From 8a901ca6b5dfe61a283c8aad8e112eb29b24b250 Mon Sep 17 00:00:00 2001
From: Alexander Olofsson <alexander.olofsson@liu.se>
Date: Fri, 8 Dec 2017 13:09:56 +0100
Subject: [PATCH] Add in audit events

---
 server/db.js    |  9 ++++++++-
 server/users.js | 12 ++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/server/db.js b/server/db.js
index 6e5b291..511b089 100644
--- a/server/db.js
+++ b/server/db.js
@@ -10,7 +10,6 @@ pool.on('error', (err) => {
   console.log(err);
 });
 
-// TODO: Figure out the perfect db layout, or get the one from IDA
 const seed = `
 CREATE TABLE IF NOT EXISTS external_users (
   id SERIAL,
@@ -19,6 +18,14 @@ CREATE TABLE IF NOT EXISTS external_users (
   username VARCHAR(256) NOT NULL,
   date_added TIMESTAMP DEFAULT NOW()
 );
+
+CREATE TABLE IF NOT EXISTS audit_events (
+  id SERIAL,
+  event VARCHAR(32) NOT NULL,
+  user_id INTEGER NOT NULL,
+  message TEXT,
+  timestamp TIMESTAMP DEFAULT NOW()
+);
 `;
 
 module.exports = pool;
diff --git a/server/users.js b/server/users.js
index f4d296c..8d0ba76 100644
--- a/server/users.js
+++ b/server/users.js
@@ -59,6 +59,18 @@ router.post('/', async (req, res) => {
     console.log("> Response:");
     console.log(data);
 
+    try {
+      const queryText = 'INSERT INTO audit_events(event, user_id, message) VALUES($1, $2, $3)';
+      console.log("> DB Query:");
+      console.log(queryText);
+      const auditresp = await db.query(queryText, ['user.create', req.user.id, `Created account: ${dbResponse.body.name}  <${dbResponse.body.email}>, username: ${dbResponse.body.username}`]);
+      console.log("> DB Response:");
+      console.log(auditresp);
+    } catch(err) {
+      console.log("> DB Error:");
+      console.log(err);
+    }
+
     try {
       const queryText = 'UPDATE external_users SET user_id = $2 WHERE id = $1';
       console.log("> DB Query:");
-- 
GitLab