Skip to content

Commit 757a0da

Browse files
sfc-gh-ridasafdarsfc-gh-ridasafdar
authored
Merge pull request #3323 from sfc-gh-rchandrasekaran/coco-control-hub
Add CoCo Control Hub source code to assets/code — remove personal repo dependency
2 parents 4f635f8 + 6026555 commit 757a0da

23 files changed

Lines changed: 7017 additions & 4 deletions

site/sfguides/src/enterprise-cortex-code-governance/assets/code/README.md

Lines changed: 369 additions & 0 deletions
Large diffs are not rendered by default.

site/sfguides/src/enterprise-cortex-code-governance/assets/code/audit.py

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
"""
2+
Cortex Code Credit Manager - Audit Logging
3+
============================================
4+
Every action in the app is logged to CC_AUDIT_LOG via direct INSERT.
5+
"""
6+
7+
import json
8+
from typing import Any, Dict, Optional
9+
10+
from config import (
11+
TABLE_AUDIT_LOG,
12+
escape_sql_literal,
13+
fq_table,
14+
get_current_role,
15+
get_current_user,
16+
sanitize_identifier,
17+
)
18+
19+
20+
def log_activity(
21+
session,
22+
action_type: str,
23+
target_user: Optional[str] = None,
24+
target_role: Optional[str] = None,
25+
details: Optional[Dict[str, Any]] = None,
26+
old_value: Optional[str] = None,
27+
new_value: Optional[str] = None,
28+
status: str = "SUCCESS",
29+
) -> bool:
30+
actor = get_current_user(session)
31+
actor_role = get_current_role(session)
32+
tbl = fq_table(session, TABLE_AUDIT_LOG)
33+
34+
details_json = "NULL"
35+
if details:
36+
safe_json = escape_sql_literal(json.dumps(details, default=str))
37+
details_json = f"PARSE_JSON('{safe_json}')"
38+
39+
target_user_sql = f"'{escape_sql_literal(target_user)}'" if target_user else "NULL"
40+
target_role_sql = f"'{escape_sql_literal(target_role)}'" if target_role else "NULL"
41+
old_val_sql = f"'{escape_sql_literal(old_value)}'" if old_value else "NULL"
42+
new_val_sql = f"'{escape_sql_literal(new_value)}'" if new_value else "NULL"
43+
safe_action = escape_sql_literal(action_type)
44+
safe_status = escape_sql_literal(status)
45+
46+
sql = f"""
47+
INSERT INTO {tbl}
48+
(TIMESTAMP, ACTOR, ACTOR_ROLE, ACTION_TYPE, TARGET_USER, TARGET_ROLE,
49+
DETAILS, OLD_VALUE, NEW_VALUE, STATUS)
50+
SELECT
51+
CURRENT_TIMESTAMP(), '{escape_sql_literal(actor)}',
52+
'{escape_sql_literal(actor_role)}', '{safe_action}',
53+
{target_user_sql}, {target_role_sql},
54+
{details_json}, {old_val_sql}, {new_val_sql}, '{safe_status}'
55+
"""
56+
try:
57+
session.sql(sql).collect()
58+
return True
59+
except Exception:
60+
return False

0 commit comments

Comments
 (0)