nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

fix audit message
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-23 12:09:02 +11:00
parent 69a25fbb09
commit 4bc430633e
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
controllers/retrieveSecrets.go
View File

@@ -161,7 +161,7 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
UserId: UserId,
SecretId: results[i].SecretId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("User %s retrieved Secret Id %d", results[0].UserName, results[i].SecretId),
EventText: fmt.Sprintf("User %s retrieved SecretId %d", safeList[0].User.UserName, results[i].SecretId),
}
a.AuditLogAdd()
}

8
models/secret.go
View File

@@ -43,6 +43,7 @@ type SecretRestricted struct {
type UserSecret struct {
Secret
UserUserId int `db:"UserUserId"`
UserUserName string `db:"UserUserName"`
User
//Group
Permission
@@ -85,7 +86,7 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
// Query for group access
queryArgs := []interface{}{}
query := `
SELECT users.UserId AS UserUserId, permissions.*,
SELECT users.UserId AS UserUserId, users.UserName AS UserUserName, permissions.*,
secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName
FROM users
INNER JOIN groups ON users.GroupId = groups.GroupId
@@ -118,7 +119,7 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
// Query for user access
query += `
UNION
SELECT users.UserId AS UserUserId, permissions.*,
SELECT users.UserId AS UserUserId, users.UserName AS UserUserName, permissions.*,
secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName
FROM users
INNER JOIN permissions ON users.UserId = permissions.UserId
@@ -148,7 +149,7 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
}
// Execute the query
log.Printf("SecretsGetAllowed query string : '%s'\nArguments:%+v\n", query, queryArgs)
//log.Printf("SecretsGetAllowed query string : '%s'\nArguments:%+v\n", query, queryArgs)
rows, err := db.Queryx(query, queryArgs...)
if err != nil {
@@ -172,6 +173,7 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
// work around to get the UserId populated in the User field of the struct
r.User.UserId = r.UserUserId
r.User.UserName = r.UserUserName
// For debugging purposes
debugPrint := utils.PrintStructContents(&r, 0)