Correct logging references

2025-03-25 14:05:03 +00:00 · 2023-01-09 10:27:36 +07:00
parent 35d23cf55c
commit bd5dad71d4
3 changed files with 25 additions and 61 deletions
--- a/backend/src/controllers/v2/secretsController.ts
+++ b/backend/src/controllers/v2/secretsController.ts
@ -13,6 +13,7 @@ import {
 import { ValidationError } from '../../utils/errors';
 import { EESecretService, EELogService } from '../../ee/services';
 import { postHogClient } from '../../services';
+import { BadRequestError } from '../../utils/errors';

 /**
 * Create secret(s) for workspace with id [workspaceId] and environment [environment]
@ -124,7 +125,7 @@ export const createSecrets = async (req: Request, res: Response) => {

    if (postHogClient) {
        postHogClient.capture({
-            event: 'secrets deleted',
+            event: 'secrets added',
            distinctId: req.user.email,
            properties: {
                numberOfSecrets: toAdd.length,
@ -190,6 +191,20 @@ export const getSecrets = async (req: Request, res: Response) => {
        channel,
        ipAddress: req.ip
    });
+
+    if (postHogClient) {
+        postHogClient.capture({
+            event: 'secrets deleted',
+            distinctId: req.user.email,
+            properties: {
+                numberOfSecrets: secrets.length,
+                environment,
+                workspaceId,
+                channel,
+                userAgent: req.headers?.['user-agent']
+            }
+        });
+    }
    
    return res.status(200).send({
        secrets
@ -197,13 +212,12 @@ export const getSecrets = async (req: Request, res: Response) => {
 }

 /**
- * Update secret(s) in workspace with id [workspaceId] and environment [environment]
+ * Update secret(s)
 * @param req 
 * @param res 
 */
 export const updateSecrets = async (req: Request, res: Response) => {
    const channel = req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli'; 
-    const { workspaceId, environment } = req.body;
    
    // TODO: move type
    interface PatchSecret {
@ -257,7 +271,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
            }
        });
    });
-    const b = await Secret.bulkWrite(ops);
+    await Secret.bulkWrite(ops);
    
    let newSecretsObj: { [key: string]: PatchSecret } = {};
    req.body.secrets.forEach((secret: PatchSecret) => {
@ -320,7 +334,7 @@ export const updateSecrets = async (req: Request, res: Response) => {

    Object.keys(workspaceSecretObj).forEach(async (key) => {
        const updateAction = await EELogService.createActionSecret({
-            name: ACTION_DELETE_SECRETS,
+            name: ACTION_UPDATE_SECRETS,
            userId: req.user._id.toString(),
            workspaceId: key,
            secretIds: workspaceSecretObj[key].map((secret: ISecret) => secret._id)
@ -342,7 +356,7 @@ export const updateSecrets = async (req: Request, res: Response) => {

        if (postHogClient) {
            postHogClient.capture({
-                event: 'secrets deleted',
+                event: 'secrets modified',
                distinctId: req.user.email,
                properties: {
                    numberOfSecrets: workspaceSecretObj[key].length,
@ -354,41 +368,6 @@ export const updateSecrets = async (req: Request, res: Response) => {
            });
        }
    });
-
-    const updateAction = await EELogService.createActionSecret({
-        name: ACTION_UPDATE_SECRETS,
-        userId: req.user._id.toString(),
-        workspaceId,
-        secretIds: req.secrets.map((secret: ISecret) => secret._id)
-    });
-
-    // (EE) create (audit) log
-    updateAction && await EELogService.createLog({
-        userId: req.user._id.toString(),
-        workspaceId,
-        actions: [updateAction],
-        channel,
-        ipAddress: req.ip
-    });
-
-    // (EE) take a secret snapshot
-    await EESecretService.takeSecretSnapshot({
-        workspaceId
-    });
-
-    if (postHogClient) {
-        postHogClient.capture({
-            event: 'secrets modified',
-            distinctId: req.user.email,
-            properties: {
-                numberOfSecrets: req.secrets.length,
-                environment,
-                workspaceId,
-                channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli',
-                userAgent: req.headers?.['user-agent']
-            }
-        });
-    }
    
    return res.status(200).send({
        secrets: await Secret.find({
@ -400,7 +379,7 @@ export const updateSecrets = async (req: Request, res: Response) => {
 }

 /**
- * Delete secret(s) in workspace with id [workspaceId] and environment [environment]
+ * Delete secret(s) with id [workspaceId] and environment [environment]
 * @param req 
 * @param res 
 */
--- a/backend/src/ee/models/secretVersion.ts
+++ b/backend/src/ee/models/secretVersion.ts
@ -8,15 +8,6 @@ import {
 	ENV_PROD
 } from '../../variables';

-/**
- * TODO: 
- * 1. Modify SecretVersion to also contain XX
- * - type
- * - user
- * - environment
- * 2. Modify SecretSnapshot to point to arrays of SecretVersion
- */
-
 export interface ISecretVersion {
    _id?: Types.ObjectId;
    secret: Types.ObjectId;
--- a/backend/src/routes/v2/secrets.ts
+++ b/backend/src/routes/v2/secrets.ts
@ -36,7 +36,7 @@ router.post(
                        !secret.secretValueIV ||
                        !secret.secretValueTag
                    ) {
-                        throw new Error('secrets array must contain objects that conform to the Secret interface');
+                        throw new Error('secrets array must contain objects that have required secret properties');
                    }
                }
            } else if (typeof value === 'object') {
@ -51,7 +51,7 @@ router.post(
                    !value.secretValueIV ||
                    !value.secretValueTag
                ) {
-                    throw new Error('secrets array must contain objects that conform to the Secret interface');
+                    throw new Error('secrets object is missing required secret properties');
                } 
            } else {
                throw new Error('secrets must be an object or an array of objects')
@ -87,8 +87,6 @@ router.get(

 router.patch(
    '/',
-    body('workspaceId').exists().trim(),
-    body('environment').exists().trim().isIn(['dev', 'staging', 'prod', 'test']),
    body('secrets')
        .exists()
        .custom((value) => {
@ -105,7 +103,7 @@ router.patch(
                        !secret.secretValueIV ||
                        !secret.secretValueTag
                    ) {
-                        throw new Error('secrets array must contain objects that conform to the Secret interface');
+                        throw new Error('secrets array must contain objects that have required secret properties');
                    }
                }
            } else if (typeof value === 'object') {
@ -119,7 +117,7 @@ router.patch(
                    !value.secretValueIV ||
                    !value.secretValueTag
                ) {
-                    throw new Error('secrets array must contain objects that conform to the Secret interface');
+                    throw new Error('secrets object is missing required secret properties');
                } 
            } else {
                throw new Error('secrets must be an object or an array of objects')
@ -131,10 +129,6 @@ router.patch(
    requireAuth({
        acceptedAuthModes: ['jwt']
    }),
-    requireWorkspaceAuth({
-        acceptedRoles: [ADMIN, MEMBER],
-        location: 'body'
-    }),
    requireSecretsAuth({
        acceptedRoles: [ADMIN, MEMBER]
    }),