[SM-680] Add reference event logging to secrets (#2824)

* Add reference event logging to secrets * Change to IHostEnvironment * Fix namespace for ef service collection
3 years ago · 60fcc79f97
5 changed files with 21 additions and 3 deletions
--- a/src/Api/SecretsManager/Controllers/SecretsController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsController.cs
@ -5,6 +5,8 @@ using Bit.Core.Context;
				@@ -5,6 +5,8 @@ using Bit.Core.Context;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Identity;
+using Bit.Core.Models.Business;
+using Bit.Core.Repositories;
 using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
 using Bit.Core.SecretsManager.Entities;
 using Bit.Core.SecretsManager.Repositories;
@ -21,30 +23,37 @@ public class SecretsController : Controller
				@@ -21,30 +23,37 @@ public class SecretsController : Controller
    private readonly ICurrentContext _currentContext;
    private readonly IProjectRepository _projectRepository;
    private readonly ISecretRepository _secretRepository;
+    private readonly IOrganizationRepository _organizationRepository;
    private readonly ICreateSecretCommand _createSecretCommand;
    private readonly IUpdateSecretCommand _updateSecretCommand;
    private readonly IDeleteSecretCommand _deleteSecretCommand;
    private readonly IUserService _userService;
    private readonly IEventService _eventService;
+    private readonly IReferenceEventService _referenceEventService;

    public SecretsController(
        ICurrentContext currentContext,
        IProjectRepository projectRepository,
        ISecretRepository secretRepository,
+        IOrganizationRepository organizationRepository,
        ICreateSecretCommand createSecretCommand,
        IUpdateSecretCommand updateSecretCommand,
        IDeleteSecretCommand deleteSecretCommand,
        IUserService userService,
-        IEventService eventService)
+        IEventService eventService,
+        IReferenceEventService referenceEventService)
    {
        _currentContext = currentContext;
        _projectRepository = projectRepository;
        _secretRepository = secretRepository;
+        _organizationRepository = organizationRepository;
        _createSecretCommand = createSecretCommand;
        _updateSecretCommand = updateSecretCommand;
        _deleteSecretCommand = deleteSecretCommand;
        _userService = userService;
        _eventService = eventService;
+        _referenceEventService = referenceEventService;
+
    }

    [HttpGet("organizations/{organizationId}/secrets")]
@ -96,6 +105,9 @@ public class SecretsController : Controller
				@@ -96,6 +105,9 @@ public class SecretsController : Controller
        {
            var userId = _userService.GetProperUserId(User).Value;
            await _eventService.LogServiceAccountSecretEventAsync(userId, secret, EventType.Secret_Retrieved);
+
+            var org = await _organizationRepository.GetByIdAsync(secret.OrganizationId);
+            await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org));
        }

        return new SecretResponseModel(secret);
--- a/src/Core/Enums/ReferenceEventType.cs
+++ b/src/Core/Enums/ReferenceEventType.cs
@ -39,5 +39,7 @@ public enum ReferenceEventType
				@@ -39,5 +39,7 @@ public enum ReferenceEventType
    [EnumMember(Value = "collection-created")]
    CollectionCreated,
    [EnumMember(Value = "organization-edited-by-admin")]
-    OrganizationEditedByAdmin
+    OrganizationEditedByAdmin,
+    [EnumMember(Value = "sm-service-account-accessed-secret")]
+    SmServiceAccountAccessedSecret,
 }
--- a/src/Infrastructure.EntityFramework/EntityFrameworkServiceCollectionExtensions.cs
+++ b/src/Infrastructure.EntityFramework/EntityFrameworkServiceCollectionExtensions.cs
@ -9,6 +9,8 @@ using LinqToDB.EntityFrameworkCore;
				@@ -9,6 +9,8 @@ using LinqToDB.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.DependencyInjection;

+namespace Bit.Infrastructure.EntityFramework;
+
 public static class EntityFrameworkServiceCollectionExtensions
 {
    public static void SetupEntityFramework(this IServiceCollection services, string connectionString, SupportedDatabaseProviders provider)
--- a/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
+++ b/src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
@ -18,6 +18,7 @@ using Bit.Core.Tokens;
				@@ -18,6 +18,7 @@ using Bit.Core.Tokens;
 using Bit.Core.Utilities;
 using Bit.Core.Vault.Services;
 using Bit.Infrastructure.Dapper;
+using Bit.Infrastructure.EntityFramework;
 using IdentityModel;
 using IdentityServer4.AccessTokenValidation;
 using IdentityServer4.Configuration;
@ -463,7 +464,7 @@ public static class ServiceCollectionExtensions
				@@ -463,7 +464,7 @@ public static class ServiceCollectionExtensions
    }

    public static GlobalSettings AddGlobalSettingsServices(this IServiceCollection services,
-        IConfiguration configuration, IWebHostEnvironment environment)
+        IConfiguration configuration, IHostEnvironment environment)
    {
        var globalSettings = new GlobalSettings();
        ConfigurationBinder.Bind(configuration.GetSection("GlobalSettings"), globalSettings);
--- a/test/Infrastructure.IntegrationTest/DatabaseDataAttribute.cs
+++ b/test/Infrastructure.IntegrationTest/DatabaseDataAttribute.cs
@ -2,6 +2,7 @@
				@@ -2,6 +2,7 @@
 using Bit.Core.Enums;
 using Bit.Core.Settings;
 using Bit.Infrastructure.Dapper;
+using Bit.Infrastructure.EntityFramework;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;