feat: add audit logging database schema (#1225)

2025-07-03 16:13:58 +00:00 · 2022-05-02 14:30:46 -05:00
parent e4e60256ac
commit 81bef1c83e
11 changed files with 458 additions and 84 deletions
--- a/coderd/database/models.go
+++ b/coderd/database/models.go
@ -1,4 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.13.0

 package database

@ -12,6 +14,26 @@ import (
 	"github.com/tabbed/pqtype"
 )

+type AuditAction string
+
+const (
+	AuditActionCreate AuditAction = "create"
+	AuditActionWrite  AuditAction = "write"
+	AuditActionDelete AuditAction = "delete"
+)
+
+func (e *AuditAction) Scan(src interface{}) error {
+	switch s := src.(type) {
+	case []byte:
+		*e = AuditAction(s)
+	case string:
+		*e = AuditAction(s)
+	default:
+		return fmt.Errorf("unsupported scan type for AuditAction: %T", src)
+	}
+	return nil
+}
+
 type LogLevel string

 const (
@ -208,6 +230,28 @@ func (e *ProvisionerType) Scan(src interface{}) error {
 	return nil
 }

+type ResourceType string
+
+const (
+	ResourceTypeOrganization    ResourceType = "organization"
+	ResourceTypeTemplate        ResourceType = "template"
+	ResourceTypeTemplateVersion ResourceType = "template_version"
+	ResourceTypeUser            ResourceType = "user"
+	ResourceTypeWorkspace       ResourceType = "workspace"
+)
+
+func (e *ResourceType) Scan(src interface{}) error {
+	switch s := src.(type) {
+	case []byte:
+		*e = ResourceType(s)
+	case string:
+		*e = ResourceType(s)
+	default:
+		return fmt.Errorf("unsupported scan type for ResourceType: %T", src)
+	}
+	return nil
+}
+
 type UserStatus string

 const (
@ -262,6 +306,21 @@ type APIKey struct {
 	OAuthExpiry       time.Time `db:"oauth_expiry" json:"oauth_expiry"`
 }

+type AuditLog struct {
+	ID             uuid.UUID       `db:"id" json:"id"`
+	Time           time.Time       `db:"time" json:"time"`
+	UserID         uuid.UUID       `db:"user_id" json:"user_id"`
+	OrganizationID uuid.UUID       `db:"organization_id" json:"organization_id"`
+	Ip             pqtype.CIDR     `db:"ip" json:"ip"`
+	UserAgent      string          `db:"user_agent" json:"user_agent"`
+	ResourceType   ResourceType    `db:"resource_type" json:"resource_type"`
+	ResourceID     uuid.UUID       `db:"resource_id" json:"resource_id"`
+	ResourceTarget string          `db:"resource_target" json:"resource_target"`
+	Action         AuditAction     `db:"action" json:"action"`
+	Diff           json.RawMessage `db:"diff" json:"diff"`
+	StatusCode     int32           `db:"status_code" json:"status_code"`
+}
+
 type File struct {
 	Hash      string    `db:"hash" json:"hash"`
 	CreatedAt time.Time `db:"created_at" json:"created_at"`