From f6a25448395742dece97eca1878a57a4e7fd1eb4 Mon Sep 17 00:00:00 2001
From: Nathan Coad <nathan@thecoads.com>
Date: Mon, 15 Jan 2024 11:25:45 +1100
Subject: [PATCH] more audit records

---
 controllers/auth.go         | 15 +++++++++++++++
 controllers/storeSecrets.go | 21 +++++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/controllers/auth.go b/controllers/auth.go
index 3d912fe..d1f3245 100644
--- a/controllers/auth.go
+++ b/controllers/auth.go
@@ -41,12 +41,20 @@ type AddRoleInput struct {
 
 func DeleteUser(c *gin.Context) {
 	var input DeleteInput
+	var RequestingUserId int
 
 	if err := c.ShouldBindJSON(&input); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
 
+	if val, ok := c.Get("user-id"); !ok {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
+		return
+	} else {
+		RequestingUserId = val.(int)
+	}
+
 	u := models.User{}
 	u.UserName = input.UserName
 
@@ -69,6 +77,13 @@ func DeleteUser(c *gin.Context) {
 			return
 		}
 
+		// Create audit record
+		a := models.Audit{
+			UserId:    RequestingUserId,
+			EventText: fmt.Sprintf("Deleted User Id %d", testUser.UserId),
+		}
+		a.AuditAdd()
+
 		c.JSON(http.StatusOK, gin.H{"message": "user deletion success"})
 	}
 }
diff --git a/controllers/storeSecrets.go b/controllers/storeSecrets.go
index 29ad3a2..45f2cf9 100644
--- a/controllers/storeSecrets.go
+++ b/controllers/storeSecrets.go
@@ -143,6 +143,13 @@ func StoreSecret(c *gin.Context) {
 		return
 	}
 
+	// Create audit record
+	a := models.Audit{
+		UserId:    UserId,
+		EventText: fmt.Sprintf("Created Secret Id %d", s.SecretId),
+	}
+	a.AuditAdd()
+
 	c.JSON(http.StatusOK, gin.H{"message": "secret stored successfully", "data": models.SecretRestricted(s)})
 }
 
@@ -357,6 +364,13 @@ func UpdateSecret(c *gin.Context) {
 			return
 		}
 
+		// Create audit record
+		a := models.Audit{
+			UserId:    UserId,
+			EventText: fmt.Sprintf("Updated Secret Id %d", s.SecretId),
+		}
+		a.AuditAdd()
+
 		c.JSON(http.StatusOK, gin.H{"message": "secret updated successfully", "data": models.SecretRestricted(s)})
 	} else {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "multiple secrets matched search parameters, be more specific"})
@@ -436,6 +450,13 @@ func DeleteSecret(c *gin.Context) {
 			return
 		}
 
+		// Create audit record
+		a := models.Audit{
+			UserId:    UserId,
+			EventText: fmt.Sprintf("Deleted Secret Id %d", s.SecretId),
+		}
+		a.AuditAdd()
+
 		c.JSON(http.StatusOK, gin.H{"message": "secret deleted successfully"})
 	} else {
 		errString := "multiple secrets matched search parameters, be more specific"