-
Notifications
You must be signed in to change notification settings - Fork 6.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: audit log #14985
base: main
Are you sure you want to change the base?
feat: audit log #14985
Conversation
@TaduJR is attempting to deploy a commit to the cal Team on Vercel. A member of the Team first needs to authorize it. |
Thank you for following the naming conventions! 🙏 Feel free to join our discord and post your PR link. |
Graphite Automations"Add community label" took an action on this PR • (05/11/24)1 label was added to this PR based on Keith Williams's automation. "Add foundation team as reviewer" took an action on this PR • (05/11/24)1 reviewer was added to this PR based on Keith Williams's automation. "Add consumer team as reviewer" took an action on this PR • (05/11/24)1 reviewer was added to this PR based on Keith Williams's automation. |
📦 Next.js Bundle Analysis for @calcom/webThis analysis was generated by the Next.js Bundle Analysis action. 🤖 This PR introduced no changes to the JavaScript bundle! 🙌 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This PR has a lot of potential. Thank you for your contribution 🙏 I have some observations in order to ensure this is a top quality feature.
Delegate auditing logs to a background task
Since we're doing extra writing to the database for each action being taken. We should find a way to delegate all this logging off the main thread. It is expected that this will make all logged actions slower. But we should try to make this the least intrusive as possible. Some possible approaches that come to mind is using a prisma middleware to avoid polluting the code itself.
Make the feature opt-in by default
Since this codebase is shared with all self posters. We should try to make all these features opt-in by default. That way we don't suddenly introduce more unexpected DB load or side effect after an update. A possible approach would be using our current feature flags to toggle logging on or off and it is turned off by default. That way we can also switch it off without having to redeploy in case something wrong happens.
Use dependency injection pattern
This is so we can easily switch to a third party service if needed. We can disable it locally. We can unit test it. We can switch it with another one. I would try to come up with a AuditLogger abstraction and create an InternalAuditLogger as our first option. Here's a very nice video explaining the pattern if you want to dive into that.
Feel free to reach out with questions and more guidance.
May you be well 🙏
packages/prisma/schema.prisma
Outdated
@@ -402,6 +402,7 @@ model Team { | |||
platformOAuthClient PlatformOAuthClient[] | |||
smsLockState SMSLockState @default(UNLOCKED) | |||
platformBilling PlatformBilling? | |||
auditLog AuditLog[] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the relationship needed at all? We can ditch the relationship and still query by teamId don't we?
packages/prisma/schema.prisma
Outdated
id Int @id @default(autoincrement()) | ||
action String | ||
actionDesc String? | ||
actor Json |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of Json can we turn this into actorId
so we can query/join the user on query? We're trying to avoid Json fields as much as possible are these are harder to index and query.
packages/prisma/schema.prisma
Outdated
action String | ||
actionDesc String? | ||
actor Json | ||
target Json? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here on target. We can have a targetId: 1
and targetType: "team"
instead of a Json field.
packages/prisma/schema.prisma
Outdated
actionDesc String? | ||
actor Json | ||
target Json? | ||
crud String |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could/should be an enum:
enum Crud {
CREATE
READ
UPDATE
DELETE
}
/tip $25 |
🎉🎈 @TaduJR has been awarded $25! 🎈🎊 |
Hello @zomars. I will look into and fix every changes you requested and thank you so much for the tip. |
No dependency changes detected. Learn more about Socket for GitHub ↗︎ 👍 No dependency changes detected in pull request |
…dit_log Testing Multithreading for audit_log
Merge changes for yarnlock
What does this PR do?
This change tries to resolve #1461 by adding audit logger on v1 api, v2 api and backend.
These are the list of events handled on Teams and Organizations
Note
This PR needs frontend integration and audit log table data fetching based on logged team
Important
I already made the common local parser. It just needs integration with the frontend.
Tip
I have an idea on where to show the Logged Events. Check this the screenshot.
Handling EventType Audit Logs
https://www.loom.com/share/07e24f0d6249494da1647ce4f9a82520
Mandatory Tasks (DO NOT REMOVE)
How should this be tested?
Checklist
/claim [CAL-1710] Audit log #1461