[SM-1273] Adding new logging for secrets (#5991)

* Adding new logging for secrets * fixing secrest controller tests * fixing the tests
2026-03-02 11:21:31 +00:00 · 2025-07-02 22:28:48 -04:00
parent b7df8525af
commit 669a5cb372
6 changed files with 73 additions and 21 deletions
--- a/src/Core/AdminConsole/Enums/EventType.cs
+++ b/src/Core/AdminConsole/Enums/EventType.cs
@@ -90,4 +90,7 @@ public enum EventType : int
    OrganizationDomain_NotVerified = 2003,

    Secret_Retrieved = 2100,
+    Secret_Created = 2101,
+    Secret_Edited = 2102,
+    Secret_Deleted = 2103,
 }
--- a/src/Core/AdminConsole/Services/IEventService.cs
+++ b/src/Core/AdminConsole/Services/IEventService.cs
@@ -30,6 +30,6 @@ public interface IEventService
    Task LogProviderOrganizationEventsAsync(IEnumerable<(ProviderOrganization, EventType, DateTime?)> events);
    Task LogOrganizationDomainEventAsync(OrganizationDomain organizationDomain, EventType type, DateTime? date = null);
    Task LogOrganizationDomainEventAsync(OrganizationDomain organizationDomain, EventType type, EventSystemUser systemUser, DateTime? date = null);
-    Task LogServiceAccountSecretEventAsync(Guid serviceAccountId, Secret secret, EventType type, DateTime? date = null);
+    Task LogUserSecretsEventAsync(Guid userId, IEnumerable<Secret> secrets, EventType type, DateTime? date = null);
    Task LogServiceAccountSecretsEventAsync(Guid serviceAccountId, IEnumerable<Secret> secrets, EventType type, DateTime? date = null);
 }
--- a/src/Core/AdminConsole/Services/Implementations/EventService.cs
+++ b/src/Core/AdminConsole/Services/Implementations/EventService.cs
@@ -409,9 +409,30 @@ public class EventService : IEventService
        await _eventWriteService.CreateAsync(e);
    }

-    public async Task LogServiceAccountSecretEventAsync(Guid serviceAccountId, Secret secret, EventType type, DateTime? date = null)
+    public async Task LogUserSecretsEventAsync(Guid userId, IEnumerable<Secret> secrets, EventType type, DateTime? date = null)
    {
-        await LogServiceAccountSecretsEventAsync(serviceAccountId, new[] { secret }, type, date);
+        var orgAbilities = await _applicationCacheService.GetOrganizationAbilitiesAsync();
+        var eventMessages = new List<IEvent>();
+
+        foreach (var secret in secrets)
+        {
+            if (!CanUseEvents(orgAbilities, secret.OrganizationId))
+            {
+                continue;
+            }
+
+            var e = new EventMessage(_currentContext)
+            {
+                OrganizationId = secret.OrganizationId,
+                Type = type,
+                SecretId = secret.Id,
+                UserId = userId,
+                Date = date.GetValueOrDefault(DateTime.UtcNow)
+            };
+            eventMessages.Add(e);
+        }
+
+        await _eventWriteService.CreateManyAsync(eventMessages);
    }

    public async Task LogServiceAccountSecretsEventAsync(Guid serviceAccountId, IEnumerable<Secret> secrets, EventType type, DateTime? date = null)
--- a/src/Core/AdminConsole/Services/NoopImplementations/NoopEventService.cs
+++ b/src/Core/AdminConsole/Services/NoopImplementations/NoopEventService.cs
@@ -116,7 +116,7 @@ public class NoopEventService : IEventService
        return Task.FromResult(0);
    }

-    public Task LogServiceAccountSecretEventAsync(Guid serviceAccountId, Secret secret, EventType type,
+    public Task LogUserSecretsEventAsync(Guid userId, IEnumerable<Secret> secrets, EventType type,
        DateTime? date = null)
    {
        return Task.FromResult(0);