sourcegraph · mohammadualam · Aug 6, 2024 · Aug 7, 2024 · Aug 9, 2024 · Aug 9, 2024
diff --git a/client/web/src/featureFlags/featureFlags.ts b/client/web/src/featureFlags/featureFlags.ts
@@ -6,7 +6,6 @@ import type { OrgFeatureFlagOverridesResult, OrgFeatureFlagOverridesVariables }
 export const FEATURE_FLAGS = [
     'admin-analytics-cache-disabled',
     'admin-onboarding',
-    'auditlog-expansion',
     'blob-page-switch-areas-shortcuts',
     'cody-chat-mock-test',
     'contrast-compliant-syntax-highlighting',

diff --git a/cmd/frontend/graphqlbackend/external_services.go b/cmd/frontend/graphqlbackend/external_services.go
@@ -22,7 +22,6 @@ import (
 	"github.com/sourcegraph/sourcegraph/internal/conf"
 	"github.com/sourcegraph/sourcegraph/internal/database"
 	"github.com/sourcegraph/sourcegraph/internal/extsvc"
-	"github.com/sourcegraph/sourcegraph/internal/featureflag"
 	"github.com/sourcegraph/sourcegraph/internal/gqlutil"
 	"github.com/sourcegraph/sourcegraph/internal/repos"
 	"github.com/sourcegraph/sourcegraph/internal/repoupdater"
@@ -80,22 +79,20 @@ func (r *schemaResolver) AddExternalService(ctx context.Context, args *addExtern
 		return nil, err
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-
-		arg := struct {
-			Kind        string
-			DisplayName string
-			Namespace   *graphql.ID
-		}{
-			Kind:        args.Input.Kind,
-			DisplayName: args.Input.DisplayName,
-			Namespace:   args.Input.Namespace,
-		}
-		// Log action of Code Host Connection being added
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionAdded, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arg); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
-		}
+	arg := struct {
+		Kind        string
+		DisplayName string
+		Namespace   *graphql.ID
+	}{
+		Kind:        args.Input.Kind,
+		DisplayName: args.Input.DisplayName,
+		Namespace:   args.Input.Namespace,
+	}
+	// Log action of Code Host Connection being added
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionAdded, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arg); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 	}
+
 	// Now, schedule the external service for syncing immediately.
 	s := repos.NewStore(r.logger, r.db)
 	err = s.EnqueueSingleSyncJob(ctx, externalService.ID)
@@ -196,26 +193,24 @@ func (r *schemaResolver) UpdateExternalService(ctx context.Context, args *update
 		logger.Warn("Failed to get new redacted config", log.Error(err))
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-		arg := struct {
-			ID           graphql.ID
-			DisplayName  *string
-			UpdaterID    *int32
-			PrevConfig   string
-			LatestConfig *string
-		}{
-			ID:           args.Input.ID,
-			DisplayName:  args.Input.DisplayName,
-			UpdaterID:    &userID,
-			PrevConfig:   prevConfig,
-			LatestConfig: &latestConfig,
-		}
-		// Log action of Code Host Connection being updated
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionUpdated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arg); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
-		}
-
+	arg := struct {
+		ID           graphql.ID
+		DisplayName  *string
+		UpdaterID    *int32
+		PrevConfig   string
+		LatestConfig *string
+	}{
+		ID:           args.Input.ID,
+		DisplayName:  args.Input.DisplayName,
+		UpdaterID:    &userID,
+		PrevConfig:   prevConfig,
+		LatestConfig: &latestConfig,
+	}
+	// Log action of Code Host Connection being updated
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionUpdated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arg); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 	}
+
 	// Now, schedule the external service for syncing immediately.
 	s := repos.NewStore(r.logger, r.db)
 	err = s.EnqueueSingleSyncJob(ctx, es.ID)
@@ -344,19 +339,18 @@ func (r *schemaResolver) DeleteExternalService(ctx context.Context, args *delete
 		}
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-		arguments := struct {
-			GraphQLID         graphql.ID `json:"GraphQL ID"`
-			ExternalServiceID int64      `json:"External Service ID"`
-		}{
-			GraphQLID:         args.ExternalService,
-			ExternalServiceID: id,
-		}
-		// Log action of Code Host Connection being deleted
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionDeleted, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arguments); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
-		}
+	arguments := struct {
+		GraphQLID         graphql.ID `json:"GraphQL ID"`
+		ExternalServiceID int64      `json:"External Service ID"`
+	}{
+		GraphQLID:         args.ExternalService,
+		ExternalServiceID: id,
+	}
+	// Log action of Code Host Connection being deleted
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameCodeHostConnectionDeleted, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", arguments); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 	}
+
 	return &EmptyResponse{}, nil
 }
 

diff --git a/cmd/frontend/graphqlbackend/external_services_test.go b/cmd/frontend/graphqlbackend/external_services_test.go
@@ -7,6 +7,7 @@ import (
 	"testing"
 	"time"
 
+	mockrequire "github.com/derision-test/go-mockgen/v2/testutil/require"
 	"github.com/google/go-cmp/cmp"
 	"github.com/graph-gophers/graphql-go"
 	gqlerrors "github.com/graph-gophers/graphql-go/errors"
@@ -68,6 +69,9 @@ func TestAddExternalService(t *testing.T) {
 	db.UsersFunc.SetDefaultReturn(users)
 	db.ExternalServicesFunc.SetDefaultReturn(externalServices)
 	db.HandleFunc.SetDefaultReturn(&handle{db})
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	RunTests(t, []*Test{
 		{
@@ -96,6 +100,7 @@ func TestAddExternalService(t *testing.T) {
 		`,
 		},
 	})
+	mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
 }
 
 func TestUpdateExternalService(t *testing.T) {
@@ -203,6 +208,10 @@ func TestUpdateExternalService(t *testing.T) {
 	es := backend.NewStrictMockExternalServicesService()
 	es.ValidateConnectionFunc.SetDefaultReturn(nil)
 
