Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactored unauthorized access audit logging: #381

Merged

Conversation

sircodemane
Copy link
Contributor

Description

  • moved audit logging responsibility to Authorizer interface
  • cleaned up injections of *db through several layers of code (no longer necessary)
  • minor cleanup and support work

Motivation and Context

Just some cleanup

How Has This Been Tested?

unit and integration tests

Screenshots (if appropriate):

Types of changes

  • Chore (a change that does not modify the application functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Documentation updates are needed, and have been made accordingly.
  • I have added and/or updated tests to cover my changes.
  • All new and existing tests passed.
  • My changes include a database migration.

- moved audit logging responsibility to Authorizer interface
- cleaned up injections of *db through several layers of code (no longer necessary)
- minor cleanup and support work
@@ -85,50 +88,85 @@ func (s idResolver) GetIdentity(ctx Context) (SimpleIdentity, error) {
}
}

type AuditLogger interface {
AppendAuditLog(ctx context.Context, entry model.AuditEntry) error
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was necessary because interfaces are good and import cycles are bad

cmd/api/src/auth/model.go Outdated Show resolved Hide resolved
Copy link
Contributor

@irshadaj irshadaj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would really want that authorizer struct renamed, but since it's just stylistic I won't block approval

@sircodemane sircodemane merged commit eb5e741 into populate-audit-log-fields Feb 2, 2024
3 checks passed
@sircodemane sircodemane deleted the refactor-unauthorized-audit-logs branch February 2, 2024 18:16
@github-actions github-actions bot locked and limited conversation to collaborators Feb 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants