From 049ea0b19ee39ce3e36702f84f5ce38c135d25fe Mon Sep 17 00:00:00 2001 From: Javier Rodriguez Date: Thu, 31 Jul 2025 13:20:51 +0200 Subject: [PATCH 1/3] chore(nats): Send audit logs events to specific subjects Signed-off-by: Javier Rodriguez --- app/controlplane/pkg/auditor/nats.go | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/app/controlplane/pkg/auditor/nats.go b/app/controlplane/pkg/auditor/nats.go index cb1093f96..856f7d4c2 100644 --- a/app/controlplane/pkg/auditor/nats.go +++ b/app/controlplane/pkg/auditor/nats.go @@ -19,6 +19,7 @@ import ( "context" "encoding/json" "fmt" + "strings" "time" "github.com/go-kratos/kratos/v2/log" @@ -27,8 +28,12 @@ import ( ) const ( - streamName = "chainloop-audit" + streamName = "chainloop-audit" + // subjectName is the base subject for audit logs for the consumer to subscribe to. subjectName = "audit.>" + // baseSubjectName is the base subject for audit logs for the publisher to publish to. + // The pattern for the specific subjects is "audit.." + baseSubjectName = "audit" ) type AuditLogPublisher struct { @@ -74,5 +79,7 @@ func (n *AuditLogPublisher) Publish(data *EventPayload) error { return fmt.Errorf("failed to marshal event payload: %w", err) } - return n.conn.Publish(subjectName, jsonPayload) + // Send the event to the specific subject based on the event type "audit.." + specificSubject := fmt.Sprintf("%s.%s.%s", baseSubjectName, strings.ToLower(string(data.Data.TargetType)), strings.ToLower(data.Data.ActionType)) + return n.conn.Publish(specificSubject, jsonPayload) } From 69d478016d3ff0bbaaa93d1e10e9237b0238c6c2 Mon Sep 17 00:00:00 2001 From: Javier Rodriguez Date: Thu, 31 Jul 2025 15:59:57 +0200 Subject: [PATCH 2/3] include user info on OrgUserJoined event Signed-off-by: Javier Rodriguez --- .../pkg/auditor/events/organization.go | 14 +++++++++++++- app/controlplane/pkg/biz/orginvitation.go | 2 ++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/app/controlplane/pkg/auditor/events/organization.go b/app/controlplane/pkg/auditor/events/organization.go index 68dcca318..977d27bd7 100644 --- a/app/controlplane/pkg/auditor/events/organization.go +++ b/app/controlplane/pkg/auditor/events/organization.go @@ -57,7 +57,7 @@ func (p *OrgBase) TargetID() *uuid.UUID { func (p *OrgBase) ActionInfo() (json.RawMessage, error) { if p.OrgName == "" || p.OrgID == nil { - return nil, errors.New("user id and org name are required") + return nil, errors.New("org name and org id are required") } return json.Marshal(&p) @@ -79,6 +79,10 @@ func (p *OrgCreated) Description() string { // user joined the organization type OrgUserJoined struct { *OrgBase + // UserID of the user that joined the organization + UserID uuid.UUID `json:"user_id,omitempty"` + // UserEmail of the user that joined the organization + UserEmail string `json:"user_email,omitempty"` } func (p *OrgUserJoined) ActionType() string { @@ -89,6 +93,14 @@ func (p *OrgUserJoined) Description() string { return fmt.Sprintf("{{ .ActorEmail }} has joined the organization %s", p.OrgName) } +func (p *OrgUserJoined) ActionInfo() (json.RawMessage, error) { + if p.OrgName == "" || p.OrgID == nil || p.UserID == uuid.Nil || p.UserEmail == "" { + return nil, errors.New("org name, org id, user id and user email are required") + } + + return json.Marshal(&p) +} + // user left the organization type OrgUserLeft struct { *OrgBase diff --git a/app/controlplane/pkg/biz/orginvitation.go b/app/controlplane/pkg/biz/orginvitation.go index eb2f8d7bc..1744acb61 100644 --- a/app/controlplane/pkg/biz/orginvitation.go +++ b/app/controlplane/pkg/biz/orginvitation.go @@ -290,6 +290,8 @@ func (uc *OrgInvitationUseCase) AcceptPendingInvitations(ctx context.Context, re OrgID: &orgUUID, OrgName: invitation.Org.Name, }, + UserID: userUUID, + UserEmail: user.Email, }, &orgUUID) } From 33aa4b5c151112127c36bc1ac200dc2d06f12c5c Mon Sep 17 00:00:00 2001 From: Javier Rodriguez Date: Fri, 1 Aug 2025 10:55:46 +0200 Subject: [PATCH 3/3] change comment Signed-off-by: Javier Rodriguez --- app/controlplane/pkg/auditor/nats.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controlplane/pkg/auditor/nats.go b/app/controlplane/pkg/auditor/nats.go index 856f7d4c2..b4568a226 100644 --- a/app/controlplane/pkg/auditor/nats.go +++ b/app/controlplane/pkg/auditor/nats.go @@ -29,7 +29,7 @@ import ( const ( streamName = "chainloop-audit" - // subjectName is the base subject for audit logs for the consumer to subscribe to. + // subjectName is the base subject for the stream to listen to. subjectName = "audit.>" // baseSubjectName is the base subject for audit logs for the publisher to publish to. // The pattern for the specific subjects is "audit.."