@Summary Get audit logs @ID get-audit-logs @Security CoderSessionToken @Produce json @Tags Audit @Param q query string false "Search query" @Param limit query int true "Page limit" @Param offset query int false "Page offset" @Success 200 {object} codersdk.AuditLogResponse @Router /api/v2/audit [get]
(rw http.ResponseWriter, r *http.Request)
| 42 | // @Success 200 {object} codersdk.AuditLogResponse |
| 43 | // @Router /api/v2/audit [get] |
| 44 | func (api *API) auditLogs(rw http.ResponseWriter, r *http.Request) { |
| 45 | ctx := r.Context() |
| 46 | apiKey := httpmw.APIKey(r) |
| 47 | |
| 48 | page, ok := ParsePagination(rw, r) |
| 49 | if !ok { |
| 50 | return |
| 51 | } |
| 52 | |
| 53 | queryStr := r.URL.Query().Get("q") |
| 54 | filter, countFilter, errs := searchquery.AuditLogs(ctx, api.Database, queryStr) |
| 55 | if len(errs) > 0 { |
| 56 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 57 | Message: "Invalid audit search query.", |
| 58 | Validations: errs, |
| 59 | }) |
| 60 | return |
| 61 | } |
| 62 | // #nosec G115 - Safe conversion as pagination offset is expected to be within int32 range |
| 63 | filter.OffsetOpt = int32(page.Offset) |
| 64 | // #nosec G115 - Safe conversion as pagination limit is expected to be within int32 range |
| 65 | filter.LimitOpt = int32(page.Limit) |
| 66 | |
| 67 | if filter.Username == "me" { |
| 68 | filter.UserID = apiKey.UserID |
| 69 | filter.Username = "" |
| 70 | countFilter.UserID = apiKey.UserID |
| 71 | countFilter.Username = "" |
| 72 | } |
| 73 | |
| 74 | countFilter.CountCap = auditLogCountCap |
| 75 | count, err := api.Database.CountAuditLogs(ctx, countFilter) |
| 76 | if dbauthz.IsNotAuthorizedError(err) { |
| 77 | httpapi.Forbidden(rw) |
| 78 | return |
| 79 | } |
| 80 | if err != nil { |
| 81 | httpapi.InternalServerError(rw, err) |
| 82 | return |
| 83 | } |
| 84 | // If count is 0, then we don't need to query audit logs |
| 85 | if count == 0 { |
| 86 | httpapi.Write(ctx, rw, http.StatusOK, codersdk.AuditLogResponse{ |
| 87 | AuditLogs: []codersdk.AuditLog{}, |
| 88 | Count: 0, |
| 89 | CountCap: auditLogCountCap, |
| 90 | }) |
| 91 | return |
| 92 | } |
| 93 | |
| 94 | dblogs, err := api.Database.GetAuditLogsOffset(ctx, filter) |
| 95 | if dbauthz.IsNotAuthorizedError(err) { |
| 96 | httpapi.Forbidden(rw) |
| 97 | return |
| 98 | } |
| 99 | if err != nil { |
| 100 | httpapi.InternalServerError(rw, err) |
| 101 | return |
nothing calls this directly
no test coverage detected