Skip to content

Commit bf0aca3

Browse files
Kira-PilotKira-Pilot
authored
fix: ensure deleting workspace creates audit log (#4537)
* fix: ensure deleting workspace creates audit log * getting rid of comments * remove whitespace * pushing failing test * fixed test
1 parent b140983 commit bf0aca3

File tree

2 files changed

+24
-1
lines changed

2 files changed

+24
-1
lines changed

coderd/workspacebuilds.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ import (
1515
"golang.org/x/exp/slices"
1616
"golang.org/x/xerrors"
1717

18+
"github.com/coder/coder/coderd/audit"
1819
"github.com/coder/coder/coderd/database"
1920
"github.com/coder/coder/coderd/httpapi"
2021
"github.com/coder/coder/coderd/httpmw"
@@ -277,6 +278,22 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
277278
return
278279
}
279280

281+
// we only want to create audit logs for delete builds right now
282+
if action == rbac.ActionDelete {
283+
var (
284+
auditor = api.Auditor.Load()
285+
aReq, commitAudit = audit.InitRequest[database.Workspace](rw, &audit.RequestParams{
286+
Audit: *auditor,
287+
Log: api.Logger,
288+
Request: r,
289+
Action: database.AuditActionDelete,
290+
})
291+
)
292+
293+
defer commitAudit()
294+
aReq.Old = workspace
295+
}
296+
280297
if createBuild.TemplateVersionID == uuid.Nil {
281298
latestBuild, err := api.Database.GetLatestWorkspaceBuildByWorkspaceID(ctx, workspace.ID)
282299
if err != nil {

coderd/workspacebuilds_test.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ import (
1313
"github.com/stretchr/testify/assert"
1414
"github.com/stretchr/testify/require"
1515

16+
"github.com/coder/coder/coderd/audit"
1617
"github.com/coder/coder/coderd/coderdtest"
1718
"github.com/coder/coder/coderd/database"
1819
"github.com/coder/coder/codersdk"
@@ -534,7 +535,8 @@ func TestWorkspaceBuildStatus(t *testing.T) {
534535
t.Parallel()
535536
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
536537
defer cancel()
537-
client, closeDaemon, api := coderdtest.NewWithAPI(t, &coderdtest.Options{IncludeProvisionerDaemon: true})
538+
auditor := audit.NewMock()
539+
client, closeDaemon, api := coderdtest.NewWithAPI(t, &coderdtest.Options{IncludeProvisionerDaemon: true, Auditor: auditor})
538540
user := coderdtest.CreateFirstUser(t, client)
539541
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
540542
coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
@@ -575,4 +577,8 @@ func TestWorkspaceBuildStatus(t *testing.T) {
575577
workspace, err = client.DeletedWorkspace(ctx, workspace.ID)
576578
require.NoError(t, err)
577579
require.EqualValues(t, codersdk.WorkspaceStatusDeleted, workspace.LatestBuild.Status)
580+
581+
// assert an audit log has been created for deletion
582+
require.Len(t, auditor.AuditLogs, 5)
583+
assert.Equal(t, database.AuditActionDelete, auditor.AuditLogs[4].Action)
578584
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy