[SM-389] Event log for service account (#4679)

apps/web/src/app/common/base.events.component.ts

@@ -139,6 +139,7 @@ export abstract class BaseEventsComponent {
           type: r.type,
           installationId: r.installationId,
           systemUser: r.systemUser,
+          serviceAccountId: r.serviceAccountId,
         });
       })
     );

apps/web/src/app/core/event.service.ts

@@ -36,7 +36,7 @@ export class EventService {
   }
 
   async getEventInfo(ev: EventResponse, options = new EventOptions()): Promise<EventInfo> {
-    const appInfo = this.getAppInfo(ev.deviceType);
+    const appInfo = this.getAppInfo(ev);
     const { message, humanReadableMessage } = await this.getEventMessage(ev, options);
     return {
       message: message,
@@ -410,6 +410,11 @@ export class EventService {
       case EventType.OrganizationDomain_NotVerified:
         msg = humanReadableMsg = this.i18nService.t("domainNotVerifiedEvent", ev.domainName);
         break;
+      // Secrets Manager
+      case EventType.Secret_Retrieved:
+        msg = this.i18nService.t("accessedSecret", this.formatSecretId(ev));
+        humanReadableMsg = this.i18nService.t("accessedSecret", this.getShortId(ev.secretId));
+        break;
       default:
         break;
     }
@@ -419,8 +424,12 @@ export class EventService {
     };
   }
 
-  private getAppInfo(deviceType: DeviceType): [string, string] {
-    switch (deviceType) {
+  private getAppInfo(ev: EventResponse): [string, string] {
+    if (ev.serviceAccountId) {
+      return ["bwi-globe", this.i18nService.t("sdk")];
+    }
+
+    switch (ev.deviceType) {
       case DeviceType.Android:
         return ["bwi-android", this.i18nService.t("mobile") + " - Android"];
       case DeviceType.iOS:
@@ -554,6 +563,13 @@ export class EventService {
     return a.outerHTML;
   }
 
+  formatSecretId(ev: EventResponse): string {
+    const shortId = this.getShortId(ev.secretId);
+    const a = this.makeAnchor(shortId);
+    a.setAttribute("href", "#/sm/" + ev.organizationId + "/secrets?search=" + shortId);
+    return a.outerHTML;
+  }
+
   private makeAnchor(shortId: string) {
     const a = document.createElement("a");
     a.title = this.i18nService.t("view");

apps/web/src/app/organizations/manage/events.component.ts

@@ -152,9 +152,19 @@ export class EventsComponent extends BaseEventsComponent implements OnInit, OnDe
       }
     }
 
+    if (r.serviceAccountId) {
+      return {
+        name: this.i18nService.t("serviceAccount") + " " + this.getShortId(r.serviceAccountId),
+      };
+    }
+
     return null;
   }
 
+  private getShortId(id: string) {
+    return id?.substring(0, 8);
+  }
+
   ngOnDestroy() {
     this.destroy$.next();
     this.destroy$.complete();

apps/web/src/locales/en/messages.json

@@ -6420,6 +6420,19 @@
   "errorReadingImportFile": {
     "message": "An error occurred when trying to read the import file"
   },
+  "accessedSecret": {
+    "message": "Accessed secret $SECRET_ID$.",
+    "placeholders": {
+      "secret_id": {
+        "content": "$1",
+        "example": "4d34e8a8"
+      }
+    }
+  },
+  "sdk": {
+    "message": "SDK",
+    "description": "Software Development Kit"
+  },
   "createSecret": {
     "message": "Create a secret"
   },
@@ -6490,16 +6503,13 @@
   },
   "exposedMasterPasswordDesc": {
     "message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?"
-  }, 
+  },
   "weakAndExposedMasterPassword": {
     "message": "Weak and Exposed Master Password"
   },
   "weakAndBreachedMasterPasswordDesc": {
     "message": "Weak password identified and found in a data breach. Use a strong and unique password to protect your account. Are you sure you want to use this password?"
   },
-  "important": {
-    "message": "Important:"
-  },
   "characterMinimum": {
     "message": "$LENGTH$ character minimum",
     "placeholders": {