[PM-22190] Remove gathering and reporting of ReferenceEvents (#5897)

* Remove gathering and reporting of ReferenceEvents * Fix test that relied on reference events throwing --------- Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-01-07 11:03:37 +00:00 · 2025-06-02 16:49:49 +02:00
parent d7d90e7f3e
commit c7b1c7f6d5
47 changed files with 17 additions and 1147 deletions
--- a/src/Api/SecretsManager/Controllers/SecretsController.cs
+++ b/src/Api/SecretsManager/Controllers/SecretsController.cs
@@ -5,7 +5,6 @@ using Bit.Core.Context;
 using Bit.Core.Enums;
 using Bit.Core.Exceptions;
 using Bit.Core.Identity;
-using Bit.Core.Repositories;
 using Bit.Core.SecretsManager.AuthorizationRequirements;
 using Bit.Core.SecretsManager.Commands.Secrets.Interfaces;
 using Bit.Core.SecretsManager.Entities;
@@ -16,9 +15,6 @@ using Bit.Core.SecretsManager.Queries.Interfaces;
 using Bit.Core.SecretsManager.Queries.Secrets.Interfaces;
 using Bit.Core.SecretsManager.Repositories;
 using Bit.Core.Services;
-using Bit.Core.Tools.Enums;
-using Bit.Core.Tools.Models.Business;
-using Bit.Core.Tools.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

@@ -30,7 +26,6 @@ public class SecretsController : Controller
    private readonly ICurrentContext _currentContext;
    private readonly IProjectRepository _projectRepository;
    private readonly ISecretRepository _secretRepository;
-    private readonly IOrganizationRepository _organizationRepository;
    private readonly ICreateSecretCommand _createSecretCommand;
    private readonly IUpdateSecretCommand _updateSecretCommand;
    private readonly IDeleteSecretCommand _deleteSecretCommand;
@@ -39,14 +34,12 @@ public class SecretsController : Controller
    private readonly ISecretAccessPoliciesUpdatesQuery _secretAccessPoliciesUpdatesQuery;
    private readonly IUserService _userService;
    private readonly IEventService _eventService;
-    private readonly IReferenceEventService _referenceEventService;
    private readonly IAuthorizationService _authorizationService;

    public SecretsController(
        ICurrentContext currentContext,
        IProjectRepository projectRepository,
        ISecretRepository secretRepository,
-        IOrganizationRepository organizationRepository,
        ICreateSecretCommand createSecretCommand,
        IUpdateSecretCommand updateSecretCommand,
        IDeleteSecretCommand deleteSecretCommand,
@@ -55,13 +48,11 @@ public class SecretsController : Controller
        ISecretAccessPoliciesUpdatesQuery secretAccessPoliciesUpdatesQuery,
        IUserService userService,
        IEventService eventService,
-        IReferenceEventService referenceEventService,
        IAuthorizationService authorizationService)
    {
        _currentContext = currentContext;
        _projectRepository = projectRepository;
        _secretRepository = secretRepository;
-        _organizationRepository = organizationRepository;
        _createSecretCommand = createSecretCommand;
        _updateSecretCommand = updateSecretCommand;
        _deleteSecretCommand = deleteSecretCommand;
@@ -70,7 +61,6 @@ public class SecretsController : Controller
        _secretAccessPoliciesUpdatesQuery = secretAccessPoliciesUpdatesQuery;
        _userService = userService;
        _eventService = eventService;
-        _referenceEventService = referenceEventService;
        _authorizationService = authorizationService;

    }
@@ -148,9 +138,6 @@ public class SecretsController : Controller
        if (_currentContext.IdentityClientType == IdentityClientType.ServiceAccount)
        {
            await _eventService.LogServiceAccountSecretEventAsync(userId, secret, EventType.Secret_Retrieved);
-
-            var org = await _organizationRepository.GetByIdAsync(secret.OrganizationId);
-            await _referenceEventService.RaiseEventAsync(new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org, _currentContext));
        }

        return new SecretResponseModel(secret, access.Read, access.Write);
@@ -266,7 +253,7 @@ public class SecretsController : Controller
            throw new NotFoundException();
        }

-        await LogSecretsRetrievalAsync(secrets.First().OrganizationId, secrets);
+        await LogSecretsRetrievalAsync(secrets);

        var responses = secrets.Select(s => new BaseSecretResponseModel(s));
        return new ListResponseModel<BaseSecretResponseModel>(responses);
@@ -303,21 +290,18 @@ public class SecretsController : Controller

        if (syncResult.HasChanges)
        {
-            await LogSecretsRetrievalAsync(organizationId, syncResult.Secrets);
+            await LogSecretsRetrievalAsync(syncResult.Secrets);
        }

        return new SecretsSyncResponseModel(syncResult.HasChanges, syncResult.Secrets);
    }

-    private async Task LogSecretsRetrievalAsync(Guid organizationId, IEnumerable<Secret> secrets)
+    private async Task LogSecretsRetrievalAsync(IEnumerable<Secret> secrets)
    {
        if (_currentContext.IdentityClientType == IdentityClientType.ServiceAccount)
        {
            var userId = _userService.GetProperUserId(User)!.Value;
-            var org = await _organizationRepository.GetByIdAsync(organizationId);
            await _eventService.LogServiceAccountSecretsEventAsync(userId, secrets, EventType.Secret_Retrieved);
-            await _referenceEventService.RaiseEventAsync(
-                new ReferenceEvent(ReferenceEventType.SmServiceAccountAccessedSecret, org, _currentContext));
        }
    }
 }