From c6dadaa4ff524005a719a6d3fbe00f1e2044fd4c Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Wed, 22 Feb 2023 16:10:54 +0000
Subject: [PATCH] Some work to make sure the user agent and ip address are
 always passed correctly to audit logs.

---
 packages/backend-core/src/events/events.ts    | 28 +++++++++----------
 .../backend-core/src/events/identification.ts |  2 +-
 packages/backend-core/src/events/index.ts     |  2 +-
 packages/types/src/sdk/auditLogs.ts           |  6 ++++
 .../types/src/sdk/events/identification.ts    |  2 +-
 5 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/packages/backend-core/src/events/events.ts b/packages/backend-core/src/events/events.ts
index 6176fb6724..d3d32384aa 100644
--- a/packages/backend-core/src/events/events.ts
+++ b/packages/backend-core/src/events/events.ts
@@ -1,4 +1,10 @@
-import { AuditLogFn, Event, IdentityType, HostInfo } from "@budibase/types"
+import {
+  AuditLogFn,
+  Event,
+  IdentityType,
+  AuditedEventFriendlyName,
+  AuditLogQueueEvent,
+} from "@budibase/types"
 import { processors } from "./processors"
 import identification from "./identification"
 import { getAppId } from "../context"
@@ -6,24 +12,17 @@ import * as backfill from "./backfill"
 import { createQueue, JobQueue } from "../queue"
 import BullQueue from "bull"
 
-type AuditLogEvent = {
-  event: Event
-  properties: any
-  opts: {
-    timestamp?: string | number
-    userId?: string
-    appId?: string
-    hostInfo?: HostInfo
-  }
+export function isAudited(event: Event) {
+  return !!AuditedEventFriendlyName[event]
 }
 
 let auditLogsEnabled = false
-let auditLogQueue: BullQueue.Queue<AuditLogEvent>
+let auditLogQueue: BullQueue.Queue<AuditLogQueueEvent>
 
 export const configure = (fn: AuditLogFn) => {
   auditLogsEnabled = true
   const writeAuditLogs = fn
-  auditLogQueue = createQueue<AuditLogEvent>(JobQueue.AUDIT_LOG)
+  auditLogQueue = createQueue<AuditLogQueueEvent>(JobQueue.AUDIT_LOG)
   return auditLogQueue.process(async job => {
     await writeAuditLogs(job.data.event, job.data.properties, {
       userId: job.data.opts.userId,
@@ -46,11 +45,11 @@ export const publishEvent = async (
   // no backfill - send the event and exit
   if (!backfilling) {
     await processors.processEvent(event, identity, properties, timestamp)
-    if (auditLogsEnabled) {
+    if (auditLogsEnabled && isAudited(event)) {
       // only audit log actual events, don't include backfills
       const userId =
         identity.type === IdentityType.USER ? identity.id : undefined
-      // add to event queue, rather than just writing immediately
+      // add to the event queue, rather than just writing immediately
       await auditLogQueue.add({
         event,
         properties,
@@ -58,6 +57,7 @@ export const publishEvent = async (
           userId,
           timestamp,
           appId: getAppId(),
+          hostInfo: identity.hostInfo,
         },
       })
     }
diff --git a/packages/backend-core/src/events/identification.ts b/packages/backend-core/src/events/identification.ts
index e18d96bbe0..dcb2ebb4ab 100644
--- a/packages/backend-core/src/events/identification.ts
+++ b/packages/backend-core/src/events/identification.ts
@@ -89,7 +89,7 @@ const getCurrentIdentity = async (): Promise<Identity> => {
       installationId,
       tenantId,
       environment,
-      hostInfo: userContext.host,
+      hostInfo: userContext.hostInfo,
     }
   } else {
     throw new Error("Unknown identity type")
diff --git a/packages/backend-core/src/events/index.ts b/packages/backend-core/src/events/index.ts
index 7aa4d06e58..15f6dde835 100644
--- a/packages/backend-core/src/events/index.ts
+++ b/packages/backend-core/src/events/index.ts
@@ -3,7 +3,7 @@ export * as processors from "./processors"
 export * as analytics from "./analytics"
 export { default as identification } from "./identification"
 export * as backfillCache from "./backfill"
-export { configure } from "./events"
+export { configure, isAudited } from "./events"
 
 import { processors } from "./processors"
 
diff --git a/packages/types/src/sdk/auditLogs.ts b/packages/types/src/sdk/auditLogs.ts
index dea36b0164..e5d0c77d90 100644
--- a/packages/types/src/sdk/auditLogs.ts
+++ b/packages/types/src/sdk/auditLogs.ts
@@ -12,3 +12,9 @@ export type AuditLogFn = (
   metadata: any,
   opts: AuditWriteOpts
 ) => Promise<any>
+
+export type AuditLogQueueEvent = {
+  event: Event
+  properties: any
+  opts: AuditWriteOpts
+}
diff --git a/packages/types/src/sdk/events/identification.ts b/packages/types/src/sdk/events/identification.ts
index bbbf74d33e..8b6b7ddf44 100644
--- a/packages/types/src/sdk/events/identification.ts
+++ b/packages/types/src/sdk/events/identification.ts
@@ -46,7 +46,7 @@ export interface Identity {
   environment: string
   installationId?: string
   tenantId?: string
-  hostInfo: HostInfo
+  hostInfo?: HostInfo
 }
 
 export interface UserIdentity extends Identity {