Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-02-19 02:21:21 +01:00
Code Issues Projects Releases Wiki Activity

[SM-1222] Add event and reference event logging to secrets sync (#4031)

Browse Source
This commit is contained in:
Thomas Avery 2024-05-01 12:31:58 -05:00 committed by GitHub
parent ebd88393c8
commit 29a69b76a4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/Api/SecretsManager/Controllers/SecretsController.cs
View File

@ -243,14 +243,7 @@ public class SecretsController : Controller
} }
} }
if (_currentContext.ClientType == ClientType.ServiceAccount) await LogSecretsRetrievalAsync(organizationId, secrets);
{
var userId = _userService.GetProperUserId(User).Value;
var org = await _organizationRepository.GetByIdAsync(organizationId);
await _eventService.LogServiceAccountSecretsEventAsync(userId, secrets, EventType.Secret_Retrieved);
await _referenceEventService.RaiseEventAsync(
new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org, _currentContext));
}
var responses = secrets.Select(s => new BaseSecretResponseModel(s)); var responses = secrets.Select(s => new BaseSecretResponseModel(s));
return new ListResponseModel<BaseSecretResponseModel>(responses); return new ListResponseModel<BaseSecretResponseModel>(responses);
@ -283,7 +276,25 @@ public class SecretsController : Controller
ServiceAccountId = serviceAccountId, ServiceAccountId = serviceAccountId,
LastSyncedDate = lastSyncedDate LastSyncedDate = lastSyncedDate
}; };
var (hasChanges, secrets) = await _secretsSyncQuery.GetAsync(syncRequest); var syncResult = await _secretsSyncQuery.GetAsync(syncRequest);
return new SecretsSyncResponseModel(hasChanges, secrets);
if (syncResult.HasChanges)
{
await LogSecretsRetrievalAsync(organizationId, syncResult.Secrets);
}
return new SecretsSyncResponseModel(syncResult.HasChanges, syncResult.Secrets);
}
private async Task LogSecretsRetrievalAsync(Guid organizationId, IEnumerable<Secret> secrets)
{
if (_currentContext.ClientType == ClientType.ServiceAccount)
{
var userId = _userService.GetProperUserId(User)!.Value;
var org = await _organizationRepository.GetByIdAsync(organizationId);
await _eventService.LogServiceAccountSecretsEventAsync(userId, secrets, EventType.Secret_Retrieved);
await _referenceEventService.RaiseEventAsync(
new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org, _currentContext));
}
} }
} }