From d283116c09d06e0a1adce8fb84de021af747417c Mon Sep 17 00:00:00 2001 From: Tim Spencer <72101647+sei-tspencer@users.noreply.github.com> Date: Mon, 28 Aug 2023 14:40:50 -0400 Subject: [PATCH] Cwdoe 1021 log privileged functions (#49) * added privilege logging --- Steamfitter.Api/Services/UserPermissionService.cs | 12 ++++++++---- Steamfitter.Api/Services/UserService.cs | 11 +++++++---- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/Steamfitter.Api/Services/UserPermissionService.cs b/Steamfitter.Api/Services/UserPermissionService.cs index 6a769d0..dd70861 100644 --- a/Steamfitter.Api/Services/UserPermissionService.cs +++ b/Steamfitter.Api/Services/UserPermissionService.cs @@ -10,10 +10,12 @@ using AutoMapper; using Microsoft.AspNetCore.Authorization; using Microsoft.EntityFrameworkCore; +using Microsoft.Extensions.Logging; using Steamfitter.Api.Data; using Steamfitter.Api.Data.Models; using Steamfitter.Api.Infrastructure.Authorization; using Steamfitter.Api.Infrastructure.Exceptions; +using Steamfitter.Api.Infrastructure.Extensions; using SAVM = Steamfitter.Api.ViewModels; namespace Steamfitter.Api.Services @@ -33,13 +35,15 @@ public class UserPermissionService : IUserPermissionService private readonly IAuthorizationService _authorizationService; private readonly ClaimsPrincipal _user; private readonly IMapper _mapper; + private readonly ILogger _logger; - public UserPermissionService(SteamfitterContext context, IAuthorizationService authorizationService, IPrincipal user, IMapper mapper) + public UserPermissionService(SteamfitterContext context, IAuthorizationService authorizationService, IPrincipal user, ILogger logger, IMapper mapper) { _context = context; _authorizationService = authorizationService; _user = user as ClaimsPrincipal; _mapper = mapper; + _logger = logger; } public async STT.Task> GetAsync(CancellationToken ct) @@ -74,7 +78,7 @@ public UserPermissionService(SteamfitterContext context, IAuthorizationService a _context.UserPermissions.Add(userPermissionEntity); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"Permission {userPermission.PermissionId} added to user {userPermission.UserId} by {_user.GetId()}"); return await GetAsync(userPermissionEntity.Id, ct); } @@ -90,7 +94,7 @@ public async STT.Task DeleteAsync(Guid id, CancellationToken ct) _context.UserPermissions.Remove(userPermissionToDelete); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"Permission {userPermissionToDelete.PermissionId} removed from user {userPermissionToDelete.UserId} by {_user.GetId()}"); return true; } @@ -106,7 +110,7 @@ public async STT.Task DeleteByIdsAsync(Guid userId, Guid permissionId, Can _context.UserPermissions.Remove(userPermissionToDelete); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"Permission {userPermissionToDelete.PermissionId} removed from user {userPermissionToDelete.UserId} by {_user.GetId()}"); return true; } diff --git a/Steamfitter.Api/Services/UserService.cs b/Steamfitter.Api/Services/UserService.cs index 1a77bbf..3d07360 100644 --- a/Steamfitter.Api/Services/UserService.cs +++ b/Steamfitter.Api/Services/UserService.cs @@ -12,6 +12,7 @@ using AutoMapper.QueryableExtensions; using Microsoft.AspNetCore.Authorization; using Microsoft.EntityFrameworkCore; +using Microsoft.Extensions.Logging; using Steamfitter.Api.Data; using Steamfitter.Api.Data.Models; using Steamfitter.Api.Infrastructure.Extensions; @@ -37,14 +38,16 @@ public class UserService : IUserService private readonly IAuthorizationService _authorizationService; private readonly IUserClaimsService _userClaimsService; private readonly IMapper _mapper; + private readonly ILogger _logger; - public UserService(SteamfitterContext context, IPrincipal user, IAuthorizationService authorizationService, IUserClaimsService userClaimsService, IMapper mapper) + public UserService(SteamfitterContext context, IPrincipal user, IAuthorizationService authorizationService, IUserClaimsService userClaimsService, ILogger logger, IMapper mapper) { _context = context; _user = user as ClaimsPrincipal; _authorizationService = authorizationService; _userClaimsService = userClaimsService; _mapper = mapper; + _logger = logger; } public async STT.Task> GetAsync(CancellationToken ct) @@ -78,7 +81,7 @@ public UserService(SteamfitterContext context, IPrincipal user, IAuthorizationSe _context.Users.Add(userEntity); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"User {user.Name} ({userEntity.Id}) created by {_user.GetId()}"); return await GetAsync(user.Id, ct); } @@ -102,7 +105,7 @@ public UserService(SteamfitterContext context, IPrincipal user, IAuthorizationSe _context.Users.Update(userToUpdate); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"User {userToUpdate.Name} ({userToUpdate.Id}) updated by {_user.GetId()}"); return await GetAsync(id, ct); } @@ -123,7 +126,7 @@ public async STT.Task DeleteAsync(Guid id, CancellationToken ct) _context.Users.Remove(userToDelete); await _context.SaveChangesAsync(ct); - + _logger.LogWarning($"User {userToDelete.Name} ({userToDelete.Id}) deleted by {_user.GetId()}"); return true; }