refactor audit code

src/audit_api.go

@@ -9,7 +9,7 @@ import (
 
 func (e mainEnv) getAuditEvents(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	userTOKEN := ps.ByName("token")
-	event := audit("view audit events", userTOKEN)
+	event := audit("view audit events", userTOKEN, "token", userTOKEN)
 	defer func() { event.submit(e.db) }()
 	//fmt.Println("error code")
 	if enforceUUID(w, userTOKEN, event) == false {

src/audit_db.go

@@ -11,6 +11,8 @@ import (
 type auditEvent struct {
 	When     int32  `json:"when"`
 	Who      string `json:"who"`
+	Mode     string `json:"mode"`
+	Identity string `json:"identity"`
 	Record   string `json:"record"`
 	App      string `json:"app"`
 	Title    string `json:"title"`
@@ -22,9 +24,9 @@ type auditEvent struct {
 	Meta     string `json:"meta"`
 }
 
-func audit(title string, record string) *auditEvent {
+func audit(title string, record string, mode string, address string) *auditEvent {
 	fmt.Printf("/%s : %s\n", title, record)
-	return &auditEvent{Title: title, Record: record, Status: "ok", When: int32(time.Now().Unix())}
+	return &auditEvent{Title: title, Mode: mode, Who: address, Record: record, Status: "ok", When: int32(time.Now().Unix())}
 }
 
 func auditApp(title string, record string, app string) *auditEvent {

src/consent_api.go

@@ -12,7 +12,7 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro
 	address := ps.ByName("address")
 	brief := ps.ByName("brief")
 	mode := ps.ByName("mode")
-	event := audit("consent accept by "+mode, address)
+	event := audit("consent accept for "+brief, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	brief = normalizeBrief(brief)
@@ -42,6 +42,7 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro
 		userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf)
 		if userBson != nil {
 			userTOKEN = userBson["token"].(string)
+			event.Record = userTOKEN
 		}
 	}
 
@@ -75,7 +76,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro
 	address := ps.ByName("address")
 	brief := ps.ByName("brief")
 	mode := ps.ByName("mode")
-	event := audit("consent cancel by "+mode, address)
+	event := audit("consent withdraw for "+brief, address, mode, address)
 	defer func() { event.submit(e.db) }()
 	userTOKEN := ""
 
@@ -99,6 +100,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro
 		userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf)
 		if userBson != nil {
 			userTOKEN = userBson["token"].(string)
+			event.Record = userTOKEN
 		}
 	}
 	// make sure that user is logged in here, unless he wants to cancel emails
@@ -120,7 +122,7 @@ func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httpro
 func (e mainEnv) consentAllUserRecords(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("consent list of events by "+mode, address)
+	event := audit("consent list of records for "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 	userTOKEN := ""
 	if mode == "token" {
@@ -138,6 +140,7 @@ func (e mainEnv) consentAllUserRecords(w http.ResponseWriter, r *http.Request, p
 		userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf)
 		if userBson != nil {
 			userTOKEN = userBson["token"].(string)
+			event.Record = userTOKEN
 		}
 	}
 	// make sure that user is logged in here, unless he wants to cancel emails
@@ -163,7 +166,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht
 	address := ps.ByName("address")
 	brief := ps.ByName("brief")
 	mode := ps.ByName("mode")
-	event := audit("consent event by "+mode, address)
+	event := audit("consent record for "+brief, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	brief = normalizeBrief(brief)
@@ -187,6 +190,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht
 		userBson, _ := e.db.lookupUserRecordByIndex(mode, address, e.conf)
 		if userBson != nil {
 			userTOKEN = userBson["token"].(string)
+			event.Record = userTOKEN
 		}
 	}
 
@@ -209,7 +213,7 @@ func (e mainEnv) consentUserRecord(w http.ResponseWriter, r *http.Request, ps ht
 
 func (e mainEnv) consentFilterRecords(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	brief := ps.ByName("brief")
-	event := audit("consent filter by "+brief, "")
+	event := audit("consent get all for "+brief, brief, "brief", brief)
 	defer func() { event.submit(e.db) }()
 	if e.enforceAuth(w, r, event) == false {
 		return

src/sessions_api.go

@@ -7,7 +7,7 @@ import (
 )
 
 func (e mainEnv) newSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
-	uuidCode := ps.ByName("uuidcode")
+	token := ps.ByName("token")
-	event := audit("create new session", uuidCode)
+	event := audit("create new session", token)
 	defer func() { event.submit(e.db) }()
 }

src/userapps_api.go

@@ -86,7 +86,7 @@ func (e mainEnv) userappChange(w http.ResponseWriter, r *http.Request, ps httpro
 
 func (e mainEnv) userappList(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	userTOKEN := ps.ByName("token")
-	event := audit("get user app list", userTOKEN)
+	event := audit("get user app list", userTOKEN, "token", userTOKEN)
 	defer func() { event.submit(e.db) }()
 
 	if enforceUUID(w, userTOKEN, event) == false {

src/users_api.go

@@ -8,7 +8,7 @@ import (
 )
 
 func (e mainEnv) userNew(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
-	event := audit("create user record", "")
+	event := audit("create user record", "", "", "")
 	defer func() { event.submit(e.db) }()
 
