shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: audit git ssh key regeneration (#4544)

Browse Source
This commit is contained in:
Colin Adler
2022-10-14 16:25:46 -05:00
committed by GitHub
parent dd8ebf10db
commit 7ec88bf841
8 changed files with 63 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
coderd/gitsshkey.go
+23 -11
View File
@@ -3,6 +3,7 @@ package coderd
import (
"net/http"
"github.com/coder/coder/coderd/audit"
"github.com/coder/coder/coderd/database"
"github.com/coder/coder/coderd/gitsshkey"
"github.com/coder/coder/coderd/httpapi"
@@ -12,14 +13,32 @@ import (
)
func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
user := httpmw.UserParam(r)
var (
ctx = r.Context()
user = httpmw.UserParam(r)
auditor = api.Auditor.Load()
aReq, commitAudit = audit.InitRequest[database.GitSSHKey](rw, &audit.RequestParams{
Audit: *auditor,
Log: api.Logger,
Request: r,
Action: database.AuditActionWrite,
})
)
defer commitAudit()
if !api.Authorize(r, rbac.ActionUpdate, rbac.ResourceUserData.WithOwner(user.ID.String())) {
httpapi.ResourceNotFound(rw)
return
}
oldKey, err := api.Database.GetGitSSHKey(ctx, user.ID)
if err != nil {
httpapi.InternalServerError(rw, err)
return
}
aReq.Old = oldKey
privateKey, publicKey, err := gitsshkey.Generate(api.SSHKeygenAlgorithm)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
@@ -29,7 +48,7 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
return
}
err = api.Database.UpdateGitSSHKey(ctx, database.UpdateGitSSHKeyParams{
newKey, err := api.Database.UpdateGitSSHKey(ctx, database.UpdateGitSSHKeyParams{
UserID: user.ID,
UpdatedAt: database.Now(),
PrivateKey: privateKey,
@@ -43,14 +62,7 @@ func (api *API) regenerateGitSSHKey(rw http.ResponseWriter, r *http.Request) {
return
}
newKey, err := api.Database.GetGitSSHKey(ctx, user.ID)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Message: "Internal error fetching user's git SSH key.",
Detail: err.Error(),
})
return
}
aReq.New = newKey
httpapi.Write(ctx, rw, http.StatusOK, codersdk.GitSSHKey{
UserID: newKey.UserID,