Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: internal audit logging system #14950

Open
wants to merge 131 commits into
base: main
Choose a base branch
from
Open

feat: internal audit logging system #14950

wants to merge 131 commits into from
+2,407 −11

Conversation

oliverqx
Copy link

@oliverqx oliverqx commented May 9, 2024
edited

/claim #1461

What does this PR do?

This PR adds an internal audit logging system to cal.com. Its designed to log actions using the expected audit-log clients.

  • Fixes [CAL-1710] Audit log #1461 (GitHub issue number)
  • Fixes CAL-1710 (Linear issue number - should be visible at the bottom of the GitHub issue description)

I recorded a 10 minute video showing my work. In the video I show how this internal audit logging system enables audit log app development by developing the BoxyHQ integration. You can find the video here: https://youtu.be/Nbi8Tr1Ny9E

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected)
  • I have added a Docs issue here if this PR makes changes that would require a documentation change
  • I have added or modified automated tests that prove my fix is effective or that my feature works (PRs might be rejected if logical changes are not properly tested)

How should this be tested?

  • Are there environment variables that should be set?
  • What are the minimal test data to have?
  • What is expected (happy path) to have (input and output)?
  • Any other important info that could help to test that PR

@oliverqx
chore: update App table
78d43ae 
add settings row.
@vercel Vercel
Copy link

vercel bot commented May 9, 2024

@oliverqx is attempting to deploy a commit to the cal Team on Vercel.

A member of the Team first needs to authorize it.

@algora-pbc algora-pbc bot mentioned this pull request May 9, 2024
Open
@github-actions github-actions bot added ❗️ migrations contains migration files 3 points Created by SyncLinear.com enterprise area: enterprise, audit log, organisation, SAML, SSO foundation Medium priority Created by Linear-GitHub Sync labels May 9, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 9, 2024
edited

Thank you for following the naming conventions! 🙏 Feel free to join our discord and post your PR link.

@github-actions github-actions bot added organizations area: organizations, orgs ✨ feature New feature or request 🎨 needs design Before engineering kick-off, a designer needs to submit a mockup 💎 Bounty A bounty on Algora.io 🚧 wip / in the making This is currently being worked on labels May 9, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 9, 2024
edited

📦 Next.js Bundle Analysis for @calcom/web

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

@oliverqx oliverqx changed the title Feature: Internal Audit Log System feat: internal audit logging system May 9, 2024
@oliverqx
Copy link
Author

oliverqx commented May 9, 2024

I'm trying to compile a list of all possible actions that can be logged by the audit system. So far I've this:

Webhooks
	- Create
	- Modify
		Event Triggers
		Subscriber URL
		Secret
		Payload Template
	- Enable	
	- Disable
	- Delete
API Keys
	- Create
	- Modify
		- Name
Schedule
	- Modified
		Available Hours
		Date Overrides
		Timezone
		Metadata
	- Created
	- Deleted
Bookings
	- Modified
		Reschedule
		Edit Location
	- Created
	- Cancelled
	- Reschedule Requested
Event-Types
	- Modified
		Event Setup
		Availability
		Limits
		Advanced
		Recurring
		Apps
		Workflows
		Webhooks
		Visibility
	- Created
	- Duplicate
	- Delete
Teams
	- Modified
		Members
		Profile
		Apperance
		Availability
	- Created
	- Duplicate
	- Deleted
User Profile
	- Modified
		Profile
		General
		Calendar	
		Conferencing
		Appearance
		Out of Office
	- Created
	- Delete
Password
	- Modified
	- Created
	- Delete
Impersonation
	- On
	- Off

cc: @PeerRich

@oliverqx
Copy link
Author

cc: @baileypumfleet

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@oliverqx
feat: create general settings component
75120d0
@oliverqx
fix: add -1 as id when no userId is present
6119857
@oliverqx
fix: remove unused type
483b89e
@oliverqx
feat: render general settings
a1f6666
@oliverqx
fix: improve types
a8ea191 
- Preparing to create audit log app context
@oliverqx
chore: update zod schemas
7a94e07
@oliverqx
feat: create and implement context
d5f765f
@oliverqx
refactor: implement context
d6220d1
@oliverqx
chore: improve dx at AuditLogEventToggles
93adedf
@oliverqx
feat: add loading state to AuditSystemStatus
364d375
@oliverqx
feat: add setup step to app template
b16503b
@oliverqx
fix: update default event and fix typo in logger
549b037
@oliverqx
Merge branch 'main' into feature.logging
2ce0591
@oliverqx
feat: add system events to schema
e551264
@oliverqx
feat: trpc audit logger v0.1
756feac
@oliverqx
chore: remove settings column from Credential
d752873 
- settings and keys go in appKey
@oliverqx
feat: modify and create schema
8a183ee 
- modify: remove AuditLogSystemTriggerEvents.SYSTEM_TEMPLATE_UPDATED
- modify: add AuditLogSystemTriggerEvents.SYSTEM_MISC to allow for implementation specific events without modifying schema
- add: AuditLogAppTriggerEvents.APP_KEYS_UPDATED
@oliverqx
chore: remove credentialSettingsSchema
9c710a3
@oliverqx
fix: add disabledEvents to genericAuditLogClient
d8d07bd
@oliverqx
chore: add type
12a56eb
@oliverqx
fix: add credential id to auditLogManager and improve dx
29f850b
@oliverqx
feat: improve handleAuditLogTrigger base design
6d534a6
@oliverqx
feat: add pathToAuditLogEvent
d48b6b3 
based on path this will return the events metadata, should be moved to core later
@oliverqx
feat: add getAuditLogManager test
02810f2
@oliverqx
feat: add handleAuditLogTrigger test
86a3ee7
@oliverqx
feat: add flattenObject
3037cfb 
- avoided recursion so its a loop by choice
@oliverqx
feat: update handleAuditLogTrigger on handleCancelBooking
a1c9c4b
@oliverqx
feat: add buildCredential to test utils
9c984d5
@oliverqx
feat: update handleAuditLogTrigger on trpc plugin
843e4ff
@oliverqx
Merge branch 'main' into feature.logging
85b67bc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zomars zomars Awaiting requested review from zomars

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
3 points Created by SyncLinear.com 🙋 Bounty claim 💎 Bounty A bounty on Algora.io community Created by Linear-GitHub Sync enterprise area: enterprise, audit log, organisation, SAML, SSO ✨ feature New feature or request foundation Medium priority Created by Linear-GitHub Sync ❗️ migrations contains migration files 🎨 needs design Before engineering kick-off, a designer needs to submit a mockup organizations area: organizations, orgs 🚧 wip / in the making This is currently being worked on
Projects
None yet
Milestone
v4.2
Development

Successfully merging this pull request may close these issues.

[CAL-1710] Audit log
4 participants
@oliverqx @CLAassistant @zomars @keithwillcode