add client IP to audit logs

2024-01-19 10:56:37 +11:00
parent 317e0ab83d
commit 8799f0f796
6 changed files with 32 additions and 12 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@@ -80,9 +80,10 @@ func DeleteUser(c *gin.Context) {
 		// Create audit record
 		a := models.Audit{
 			UserId:    RequestingUserId,
 			IpAddress: c.ClientIP(),
 			EventText: fmt.Sprintf("Deleted User Id %d", testUser.UserId),
 		}
-		a.AutidLogAdd()
+		a.AuditLogAdd()
 		c.JSON(http.StatusOK, gin.H{"message": "user deletion success"})
 	}
@@ -181,9 +182,10 @@ func AddUser(c *gin.Context) {
 	// Create audit record
 	a := models.Audit{
 		UserId:    RequestingUserId,
 		IpAddress: c.ClientIP(),
 		EventText: fmt.Sprintf("Created User Id %d", u.UserId),
 	}
-	a.AutidLogAdd()
+	a.AuditLogAdd()
 	c.JSON(http.StatusOK, gin.H{"message": "user registration success", "data": u})
 }
--- a/controllers/retrieveSecrets.go
+++ b/controllers/retrieveSecrets.go
@@ -163,9 +163,10 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
 		a := models.Audit{
 			UserId:    UserId,
 			SecretId:  results[0].SecretId,
 			IpAddress: c.ClientIP(),
 			EventText: fmt.Sprintf("Retrieved Secret Id %d", results[0].SecretId),
 		}
-		a.AutidLogAdd()
+		a.AuditLogAdd()
 		// output results as json
 		c.JSON(http.StatusOK, gin.H{"message": "success", "data": results})
@@ -209,9 +210,10 @@ func ListSecrets(c *gin.Context) {
 	// Create audit record
 	a := models.Audit{
 		UserId:    UserId,
 		IpAddress: c.ClientIP(),
 		EventText: fmt.Sprintf("Listed %d secrets accessible to user", len(output)),
 	}
-	a.AutidLogAdd()
+	a.AuditLogAdd()
 	// output results as json
 	c.JSON(http.StatusOK, gin.H{"message": "success", "data": output})
--- a/controllers/storeSecrets.go
+++ b/controllers/storeSecrets.go
@@ -148,9 +148,10 @@ func StoreSecret(c *gin.Context) {
 	a := models.Audit{
 		UserId:    UserId,
 		SecretId:  s.SecretId,
 		IpAddress: c.ClientIP(),
 		EventText: fmt.Sprintf("Created Secret Id %d", s.SecretId),
 	}
-	a.AutidLogAdd()
+	a.AuditLogAdd()
 	c.JSON(http.StatusOK, gin.H{"message": "secret stored successfully", "data": models.SecretRestricted(s)})
 }
@@ -360,9 +361,10 @@ func UpdateSecret(c *gin.Context) {
 		a := models.Audit{
 			UserId:    UserId,
 			SecretId:  s.SecretId,
 			IpAddress: c.ClientIP(),
 			EventText: fmt.Sprintf("Updated Secret Id %d", s.SecretId),
 		}
-		a.AutidLogAdd()
+		a.AuditLogAdd()
 		c.JSON(http.StatusOK, gin.H{"message": "secret updated successfully", "data": models.SecretRestricted(s)})
 	} else {
@@ -451,9 +453,10 @@ func DeleteSecret(c *gin.Context) {
 		a := models.Audit{
 			UserId:    UserId,
 			SecretId:  s.SecretId,
 			IpAddress: c.ClientIP(),
 			EventText: fmt.Sprintf("Deleted Secret Id %d", s.SecretId),
 		}
-		a.AutidLogAdd()
+		a.AuditLogAdd()
 		c.JSON(http.StatusOK, gin.H{"message": "secret deleted successfully"})
 	} else {
--- a/models/audit.go
+++ b/models/audit.go
@@ -12,10 +12,11 @@ type Audit struct {
 	SecretId  int       `db:"SecretId" json:"secretId"`
 	EventText string    `db:"EventText" json:"eventText"`
 	EventTime time.Time `db:"EventTime" json:"eventTime"`
 	IpAddress string    `db:"IpAddress" json:"ipAddress"`
 }
-// AutidLogAdd adds a new audit record to the database
+// AuditLogAdd adds a new audit record to the database
-func (a *Audit) AutidLogAdd() (*Audit, error) {
+func (a *Audit) AuditLogAdd() (*Audit, error) {
 	var err error
 	// Populate timestamp field if not already set
@@ -23,16 +24,16 @@ func (a *Audit) AutidLogAdd() (*Audit, error) {
 		a.EventTime = time.Now().UTC()
 	}
-	result, err := db.NamedExec(("INSERT INTO audit (UserId, SecretId, EventText, EventTime) VALUES (:UserId, :SecretId, :EventText, :EventTime);"), a)
+	result, err := db.NamedExec(("INSERT INTO audit (UserId, SecretId, EventText, EventTime, IpAddress) VALUES (:UserId, :SecretId, :EventText, :EventTime, :IpAddress);"), a)
 	if err != nil {
-		log.Printf("AutidLogAdd error executing sql record : '%s'\n", err)
+		log.Printf("AuditLogAdd error executing sql record : '%s'\n", err)
 		return &Audit{}, err
 	} else {
 		affected, _ := result.RowsAffected()
 		id, _ := result.LastInsertId()
 		a.AuditId = int(id)
-		log.Printf("AutidLogAdd insert returned result id '%d' affecting %d row(s).\n", id, affected)
+		log.Printf("AuditLogAdd insert returned result id '%d' affecting %d row(s).\n", id, affected)
 	}
 	return a, nil
--- a/models/db.go
+++ b/models/db.go
@@ -86,6 +86,7 @@ const createAudit string = `
 		UserId INTEGER DEFAULT 0,
 		SecretId INTEGER DEFAULT 0,
 		EventText VARCHAR,
 		IpAddress VARCHAR,
 		EventTime datetime
 	);
 `
@@ -394,6 +395,17 @@ func CreateTables() {
 			os.Exit(1)
 		}
 	}
 	// Add IpAddress column to audit table
 	auditIPCheck, _ := CheckColumnExists("audit", "IpAddress")
 	if !auditIPCheck {
 		// Add the column for LdapGroup in the roles table
 		_, err := db.Exec("ALTER TABLE audit ADD COLUMN IpAddress VARCHAR;")
 		if err != nil {
 			log.Printf("Error altering audit table to add IpAddress column : '%s'\n", err)
 			os.Exit(1)
 		}
 	}
 }
 // Count the number of records in the sqlite database
--- a/www/database.png
+++ b/www/database.png