 	if e.conf.Generic.Create_user_without_token == false {
@@ -62,6 +62,7 @@ func (e mainEnv) userNew(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		returnError(w, r, "internal error", 405, err, event)
 		return
 	}
+	event.Record = userTOKEN
 	returnUUID(w, userTOKEN)
 	return
 }
@@ -71,7 +72,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P
 	var resultJSON []byte
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("get user record by "+mode, address)
+	event := audit("get user record by "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 	if e.enforceAuth(w, r, event) == false {
 		return
@@ -88,6 +89,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		resultJSON, err = e.db.getUser(address)
 	} else {
 		resultJSON, userTOKEN, err = e.db.getUserIndex(address, mode, e.conf)
+		event.Record = userTOKEN
 	}
 	if err != nil {
 		returnError(w, r, "internal error", 405, nil, event)
@@ -108,7 +110,7 @@ func (e mainEnv) userGet(w http.ResponseWriter, r *http.Request, ps httprouter.P
 func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("change user record by "+mode, address)
+	event := audit("change user record by "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	if e.enforceAuth(w, r, event) == false {
@@ -138,6 +140,7 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute
 			return
 		}
 		userTOKEN = userBson["token"].(string)
+		event.Record = userTOKEN
 	}
 	err = e.db.updateUserRecord(parsedData, userTOKEN, event, e.conf)
 	if err != nil {
@@ -151,7 +154,7 @@ func (e mainEnv) userChange(w http.ResponseWriter, r *http.Request, ps httproute
 func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("delete user record by "+mode, address)
+	event := audit("delete user record by "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	if e.enforceAuth(w, r, event) == false {
@@ -176,6 +179,7 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute
 			return
 		}
 		userTOKEN = userBson["token"].(string)
+		event.Record = userTOKEN
 	}
 	fmt.Printf("deleting user %s", userTOKEN)
 	result, err := e.db.deleteUserRecord(userTOKEN)
@@ -196,7 +200,7 @@ func (e mainEnv) userDelete(w http.ResponseWriter, r *http.Request, ps httproute
 func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("user login by "+mode, address)
+	event := audit("user login by "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	if mode != "phone" && mode != "email" {
@@ -210,6 +214,7 @@ func (e mainEnv) userLogin(w http.ResponseWriter, r *http.Request, ps httprouter
 	}
 	if userBson != nil {
 		userTOKEN := userBson["token"].(string)
+		event.Record = userTOKEN
 		if address == "4444" || address == "test@paranoidguy.com" {
 			// check if it is demo account.
 			// the address is always 4444
@@ -235,7 +240,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr
 	tmp := ps.ByName("tmp")
 	address := ps.ByName("address")
 	mode := ps.ByName("mode")
-	event := audit("user login by "+mode, address)
+	event := audit("user login by "+mode, address, mode, address)
 	defer func() { event.submit(e.db) }()
 
 	if mode != "phone" && mode != "email" {
@@ -251,6 +256,7 @@ func (e mainEnv) userLoginEnter(w http.ResponseWriter, r *http.Request, ps httpr
 
 	if userBson != nil {
 		userTOKEN := userBson["token"].(string)
+		event.Record = userTOKEN
 		fmt.Printf("Found user record: %s\n", userTOKEN)
 		tmpCode := userBson["tempcode"].(string)
 		if tmp == tmpCode {

src/utils.go

@@ -186,7 +186,7 @@ func (e mainEnv) enforceAuth(w http.ResponseWriter, r *http.Request, event *audi
 		//fmt.Printf("error in auth? error %s - %s\n", err, token[0])
 		if err == nil {
 			if event != nil {
-				event.Who = authResult.name
+				event.Identity = authResult.name
 			}
 			if authResult.ttype == "login" {
 				if authResult.token == event.Record {
@@ -200,7 +200,7 @@ func (e mainEnv) enforceAuth(w http.ResponseWriter, r *http.Request, event *audi
 		/*
 			if e.db.checkToken(token[0]) == true {
 				if event != nil {
-					event.Who = "admin"
+					event.Identity = "admin"
 				}
 				return true
 			}

src/xtokens_api.go

@@ -13,7 +13,7 @@ import (
 
 func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	userTOKEN := ps.ByName("token")
-	event := audit("create user temp access xtoken", userTOKEN)
+	event := audit("create user temp access by token", userTOKEN, "token", userTOKEN)
 	defer func() { event.submit(e.db) }()
 
 	if enforceUUID(w, userTOKEN, event) == false {
@@ -64,6 +64,7 @@ func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprou
 		returnError(w, r, err.Error(), 405, err, event)
 		return
 	}
+	event.Record = xtokenUUID
 	event.Msg = "Generated " + xtokenUUID
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -71,10 +72,10 @@ func (e mainEnv) userNewToken(w http.ResponseWriter, r *http.Request, ps httprou
 }
 
 func (e mainEnv) userCheckToken(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
-	event := audit("get record by user temp access token", "")
+	xtoken := ps.ByName("xtoken")
+	event := audit("get record by user temp access token", xtoken, "xtoken", xtoken)
 	defer func() { event.submit(e.db) }()
 
-	xtoken := ps.ByName("xtoken")
 	if enforceUUID(w, xtoken, event) == false {
 		return
 	}