-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpg_audit.go
More file actions
88 lines (79 loc) · 2.27 KB
/
pg_audit.go
File metadata and controls
88 lines (79 loc) · 2.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package store
import (
"context"
"fmt"
"github.com/jackc/pgx/v5/pgxpool"
)
// PGAuditStore implements AuditStore backed by PostgreSQL.
type PGAuditStore struct {
pool *pgxpool.Pool
}
func (s *PGAuditStore) Record(ctx context.Context, e *AuditEntry) error {
err := s.pool.QueryRow(ctx, `
INSERT INTO audit_log (user_id, action, resource_type, resource_id, details, ip_address, user_agent, created_at)
VALUES ($1,$2,$3,$4,$5,$6,$7,NOW())
RETURNING id, created_at`,
e.UserID, e.Action, e.ResourceType, e.ResourceID, e.Details, e.IPAddress, e.UserAgent).Scan(&e.ID, &e.CreatedAt)
if err != nil {
return fmt.Errorf("record audit: %w", err)
}
return nil
}
func (s *PGAuditStore) Query(ctx context.Context, f AuditFilter) ([]*AuditEntry, error) {
query := `SELECT id, user_id, action, resource_type, resource_id, details, ip_address, user_agent, created_at
FROM audit_log WHERE 1=1`
args := []any{}
idx := 1
if f.UserID != nil {
query += fmt.Sprintf(` AND user_id = $%d`, idx)
args = append(args, *f.UserID)
idx++
}
if f.Action != "" {
query += fmt.Sprintf(` AND action = $%d`, idx)
args = append(args, f.Action)
idx++
}
if f.ResourceType != "" {
query += fmt.Sprintf(` AND resource_type = $%d`, idx)
args = append(args, f.ResourceType)
idx++
}
if f.ResourceID != nil {
query += fmt.Sprintf(` AND resource_id = $%d`, idx)
args = append(args, *f.ResourceID)
idx++
}
if f.Since != nil {
query += fmt.Sprintf(` AND created_at >= $%d`, idx)
args = append(args, *f.Since)
idx++
}
if f.Until != nil {
query += fmt.Sprintf(` AND created_at <= $%d`, idx)
args = append(args, *f.Until)
idx++
}
query += fmt.Sprintf(` ORDER BY created_at DESC LIMIT $%d OFFSET $%d`, idx, idx+1)
limit := f.Pagination.Limit
if limit <= 0 {
limit = 50
}
args = append(args, limit, f.Pagination.Offset)
rows, err := s.pool.Query(ctx, query, args...)
if err != nil {
return nil, fmt.Errorf("query audit: %w", err)
}
defer rows.Close()
var entries []*AuditEntry
for rows.Next() {
var e AuditEntry
err := rows.Scan(&e.ID, &e.UserID, &e.Action, &e.ResourceType, &e.ResourceID,
&e.Details, &e.IPAddress, &e.UserAgent, &e.CreatedAt)
if err != nil {
return nil, fmt.Errorf("scan audit: %w", err)
}
entries = append(entries, &e)
}
return entries, rows.Err()
}