feat: add audit logging database schema (#1225)

2025-07-03 16:13:58 +00:00 · 2022-05-02 14:30:46 -05:00
parent e4e60256ac
commit 81bef1c83e
11 changed files with 458 additions and 84 deletions
--- a/coderd/database/queries.sql.go
+++ b/coderd/database/queries.sql.go
@ -1,4 +1,6 @@
 // Code generated by sqlc. DO NOT EDIT.
+// versions:
+//   sqlc v1.13.0

 package database

@ -146,6 +148,130 @@ func (q *sqlQuerier) UpdateAPIKeyByID(ctx context.Context, arg UpdateAPIKeyByIDP
 	return err
 }

+const getAuditLogsBefore = `-- name: GetAuditLogsBefore :many
+SELECT
+	id, time, user_id, organization_id, ip, user_agent, resource_type, resource_id, resource_target, action, diff, status_code
+FROM
+	audit_logs
+WHERE
+	"time" < (SELECT "time" FROM audit_logs a WHERE a.id = $1)
+ORDER BY
+    "time" DESC
+LIMIT
+	$2
+`
+
+type GetAuditLogsBeforeParams struct {
+	ID       uuid.UUID `db:"id" json:"id"`
+	RowLimit int32     `db:"row_limit" json:"row_limit"`
+}
+
+// GetAuditLogsBefore retrieves `limit` number of audit logs before the provided
+// ID.
+func (q *sqlQuerier) GetAuditLogsBefore(ctx context.Context, arg GetAuditLogsBeforeParams) ([]AuditLog, error) {
+	rows, err := q.db.QueryContext(ctx, getAuditLogsBefore, arg.ID, arg.RowLimit)
+	if err != nil {
+		return nil, err
+	}
+	defer rows.Close()
+	var items []AuditLog
+	for rows.Next() {
+		var i AuditLog
+		if err := rows.Scan(
+			&i.ID,
+			&i.Time,
+			&i.UserID,
+			&i.OrganizationID,
+			&i.Ip,
+			&i.UserAgent,
+			&i.ResourceType,
+			&i.ResourceID,
+			&i.ResourceTarget,
+			&i.Action,
+			&i.Diff,
+			&i.StatusCode,
+		); err != nil {
+			return nil, err
+		}
+		items = append(items, i)
+	}
+	if err := rows.Close(); err != nil {
+		return nil, err
+	}
+	if err := rows.Err(); err != nil {
+		return nil, err
+	}
+	return items, nil
+}
+
+const insertAuditLog = `-- name: InsertAuditLog :one
+INSERT INTO
+	audit_logs (
+        id,
+        "time",
+        user_id,
+        organization_id,
+        ip,
+        user_agent,
+        resource_type,
+        resource_id,
+        resource_target,
+        action,
+        diff,
+        status_code
+    )
+VALUES
+	($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12) RETURNING id, time, user_id, organization_id, ip, user_agent, resource_type, resource_id, resource_target, action, diff, status_code
+`
+
+type InsertAuditLogParams struct {
+	ID             uuid.UUID       `db:"id" json:"id"`
+	Time           time.Time       `db:"time" json:"time"`
+	UserID         uuid.UUID       `db:"user_id" json:"user_id"`
+	OrganizationID uuid.UUID       `db:"organization_id" json:"organization_id"`
+	Ip             pqtype.CIDR     `db:"ip" json:"ip"`
+	UserAgent      string          `db:"user_agent" json:"user_agent"`
+	ResourceType   ResourceType    `db:"resource_type" json:"resource_type"`
+	ResourceID     uuid.UUID       `db:"resource_id" json:"resource_id"`
+	ResourceTarget string          `db:"resource_target" json:"resource_target"`
+	Action         AuditAction     `db:"action" json:"action"`
+	Diff           json.RawMessage `db:"diff" json:"diff"`
+	StatusCode     int32           `db:"status_code" json:"status_code"`
+}
+
+func (q *sqlQuerier) InsertAuditLog(ctx context.Context, arg InsertAuditLogParams) (AuditLog, error) {
+	row := q.db.QueryRowContext(ctx, insertAuditLog,
+		arg.ID,
+		arg.Time,
+		arg.UserID,
+		arg.OrganizationID,
+		arg.Ip,
+		arg.UserAgent,
+		arg.ResourceType,
+		arg.ResourceID,
+		arg.ResourceTarget,
+		arg.Action,
+		arg.Diff,
+		arg.StatusCode,
+	)
+	var i AuditLog
+	err := row.Scan(
+		&i.ID,
+		&i.Time,
+		&i.UserID,
+		&i.OrganizationID,
+		&i.Ip,
+		&i.UserAgent,
+		&i.ResourceType,
+		&i.ResourceID,
+		&i.ResourceTarget,
+		&i.Action,
+		&i.Diff,
+		&i.StatusCode,
+	)
+	return i, err
+}
+
 const getFileByHash = `-- name: GetFileByHash :one
 SELECT
 	hash, created_at, created_by, mimetype, data