Audit date filter/kira pilot (#4845)

Kira-Pilot · deansheather · web-flow · commit a73dd4f45d4e · 2022-11-03T11:04:36.000-04:00
* sql query

* added time_to

* added validation error

* documentation

* attempt to add test

* removed whiitespace

* fix: ensure date_from and date_to are applied correct audit logs

* added more tests

* ran make gen

* PR feedback

Co-authored-by: Dean Sheather &lt;dean@deansheather.com&gt;
diff --git a/coderd/audit.go b/coderd/audit.go
@@ -50,6 +50,8 @@ func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) {
 		Action:       filter.Action,
 		Username:     filter.Username,
 		Email:        filter.Email,
+		DateFrom:     filter.DateFrom,
+		DateTo:       filter.DateTo,
 	})
 	if err != nil {
 		httpapi.InternalServerError(rw, err)
@@ -84,6 +86,8 @@ func (api *API) auditLogCount(rw http.ResponseWriter, r *http.Request) {
 		Action:       filter.Action,
 		Username:     filter.Username,
 		Email:        filter.Email,
+		DateFrom:     filter.DateFrom,
+		DateTo:       filter.DateTo,
 	})
 	if err != nil {
 		httpapi.InternalServerError(rw, err)
@@ -142,10 +146,13 @@ func (api *API) generateFakeAuditLog(rw http.ResponseWriter, r *http.Request) {
 	if params.ResourceID == uuid.Nil {
 		params.ResourceID = uuid.New()
 	}
+	if params.Time.IsZero() {
+		params.Time = time.Now()
+	}
 
 	_, err = api.Database.InsertAuditLog(ctx, database.InsertAuditLogParams{
 		ID:               uuid.New(),
-		Time:             time.Now(),
+		Time:             params.Time,
 		UserID:           user.ID,
 		Ip:               ipNet,
 		UserAgent:        r.UserAgent(),
@@ -273,12 +280,33 @@ func auditSearchQuery(query string) (database.GetAuditLogsOffsetParams, []coders
 	// Using the query param parser here just returns consistent errors with
 	// other parsing.
 	parser := httpapi.NewQueryParamParser()
+	const layout = "2006-01-02"
+
+	var (
+		dateFromString    = parser.String(searchParams, "", "date_from")
+		dateToString      = parser.String(searchParams, "", "date_to")
+		parsedDateFrom, _ = time.Parse(layout, dateFromString)
+		parsedDateTo, _   = time.Parse(layout, dateToString)
+	)
+
+	if dateToString != "" {
+		parsedDateTo = parsedDateTo.Add(23*time.Hour + 59*time.Minute + 59*time.Second) // parsedDateTo goes to 23:59
+	}
+
+	if dateToString != "" && parsedDateTo.Before(parsedDateFrom) {
+		return database.GetAuditLogsOffsetParams{}, []codersdk.ValidationError{
+			{Field: "q", Detail: fmt.Sprintf("DateTo value %q cannot be before than DateFrom", parsedDateTo)},
+		}
+	}
+
 	filter := database.GetAuditLogsOffsetParams{
 		ResourceType: resourceTypeFromString(parser.String(searchParams, "", "resource_type")),
 		ResourceID:   parser.UUID(searchParams, uuid.Nil, "resource_id"),
 		Action:       actionFromString(parser.String(searchParams, "", "action")),
 		Username:     parser.String(searchParams, "", "username"),
 		Email:        parser.String(searchParams, "", "email"),
+		DateFrom:     parsedDateFrom,
+		DateTo:       parsedDateTo,
 	}
 
 	return filter, parser.Errors
diff --git a/coderd/audit_test.go b/coderd/audit_test.go
@@ -3,6 +3,7 @@ package coderd_test
 import (
 	"context"
 	"testing"
+	"time"
 
