From 72c0a3a468212989b781f8908e3ba3efcbb8df05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Wa=C5=82ejko?= Date: Mon, 4 Mar 2024 16:50:00 +0000 Subject: [PATCH] Add IP address and user agent to audit logs api --- R/api-audit-log.R | 1 + .../testthat/fixtures/example_audit_logs.yml | 16 +++++++++++++-- tests/testthat/test-api-audit-log.R | 20 ++++++++++++++----- 3 files changed, 30 insertions(+), 7 deletions(-) diff --git a/R/api-audit-log.R b/R/api-audit-log.R index 4403870..cba00fd 100644 --- a/R/api-audit-log.R +++ b/R/api-audit-log.R @@ -11,6 +11,7 @@ api_get_audit_log <- function(study_id, req, res) { # Get audit trial audit_trail <- dplyr::tbl(db_connection_pool, "audit_log") |> dplyr::filter(study_id == !!study_id) |> + dplyr::arrange(created_at) |> dplyr::collect() audit_trail$request_body <- purrr::map( diff --git a/tests/testthat/fixtures/example_audit_logs.yml b/tests/testthat/fixtures/example_audit_logs.yml index 607dfe5..5b28b3c 100644 --- a/tests/testthat/fixtures/example_audit_logs.yml +++ b/tests/testthat/fixtures/example_audit_logs.yml @@ -23,6 +23,8 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" - id: "c12d29e7-1b44-4cb6-a9c1-1f427fe70002" created_at: "2022-02-16T10:27:53Z" event_type: "example_event" @@ -33,6 +35,8 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" - id: "c12d29e7-1b44-4cb6-a9c1-1f427fe70003" created_at: "2022-02-16T10:27:53Z" event_type: "example_event" @@ -43,8 +47,10 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" - id: "c12d29e7-1b44-4cb6-a9c1-1f427fe70004" - created_at: "2022-02-16T10:27:53Z" + created_at: "2023-02-16T10:27:53Z" event_type: "example_event" request_id: "427ac2db-166d-4236-b040-94213f1b0004" study_id: 2 @@ -53,8 +59,10 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" - id: "c12d29e7-1b44-4cb6-a9c1-1f427fe70005" - created_at: "2022-02-16T10:27:53Z" + created_at: "2022-02-16T10:27:54Z" event_type: "example_event" request_id: "427ac2db-166d-4236-b040-94213f1b0004" study_id: 2 @@ -63,6 +71,8 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" - id: "c12d29e7-1b44-4cb6-a9c1-1f427fe70006" created_at: "2022-02-16T10:27:53Z" event_type: "example_event" @@ -73,3 +83,5 @@ audit_log: request_body: '{"key1": "value1", "key2": "value2"}' response_code: 200 response_body: '{"key1": "value1", "key2": "value2"}' + ip_address: "8.8.8.8" + user_agent: "Mozilla" diff --git a/tests/testthat/test-api-audit-log.R b/tests/testthat/test-api-audit-log.R index 471d7a4..2ae767f 100644 --- a/tests/testthat/test-api-audit-log.R +++ b/tests/testthat/test-api-audit-log.R @@ -7,7 +7,8 @@ testthat::test_that("audit logs for study are returned correctly from the databa counts <- c(1, 4, 1) for (i in 1:3) { study_id <- studies[i] - count <- counts[i] + count <- counts[i] |> + as.integer() response <- request(api_url) |> req_url_path("study", study_id, "audit") |> req_method("GET") |> @@ -17,12 +18,18 @@ testthat::test_that("audit logs for study are returned correctly from the databa response |> resp_body_json() - testthat::expect_equal(response$status_code, 200) - testthat::expect_equal(length(response_body), count) + testthat::expect_identical(response$status_code, 200L) + testthat::expect_identical(length(response_body), count) + + created_at <- response_body |> dplyr::bind_rows() |> dplyr::pull("created_at") + testthat::expect_equal( + created_at, + created_at |> sort() + ) if (count > 0) { body <- response_body[[1]] - testthat::expect_equal(names(body), c( + testthat::expect_setequal(names(body), c( "id", "created_at", "event_type", @@ -32,8 +39,11 @@ testthat::test_that("audit logs for study are returned correctly from the databa "request_method", "request_body", "response_code", - "response_body" + "response_body", + "user_agent", + "ip_address" )) + testthat::expect_equal(body$study_id, study_id) testthat::expect_equal(body$event_type, "example_event") testthat::expect_equal(body$request_method, "GET")