(ctx context.Context, alog database.AuditLog)
| 51 | } |
| 52 | |
| 53 | func (a *auditor) Export(ctx context.Context, alog database.AuditLog) error { |
| 54 | decision, err := a.filter.Check(ctx, alog) |
| 55 | if err != nil { |
| 56 | return xerrors.Errorf("filter check: %w", err) |
| 57 | } |
| 58 | |
| 59 | // AsSystemRestricted is used to look up the actor name even |
| 60 | // when the caller lacks read access to the user. |
| 61 | actor, err := a.db.GetUserByID(dbauthz.AsSystemRestricted(ctx), alog.UserID) //nolint:gocritic // see above |
| 62 | if err != nil && !xerrors.Is(err, sql.ErrNoRows) { |
| 63 | return err |
| 64 | } |
| 65 | |
| 66 | for _, backend := range a.backends { |
| 67 | if decision&backend.Decision() != backend.Decision() { |
| 68 | continue |
| 69 | } |
| 70 | |
| 71 | err = backend.Export(ctx, alog, BackendDetails{Actor: &Actor{ |
| 72 | ID: actor.ID, |
| 73 | Email: actor.Email, |
| 74 | Username: actor.Username, |
| 75 | }}) |
| 76 | if err != nil { |
| 77 | // naively return the first error. should probably make this smarter |
| 78 | // by returning multiple errors. |
| 79 | return xerrors.Errorf("export audit log to backend: %w", err) |
| 80 | } |
| 81 | } |
| 82 | |
| 83 | return nil |
| 84 | } |
nothing calls this directly
no test coverage detected