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/require"
@@ -54,12 +55,14 @@ func TestAuditLogsFilter(t *testing.T) {
 		err := client.CreateTestAuditLog(ctx, codersdk.CreateTestAuditLogRequest{
 			Action:       codersdk.AuditActionCreate,
 			ResourceType: codersdk.ResourceTypeTemplate,
+			Time:         time.Date(2022, 8, 15, 14, 30, 45, 100, time.UTC), // 2022-8-15 14:30:45
 		})
 		require.NoError(t, err)
 		err = client.CreateTestAuditLog(ctx, codersdk.CreateTestAuditLogRequest{
 			Action:       codersdk.AuditActionCreate,
 			ResourceType: codersdk.ResourceTypeUser,
 			ResourceID:   userResourceID,
+			Time:         time.Date(2022, 8, 16, 14, 30, 45, 100, time.UTC), // 2022-8-16 14:30:45
 		})
 		require.NoError(t, err)
 
@@ -68,6 +71,7 @@ func TestAuditLogsFilter(t *testing.T) {
 			Action:       codersdk.AuditActionDelete,
 			ResourceType: codersdk.ResourceTypeUser,
 			ResourceID:   userResourceID,
+			Time:         time.Date(2022, 8, 15, 14, 30, 45, 100, time.UTC), // 2022-8-15 14:30:45
 		})
 		require.NoError(t, err)
 
@@ -127,6 +131,21 @@ func TestAuditLogsFilter(t *testing.T) {
 				SearchQuery:    "action:invalid",
 				ExpectedResult: 3,
 			},
+			{
+				Name:           "FilterOnCreateSingleDay",
+				SearchQuery:    "action:create date_from:2022-08-15 date_to:2022-08-15",
+				ExpectedResult: 1,
+			},
+			{
+				Name:           "FilterOnCreateDateFrom",
+				SearchQuery:    "action:create date_from:2022-08-15",
+				ExpectedResult: 2,
+			},
+			{
+				Name:           "FilterOnCreateDateTo",
+				SearchQuery:    "action:create date_to:2022-08-15",
+				ExpectedResult: 1,
+			},
 		}
 
 		for _, testCase := range testCases {
diff --git a/coderd/database/databasefake/databasefake.go b/coderd/database/databasefake/databasefake.go
@@ -2995,6 +2995,16 @@ func (q *fakeQuerier) GetAuditLogsOffset(ctx context.Context, arg database.GetAu
 				continue
 			}
 		}
+		if !arg.DateFrom.IsZero() {
+			if alog.Time.Before(arg.DateFrom) {
+				continue
+			}
+		}
+		if !arg.DateTo.IsZero() {
+			if alog.Time.After(arg.DateTo) {
+				continue
+			}
+		}
 
 		user, err := q.GetUserByID(ctx, alog.UserID)
 		userValid := err == nil
@@ -3057,6 +3067,16 @@ func (q *fakeQuerier) GetAuditLogCount(_ context.Context, arg database.GetAuditL
 				continue
 			}
 		}
+		if !arg.DateFrom.IsZero() {
+			if alog.Time.Before(arg.DateFrom) {
+				continue
+			}
+		}
+		if !arg.DateTo.IsZero() {
+			if alog.Time.After(arg.DateTo) {
+				continue
+			}
+		}
 
 		logs = append(logs, alog)
 	}
diff --git a/coderd/database/queries.sql.go b/coderd/database/queries.sql.go
diff --git a/coderd/database/queries/auditlogs.sql b/coderd/database/queries/auditlogs.sql
@@ -50,6 +50,18 @@ WHERE
 			users.email = @email
 		ELSE true
 	END
+	-- Filter by date_from
+	AND CASE
+		WHEN @date_from :: timestamp with time zone != '0001-01-01 00:00:00' THEN
+			"time" >= @date_from
+		ELSE true
+	END
+	-- Filter by date_to
+	AND CASE
+		WHEN @date_to :: timestamp with time zone != '0001-01-01 00:00:00' THEN
+			"time" <= @date_to
+		ELSE true
+	END
 ORDER BY
     "time" DESC
 LIMIT
@@ -98,6 +110,18 @@ WHERE
 		WHEN @email :: text != '' THEN
 			user_id = (SELECT id from users WHERE users.email = @email )
 		ELSE true
+	END
+	-- Filter by date_from
+	AND CASE
+		WHEN @date_from :: timestamp with time zone != '0001-01-01 00:00:00' THEN
+			"time" >= @date_from
+		ELSE true
+	END
+	-- Filter by date_to
+	AND CASE
+		WHEN @date_to :: timestamp with time zone != '0001-01-01 00:00:00' THEN
+			"time" <= @date_to
+		ELSE true
 	END;
 
