| 293 | } |
| 294 | |
| 295 | func auditLogDescription(alog database.GetAuditLogsOffsetRow) string { |
| 296 | b := strings.Builder{} |
| 297 | |
| 298 | // NOTE: WriteString always returns a nil error, so we never check it |
| 299 | |
| 300 | // Requesting a password reset can be performed by anyone that knows the email |
| 301 | // of a user so saying the user performed this action might be slightly misleading. |
| 302 | if alog.AuditLog.Action != database.AuditActionRequestPasswordReset { |
| 303 | _, _ = b.WriteString("{user} ") |
| 304 | } |
| 305 | |
| 306 | // Chat write operations get semantic descriptions derived from the diff. |
| 307 | if desc, ok := chatAuditLogDescription(alog); ok { |
| 308 | _, _ = b.WriteString(desc) |
| 309 | return b.String() |
| 310 | } |
| 311 | |
| 312 | switch { |
| 313 | case alog.AuditLog.StatusCode == int32(http.StatusSeeOther): |
| 314 | _, _ = b.WriteString("was redirected attempting to ") |
| 315 | _, _ = b.WriteString(string(alog.AuditLog.Action)) |
| 316 | case alog.AuditLog.StatusCode >= 400: |
| 317 | _, _ = b.WriteString("unsuccessfully attempted to ") |
| 318 | _, _ = b.WriteString(string(alog.AuditLog.Action)) |
| 319 | default: |
| 320 | _, _ = b.WriteString(codersdk.AuditAction(alog.AuditLog.Action).Friendly()) |
| 321 | } |
| 322 | |
| 323 | // API Key resources (used for authentication) do not have targets and follow the below format: |
| 324 | // "User {logged in | logged out | registered}" |
| 325 | if alog.AuditLog.ResourceType == database.ResourceTypeApiKey && |
| 326 | (alog.AuditLog.Action == database.AuditActionLogin || alog.AuditLog.Action == database.AuditActionLogout || alog.AuditLog.Action == database.AuditActionRegister) { |
| 327 | return b.String() |
| 328 | } |
| 329 | |
| 330 | // We don't display the name (target) for git ssh keys. It's fairly long and doesn't |
| 331 | // make too much sense to display. |
| 332 | if alog.AuditLog.ResourceType == database.ResourceTypeGitSshKey { |
| 333 | _, _ = b.WriteString(" the ") |
| 334 | _, _ = b.WriteString(codersdk.ResourceType(alog.AuditLog.ResourceType).FriendlyString()) |
| 335 | return b.String() |
| 336 | } |
| 337 | |
| 338 | if alog.AuditLog.Action == database.AuditActionRequestPasswordReset { |
| 339 | _, _ = b.WriteString(" for") |
| 340 | } else { |
| 341 | _, _ = b.WriteString(" ") |
| 342 | _, _ = b.WriteString(codersdk.ResourceType(alog.AuditLog.ResourceType).FriendlyString()) |
| 343 | } |
| 344 | |
| 345 | if alog.AuditLog.ResourceType == database.ResourceTypeConvertLogin { |
| 346 | _, _ = b.WriteString(" to") |
| 347 | } |
| 348 | |
| 349 | _, _ = b.WriteString(" {target}") |
| 350 | |
| 351 | return b.String() |
| 352 | } |