mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
fix: Handle invalid resource types and actions (#4341)
* fix: Handle invalid resource types and actions * Return all values if invalid * Use types
This commit is contained in:
Bruno Quaresma
GitHub
@ -259,12 +259,37 @@ func auditSearchQuery(query string) (database.GetAuditLogsOffsetParams, []coders
|
|||||||
// other parsing.
|
// other parsing.
|
||||||
parser := httpapi.NewQueryParamParser()
|
parser := httpapi.NewQueryParamParser()
|
||||||
filter := database.GetAuditLogsOffsetParams{
|
filter := database.GetAuditLogsOffsetParams{
|
||||||
ResourceType: parser.String(searchParams, "", "resource_type"),
|
ResourceType: resourceTypeFromString(parser.String(searchParams, "", "resource_type")),
|
||||||
ResourceID: parser.UUID(searchParams, uuid.Nil, "resource_id"),
|
ResourceID: parser.UUID(searchParams, uuid.Nil, "resource_id"),
|
||||||
Action: parser.String(searchParams, "", "action"),
|
Action: actionFromString(parser.String(searchParams, "", "action")),
|
||||||
Username: parser.String(searchParams, "", "username"),
|
Username: parser.String(searchParams, "", "username"),
|
||||||
Email: parser.String(searchParams, "", "email"),
|
Email: parser.String(searchParams, "", "email"),
|
||||||
}
|
}
|
||||||
|
|
||||||
return filter, parser.Errors
|
return filter, parser.Errors
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func resourceTypeFromString(resourceTypeString string) string {
|
||||||
|
switch codersdk.ResourceType(resourceTypeString) {
|
||||||
|
case codersdk.ResourceTypeOrganization:
|
||||||
|
case codersdk.ResourceTypeTemplate:
|
||||||
|
case codersdk.ResourceTypeTemplateVersion:
|
||||||
|
case codersdk.ResourceTypeUser:
|
||||||
|
case codersdk.ResourceTypeWorkspace:
|
||||||
|
case codersdk.ResourceTypeGitSSHKey:
|
||||||
|
case codersdk.ResourceTypeAPIKey:
|
||||||
|
return resourceTypeString
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func actionFromString(actionString string) string {
|
||||||
|
switch codersdk.AuditAction(actionString) {
|
||||||
|
case codersdk.AuditActionCreate:
|
||||||
|
case codersdk.AuditActionWrite:
|
||||||
|
case codersdk.AuditActionDelete:
|
||||||
|
return actionString
|
||||||
|
default:
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|||||||
@ -112,6 +112,21 @@ func TestAuditLogsFilter(t *testing.T) {
|
|||||||
SearchQuery: "resource_id:" + userResourceID.String(),
|
SearchQuery: "resource_id:" + userResourceID.String(),
|
||||||
ExpectedResult: 2,
|
ExpectedResult: 2,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Name: "FilterInvalidSingleValue",
|
||||||
|
SearchQuery: "invalid",
|
||||||
|
ExpectedResult: 3,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "FilterWithInvalidResourceType",
|
||||||
|
SearchQuery: "resource_type:invalid",
|
||||||
|
ExpectedResult: 3,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "FilterWithInvalidAction",
|
||||||
|
SearchQuery: "action:invalid",
|
||||||
|
ExpectedResult: 3,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, testCase := range testCases {
|
for _, testCase := range testCases {
|
||||||
|
|||||||
Reference in New Issue
Block a user