
func WorkspaceBuildBaggageFromRequest(r *http.Request) WorkspaceBuildBaggage