From a3dccee243a669fa860e0be9bdd21fda47184911 Mon Sep 17 00:00:00 2001 From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> Date: Tue, 28 Jan 2025 11:25:53 +0100 Subject: [PATCH] add and use new event types (#5482) * add additional event_types * use correct event_type when leaving an org * use correct event type when deleting a user * also correctly log auth requests * add correct membership info to event log --- src/api/admin.rs | 2 +- src/api/core/accounts.rs | 26 ++++++++++++++++++++++++++ src/api/core/events.rs | 9 +++++---- src/api/core/organizations.rs | 2 +- src/db/models/event.rs | 15 +++++++++++++++ 5 files changed, 48 insertions(+), 6 deletions(-) diff --git a/src/api/admin.rs b/src/api/admin.rs index a5a12e8a..b3e703d9 100644 --- a/src/api/admin.rs +++ b/src/api/admin.rs @@ -403,7 +403,7 @@ async fn delete_user(user_id: UserId, token: AdminToken, mut conn: DbConn) -> Em for membership in memberships { log_event( - EventType::OrganizationUserRemoved as i32, + EventType::OrganizationUserDeleted as i32, &membership.uuid, &membership.org_uuid, &ACTING_ADMIN_USER.into(), diff --git a/src/api/core/accounts.rs b/src/api/core/accounts.rs index 473c0c86..3c573811 100644 --- a/src/api/core/accounts.rs +++ b/src/api/core/accounts.rs @@ -1206,6 +1206,15 @@ async fn post_auth_request( nt.send_auth_request(&user.uuid, &auth_request.uuid, &data.device_identifier, &mut conn).await; + log_user_event( + EventType::UserRequestedDeviceApproval as i32, + &user.uuid, + client_headers.device_type, + &client_headers.ip.ip, + &mut conn, + ) + .await; + Ok(Json(json!({ "id": auth_request.uuid, "publicKey": auth_request.public_key, @@ -1287,9 +1296,26 @@ async fn put_auth_request( ant.send_auth_response(&auth_request.user_uuid, &auth_request.uuid).await; nt.send_auth_response(&auth_request.user_uuid, &auth_request.uuid, &data.device_identifier, &mut conn).await; + + log_user_event( + EventType::OrganizationUserApprovedAuthRequest as i32, + &headers.user.uuid, + headers.device.atype, + &headers.ip.ip, + &mut conn, + ) + .await; } else { // If denied, there's no reason to keep the request auth_request.delete(&mut conn).await?; + log_user_event( + EventType::OrganizationUserRejectedAuthRequest as i32, + &headers.user.uuid, + headers.device.atype, + &headers.ip.ip, + &mut conn, + ) + .await; } Ok(Json(json!({ diff --git a/src/api/core/events.rs b/src/api/core/events.rs index 012f46cc..3a7d41f0 100644 --- a/src/api/core/events.rs +++ b/src/api/core/events.rs @@ -245,8 +245,8 @@ async fn _log_user_event( ip: &IpAddr, conn: &mut DbConn, ) { - let orgs = Membership::get_orgs_by_user(user_id, conn).await; - let mut events: Vec = Vec::with_capacity(orgs.len() + 1); // We need an event per org and one without an org + let memberships = Membership::find_by_user(user_id, conn).await; + let mut events: Vec = Vec::with_capacity(memberships.len() + 1); // We need an event per org and one without an org // Upstream saves the event also without any org_id. let mut event = Event::new(event_type, event_date); @@ -257,10 +257,11 @@ async fn _log_user_event( events.push(event); // For each org a user is a member of store these events per org - for org_id in orgs { + for membership in memberships { let mut event = Event::new(event_type, event_date); event.user_uuid = Some(user_id.clone()); - event.org_uuid = Some(org_id); + event.org_uuid = Some(membership.org_uuid); + event.org_user_uuid = Some(membership.uuid); event.act_user_uuid = Some(user_id.clone()); event.device_type = Some(device_type); event.ip_address = Some(ip.to_string()); diff --git a/src/api/core/organizations.rs b/src/api/core/organizations.rs index c610f5b5..08305839 100644 --- a/src/api/core/organizations.rs +++ b/src/api/core/organizations.rs @@ -251,7 +251,7 @@ async fn leave_organization(org_id: OrganizationId, headers: Headers, mut conn: } log_event( - EventType::OrganizationUserRemoved as i32, + EventType::OrganizationUserLeft as i32, &member.uuid, &org_id, &headers.user.uuid, diff --git a/src/db/models/event.rs b/src/db/models/event.rs index 5fea7160..ed4582b1 100644 --- a/src/db/models/event.rs +++ b/src/db/models/event.rs @@ -49,6 +49,8 @@ pub enum EventType { UserClientExportedVault = 1007, // UserUpdatedTempPassword = 1008, // Not supported // UserMigratedKeyToKeyConnector = 1009, // Not supported + UserRequestedDeviceApproval = 1010, + // UserTdeOffboardingPasswordSet = 1011, // Not supported // Cipher CipherCreated = 1100, @@ -69,6 +71,7 @@ pub enum EventType { CipherSoftDeleted = 1115, CipherRestored = 1116, CipherClientToggledCardNumberVisible = 1117, + CipherClientToggledTOTPSeedVisible = 1118, // Collection CollectionCreated = 1300, @@ -94,6 +97,10 @@ pub enum EventType { // OrganizationUserFirstSsoLogin = 1510, // Not supported OrganizationUserRevoked = 1511, OrganizationUserRestored = 1512, + OrganizationUserApprovedAuthRequest = 1513, + OrganizationUserRejectedAuthRequest = 1514, + OrganizationUserDeleted = 1515, + OrganizationUserLeft = 1516, // Organization OrganizationUpdated = 1600, @@ -105,6 +112,7 @@ pub enum EventType { // OrganizationEnabledKeyConnector = 1606, // Not supported // OrganizationDisabledKeyConnector = 1607, // Not supported // OrganizationSponsorshipsSynced = 1608, // Not supported + // OrganizationCollectionManagementUpdated = 1609, // Not supported // Policy PolicyUpdated = 1700, @@ -117,6 +125,13 @@ pub enum EventType { // ProviderOrganizationAdded = 1901, // Not supported // ProviderOrganizationRemoved = 1902, // Not supported // ProviderOrganizationVaultAccessed = 1903, // Not supported + + // OrganizationDomainAdded = 2000, // Not supported + // OrganizationDomainRemoved = 2001, // Not supported + // OrganizationDomainVerified = 2002, // Not supported + // OrganizationDomainNotVerified = 2003, // Not supported + + // SecretRetrieved = 2100, // Not supported } /// Local methods