 -- name: InsertAuditLog :one
diff --git a/codersdk/audit.go b/codersdk/audit.go
@@ -127,6 +127,7 @@ type CreateTestAuditLogRequest struct {
 	Action       AuditAction  `json:"action,omitempty"`
 	ResourceType ResourceType `json:"resource_type,omitempty"`
 	ResourceID   uuid.UUID    `json:"resource_id,omitempty"`
+	Time         time.Time    `json:"time,omitempty"`
 }
 
 // AuditLogs retrieves audit logs from the given page.
diff --git a/docs/admin/audit-logs.md b/docs/admin/audit-logs.md
@@ -30,6 +30,8 @@ The supported filters are:
 - `action`- The action applied to a resource. You can [find here](https://pkg.go.dev/github.com/coder/coder@main/codersdk#AuditAction) all the actions that are supported.
 - `username` - The username of the user who triggered the action.
 - `email` - The email of the user who triggered the action.
+- `date_from` - The inclusive start date with format `YYYY-MM-DD`.
+- `date_to ` - the inclusive end date with format `YYYY-MM-DD`.
 
 ## Enabling this feature
 
diff --git a/enterprise/audit/table.go b/enterprise/audit/table.go
@@ -109,13 +109,14 @@ var AuditableResources = auditMap(map[any]map[string]Action{
 		"organization_id": ActionIgnore, // Never changes.
 		"avatar_url":      ActionTrack,
 	},
-	// We don't show any diff for the WorkspaceBuild resource
+	// We don't show any diff for the WorkspaceBuild resource,
+	// save for the template_version_id
 	&database.WorkspaceBuild{}: {
 		"id":                  ActionIgnore,
 		"created_at":          ActionIgnore,
 		"updated_at":          ActionIgnore,
 		"workspace_id":        ActionIgnore,
-		"template_version_id": ActionIgnore,
+		"template_version_id": ActionTrack,
 		"build_number":        ActionIgnore,
 		"transition":          ActionIgnore,
 		"initiator_id":        ActionIgnore,
diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts
@@ -204,6 +204,7 @@ export interface CreateTestAuditLogRequest {
   readonly action?: AuditAction
   readonly resource_type?: ResourceType
   readonly resource_id?: string
+  readonly time?: string
 }
 
 // From codersdk/apikey.go

Original file line number	Diff line number	Diff line change
`@@ -127,6 +127,7 @@ type CreateTestAuditLogRequest struct {`
`127`	`127`	Action AuditAction `json:"action,omitempty"`
`128`	`128`	ResourceType ResourceType `json:"resource_type,omitempty"`
`129`	`129`	ResourceID uuid.UUID `json:"resource_id,omitempty"`
	`130`	+ Time time.Time `json:"time,omitempty"`
`130`	`131`	`}`
`131`	`132`
`132`	`133`	`// AuditLogs retrieves audit logs from the given page.`
Original file line number	Diff line number	Diff line change
`@@ -204,6 +204,7 @@ export interface CreateTestAuditLogRequest {`
`204`	`204`	`readonly action?: AuditAction`
`205`	`205`	`readonly resource_type?: ResourceType`
`206`	`206`	`readonly resource_id?: string`
	`207`	`+ readonly time?: string`
`207`	`208`	`}`
`208`	`209`
`209`	`210`	`// From codersdk/apikey.go`