Skip to content

Audit entries rework #19345

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Jun 6, 2025
Merged

Audit entries rework #19345

merged 8 commits into from
Jun 6, 2025

Conversation

lauraneto
Copy link
Contributor

@lauraneto lauraneto commented May 16, 2025
edited
Loading

Description

  • Moved logic related to the IAuditEntryRepository (umbracoAudit) from the AuditService to the new service
  • Introduced new async methods
    • Using ids (marked as obsolete - for easier transition from the previous Write method)
    • Using keys
  • Added migration to add columns for performingUserKey and affectedUserKey and convert existing user ids
  • Moved and updated integration tests related to the audit entries to a new test class AuditEntryServiceTests
  • Added unit tests class AuditEntryServiceTests and added a few unit tests
  • Adjusted usages of the old AuditService.Write method to use the new one (mostly notification handlers)
  • Added Task<Attempt<Guid>> TryGetAsync(int id) and Task<Attempt<int>> TryGetAsync(Guid key) methods to IUserIdKeyResolver

Affected notification handlers that trigger audit logs

  • BackOfficeUserManagerAuditer
    • UserLoginSuccessNotification
    • UserLogoutSuccessNotification
    • UserLoginFailedNotification
    • UserForgotPasswordRequestedNotification
    • UserForgotPasswordChangedNotification
    • UserPasswordChangedNotification
    • UserPasswordResetNotification
  • AuditNotificationsHandler
    • MemberSavedNotification
    • MemberDeletedNotification
    • AssignedMemberRolesNotification
    • RemovedMemberRolesNotification
    • ExportedMemberNotification
    • UserSavedNotification
    • UserDeletedNotification
    • UserGroupWithUsersSavedNotification
    • AssignedUserGroupPermissionsNotification

Testing

Run the project in the main branch and do a few user operations. Then, switch to this branch, perform the update and do additional user operations.
Check the database to ensure that:

  • The new columns for the user keys were added
  • The migration filled in the keys based on the ids (if the user still exists)
  • New entries were added correctly and contain both the id and key of the users

❓ Pending questions ❓

  1. What to do regarding user id 0 (SYSTEM, Unknown)?
  • Is it ok to give it key 00000000-0000-0000-0000-000000000000 or do we want it to be null? (both in the database and code)
    • If empty guid is preferred, the migration should probably also convert user id 0 to guid empty, to differentiate between ids that weren't found and unknown user.
    • If null is preferred, some changes might be needed in the AddAsync methods (at the moment if the id is 0 or the overload accepting id is used and it cannot convert/find that id, it is saving as empty guid)

@lauraneto
Introduce new AuditEntryService
263e6f0 
- Moved logic related to the IAuditEntryRepository from the AuditService to the new service
- Introduced new Async methods
  - Using ids (for easier transition from the previous Write method)
  - Using keys
- Moved and updated integration tests related to the audit entries to a new test class `AuditEntryServiceTests`
- Added unit tests class `AuditEntryServiceTests` and added a few unit tests
- Added migration to add columns for `performingUserKey` and `affectedUserKey` and convert existing user ids
- Adjusted usages of the old AuditService.Write method to use the new one (mostly notification handlers)
@lauraneto lauraneto changed the base branch from main to v17/dev May 16, 2025 15:00
@lauraneto lauraneto mentioned this pull request May 16, 2025
Merged
lauraneto
lauraneto commented May 19, 2025
View reviewed changes
@lauraneto lauraneto marked this pull request as ready for review May 19, 2025 13:36
@lauraneto lauraneto requested a review from Zeegaan May 27, 2025 08:30
Zeegaan
Zeegaan requested changes Jun 2, 2025
View reviewed changes
Copy link
Member

@Zeegaan Zeegaan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few pedantic comments 😁

@lauraneto
Copy link
Contributor Author

@Zeegaan I updated the code based on your feedback and also did some additional changes:

  • Handle the upgrade state better - in the audit entry repository, I am now catching the db exception while in upgrade state and performing a more "manual" insert with only the fields that existed previously. I couldn't find an example of this being done in the rest of the codebase, only the error being ignored completely, so please point me in the right direction if there is another place where this is being done more gracefully!
  • Remove the UnknownUserKey that was added and adjust the logic to use/store null instead of that id - after some discussions it was clear that the unknown user is probably a "legacy" thing that we want to avoid using.

@lauraneto lauraneto requested a review from Zeegaan June 4, 2025 10:25
Zeegaan
Zeegaan approved these changes Jun 6, 2025
View reviewed changes
Copy link
Member

@Zeegaan Zeegaan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, tests good 🚀

@Zeegaan Zeegaan merged commit 7fc2bc8 into v17/dev Jun 6, 2025
24 of 25 checks passed
@Zeegaan Zeegaan deleted the v17/improvement/introduce-audit-entry-service branch June 6, 2025 11:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Zeegaan Zeegaan Zeegaan approved these changes

Assignees
No one assigned
Labels
category/breaking
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lauraneto @Zeegaan