GitHub-Bitwarden
/
server
mirror of https://github.com/bitwarden/server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

[SM-680] Add reference event logging to secrets (#2824) 

* Add reference event logging to secrets

* Change to IHostEnvironment

* Fix namespace for ef service collection
pull/2831/head
Oscar Hinton 3 years ago committed by GitHub
parent
7da272dae8
commit
60fcc79f97
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 21 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      src/Api/SecretsManager/Controllers/SecretsController.cs
  2. 4
      src/Core/Enums/ReferenceEventType.cs
  3. 2
      src/Infrastructure.EntityFramework/EntityFrameworkServiceCollectionExtensions.cs
  4. 3
      src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
  5. 1
      test/Infrastructure.IntegrationTest/DatabaseDataAttribute.cs

14
src/Api/SecretsManager/Controllers/SecretsController.cs
Unescape View File

@ -5,6 +5,8 @@ using Bit.Core.Context;
using Bit.Core.Enums; using Bit.Core.Enums;
using Bit.Core.Exceptions; using Bit.Core.Exceptions;
using Bit.Core.Identity; using Bit.Core.Identity;
using Bit.Core.Models.Business;
using Bit.Core.Repositories;
using Bit.Core.SecretsManager.Commands.Secrets.Interfaces; using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
using Bit.Core.SecretsManager.Entities; using Bit.Core.SecretsManager.Entities;
using Bit.Core.SecretsManager.Repositories; using Bit.Core.SecretsManager.Repositories;
@ -21,30 +23,37 @@ public class SecretsController : Controller
private readonly ICurrentContext _currentContext; private readonly ICurrentContext _currentContext;
private readonly IProjectRepository _projectRepository; private readonly IProjectRepository _projectRepository;
private readonly ISecretRepository _secretRepository; private readonly ISecretRepository _secretRepository;
private readonly IOrganizationRepository _organizationRepository;
private readonly ICreateSecretCommand _createSecretCommand; private readonly ICreateSecretCommand _createSecretCommand;
private readonly IUpdateSecretCommand _updateSecretCommand; private readonly IUpdateSecretCommand _updateSecretCommand;
private readonly IDeleteSecretCommand _deleteSecretCommand; private readonly IDeleteSecretCommand _deleteSecretCommand;
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly IEventService _eventService; private readonly IEventService _eventService;
private readonly IReferenceEventService _referenceEventService;
public SecretsController( public SecretsController(
ICurrentContext currentContext, ICurrentContext currentContext,
IProjectRepository projectRepository, IProjectRepository projectRepository,
ISecretRepository secretRepository, ISecretRepository secretRepository,
IOrganizationRepository organizationRepository,
ICreateSecretCommand createSecretCommand, ICreateSecretCommand createSecretCommand,
IUpdateSecretCommand updateSecretCommand, IUpdateSecretCommand updateSecretCommand,
IDeleteSecretCommand deleteSecretCommand, IDeleteSecretCommand deleteSecretCommand,
IUserService userService, IUserService userService,
IEventService eventService) IEventService eventService,
IReferenceEventService referenceEventService)
{ {
_currentContext = currentContext; _currentContext = currentContext;
_projectRepository = projectRepository; _projectRepository = projectRepository;
_secretRepository = secretRepository; _secretRepository = secretRepository;
_organizationRepository = organizationRepository;
_createSecretCommand = createSecretCommand; _createSecretCommand = createSecretCommand;
_updateSecretCommand = updateSecretCommand; _updateSecretCommand = updateSecretCommand;
_deleteSecretCommand = deleteSecretCommand; _deleteSecretCommand = deleteSecretCommand;
_userService = userService; _userService = userService;
_eventService = eventService; _eventService = eventService;
_referenceEventService = referenceEventService;
} }
[HttpGet("organizations/{organizationId}/secrets")] [HttpGet("organizations/{organizationId}/secrets")]
@ -96,6 +105,9 @@ public class SecretsController : Controller
{ {
var userId = _userService.GetProperUserId(User).Value; var userId = _userService.GetProperUserId(User).Value;
await _eventService.LogServiceAccountSecretEventAsync(userId, secret, EventType.Secret_Retrieved); await _eventService.LogServiceAccountSecretEventAsync(userId, secret, EventType.Secret_Retrieved);
var org = await _organizationRepository.GetByIdAsync(secret.OrganizationId);
await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org));
} }
return new SecretResponseModel(secret); return new SecretResponseModel(secret);

4
src/Core/Enums/ReferenceEventType.cs
Unescape View File

@ -39,5 +39,7 @@ public enum ReferenceEventType
[EnumMember(Value = "collection-created")] [EnumMember(Value = "collection-created")]
CollectionCreated, CollectionCreated,
[EnumMember(Value = "organization-edited-by-admin")] [EnumMember(Value = "organization-edited-by-admin")]
OrganizationEditedByAdmin OrganizationEditedByAdmin,
[EnumMember(Value = "sm-service-account-accessed-secret")]
SmServiceAccountAccessedSecret,
} }

2
src/Infrastructure.EntityFramework/EntityFrameworkServiceCollectionExtensions.cs
Unescape View File

@ -9,6 +9,8 @@ using LinqToDB.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
namespace Bit.Infrastructure.EntityFramework;
public static class EntityFrameworkServiceCollectionExtensions public static class EntityFrameworkServiceCollectionExtensions
{ {
public static void SetupEntityFramework(this IServiceCollection services, string connectionString, SupportedDatabaseProviders provider) public static void SetupEntityFramework(this IServiceCollection services, string connectionString, SupportedDatabaseProviders provider)

3
src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
Unescape View File

@ -18,6 +18,7 @@ using Bit.Core.Tokens;
using Bit.Core.Utilities; using Bit.Core.Utilities;
using Bit.Core.Vault.Services; using Bit.Core.Vault.Services;
using Bit.Infrastructure.Dapper; using Bit.Infrastructure.Dapper;
using Bit.Infrastructure.EntityFramework;
using IdentityModel; using IdentityModel;
using IdentityServer4.AccessTokenValidation; using IdentityServer4.AccessTokenValidation;
using IdentityServer4.Configuration; using IdentityServer4.Configuration;
@ -463,7 +464,7 @@ public static class ServiceCollectionExtensions
} }
public static GlobalSettings AddGlobalSettingsServices(this IServiceCollection services, public static GlobalSettings AddGlobalSettingsServices(this IServiceCollection services,
IConfiguration configuration, IWebHostEnvironment environment) IConfiguration configuration, IHostEnvironment environment)
{ {
var globalSettings = new GlobalSettings(); var globalSettings = new GlobalSettings();
ConfigurationBinder.Bind(configuration.GetSection("GlobalSettings"), globalSettings); ConfigurationBinder.Bind(configuration.GetSection("GlobalSettings"), globalSettings);

1
test/Infrastructure.IntegrationTest/DatabaseDataAttribute.cs
Unescape View File

@ -2,6 +2,7 @@
using Bit.Core.Enums; using Bit.Core.Enums;
using Bit.Core.Settings; using Bit.Core.Settings;
using Bit.Infrastructure.Dapper; using Bit.Infrastructure.Dapper;
using Bit.Infrastructure.EntityFramework;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;

Write Preview
Loading…
Cancel
Save