Skip to content

Commit

Permalink
Add auditing for API key CRUD operations
Browse files Browse the repository at this point in the history 
Generate an audit trail for changes to API keys.
  • Loading branch information
@anodos325
anodos325 committed Aug 5, 2024
1 parent 452432d commit 9231f31
Showing 1 changed file with 9 additions and 5 deletions.
14 changes: 9 additions & 5 deletions src/middlewared/middlewared/plugins/api_key.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ async def item_extend(self, item):
item.pop("key")
return item

@api_method(ApiKeyCreateArgs, ApiKeyCreateResult)
@api_method(ApiKeyCreateArgs, ApiKeyCreateResult, audit='Create API key', audit_extended=lambda data: data['name'])
async def do_create(self, data: dict) -> dict:
"""
Creates API Key.
Expand All @@ -76,8 +76,8 @@ async def do_create(self, data: dict) -> dict:

return self._serve(data, key)

@api_method(ApiKeyUpdateArgs, ApiKeyUpdateResult)
async def do_update(self, id_: int, data: dict) -> dict:
@api_method(ApiKeyUpdateArgs, ApiKeyUpdateResult, audit='Update API key', audit_callback=True)
async def do_update(self, audit_callback: callable, id_: int, data: dict) -> dict:
"""
Update API Key `id`.
Expand All @@ -86,6 +86,7 @@ async def do_update(self, id_: int, data: dict) -> dict:
reset = data.pop("reset", False)

old = await self.get_instance(id_)
audit_callback(old['name'])
new = old.copy()

new.update(data)
Expand All @@ -108,11 +109,14 @@ async def do_update(self, id_: int, data: dict) -> dict:

return self._serve(await self.get_instance(id_), key)

@api_method(ApiKeyDeleteArgs, ApiKeyDeleteResult)
async def do_delete(self, id_: int) -> Literal[True]:
@api_method(ApiKeyDeleteArgs, ApiKeyDeleteResult, audit='Delete API key', audit_callback=True)
async def do_delete(self, audit_callback: callable, id_: int) -> Literal[True]:
"""
Delete API Key `id`.
"""
name = (await self.get_instance(id_))['name']
audit_callback(name)

response = await self.middleware.call(
"datastore.delete",
self._config.datastore,
Expand Down

0 comments on commit 9231f31

Please sign in to comment.