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
+
 	mockExternalServicesService = es
 	t.Cleanup(func() { mockExternalServicesService = nil })
 
@@ -231,6 +240,7 @@ func TestUpdateExternalService(t *testing.T) {
 		`,
 		Context: actor.WithActor(context.Background(), &actor.Actor{UID: 1}),
 	})
+	mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
 }
 
 func TestExcludeRepoFromExternalServices_ExternalServiceDoesntSupportRepoExclusion(t *testing.T) {
@@ -566,6 +576,9 @@ func TestDeleteExternalService(t *testing.T) {
 	db := dbmocks.NewMockDB()
 	db.UsersFunc.SetDefaultReturn(users)
 	db.ExternalServicesFunc.SetDefaultReturn(externalServices)
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	RunTests(t, []*Test{
 		{
@@ -587,6 +600,7 @@ func TestDeleteExternalService(t *testing.T) {
 			Context: actor.WithActor(context.Background(), &actor.Actor{UID: 1}),
 		},
 	})
+	mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
 }
 
 func TestExternalServicesResolver(t *testing.T) {

diff --git a/cmd/frontend/graphqlbackend/org.go b/cmd/frontend/graphqlbackend/org.go
@@ -15,7 +15,6 @@ import (
 	"github.com/sourcegraph/sourcegraph/internal/database"
 	"github.com/sourcegraph/sourcegraph/internal/dotcom"
 	"github.com/sourcegraph/sourcegraph/internal/errcode"
-	"github.com/sourcegraph/sourcegraph/internal/featureflag"
 	"github.com/sourcegraph/sourcegraph/internal/gqlutil"
 	"github.com/sourcegraph/sourcegraph/internal/types"
 	"github.com/sourcegraph/sourcegraph/lib/errors"
@@ -27,11 +26,9 @@ func (r *schemaResolver) Organization(ctx context.Context, args struct{ Name str
 		return nil, err
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-		// Log action for siteadmin viewing an organization's details
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgViewed, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
-		}
+	// Log action for siteadmin viewing an organization's details
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgViewed, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 	}
 
 	return &OrgResolver{db: r.db, org: org}, nil
@@ -272,12 +269,10 @@ func (r *schemaResolver) CreateOrganization(ctx context.Context, args *struct {
 		return nil, err
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-		// Log an event when a new organization being created
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgCreated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
+	// Log an event when a new organization being created
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgCreated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 
-		}
 	}
 
 	// Add the current user as the first member of the new org.
@@ -310,13 +305,12 @@ func (r *schemaResolver) UpdateOrganization(ctx context.Context, args *struct {
 		return nil, err
 	}
 
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
-		// Log an event when organization settings are updated
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgUpdated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
-			r.logger.Warn("Error logging security event", log.Error(err))
+	// Log an event when organization settings are updated
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgUpdated, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", args); err != nil {
+		r.logger.Warn("Error logging security event", log.Error(err))
 
-		}
 	}
+
 	return &OrgResolver{db: r.db, org: updatedOrg}, nil
 }
 

diff --git a/cmd/frontend/graphqlbackend/org_test.go b/cmd/frontend/graphqlbackend/org_test.go
@@ -6,6 +6,7 @@ import (
 	"strconv"
 	"testing"
 
+	mockrequire "github.com/derision-test/go-mockgen/v2/testutil/require"
 	gqlerrors "github.com/graph-gophers/graphql-go/errors"
 	"github.com/graph-gophers/graphql-go/relay"
 	"github.com/stretchr/testify/assert"
@@ -38,10 +39,14 @@ func TestOrganization(t *testing.T) {
 	orgs.GetByNameFunc.SetDefaultReturn(&mockedOrg, nil)
 	orgs.GetByIDFunc.SetDefaultReturn(&mockedOrg, nil)
 
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+
 	db := dbmocks.NewMockDB()
 	db.OrgsFunc.SetDefaultReturn(orgs)
 	db.UsersFunc.SetDefaultReturn(users)
 	db.OrgMembersFunc.SetDefaultReturn(orgMembers)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	t.Run("can access organizations", func(t *testing.T) {
 		RunTests(t, []*Test{
@@ -64,6 +69,8 @@ func TestOrganization(t *testing.T) {
 			},
 		})
 	})
+	mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
+
 }
 
 func TestOrganizationMembers(t *testing.T) {
@@ -85,10 +92,14 @@ func TestOrganizationMembers(t *testing.T) {
 	mockedOrg := types.Org{ID: 1, Name: "acme"}
 	orgs.GetByNameFunc.SetDefaultReturn(&mockedOrg, nil)
 
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+
 	db := dbmocks.NewMockDB()
 	db.OrgsFunc.SetDefaultReturn(orgs)
 	db.UsersFunc.SetDefaultReturn(users)
 	db.OrgMembersFunc.SetDefaultReturn(orgMembers)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	t.Run("org members can list members", func(t *testing.T) {
 		users.GetByCurrentAuthUserFunc.SetDefaultReturn(&types.User{Username: "alice", ID: 1}, nil)
@@ -120,6 +131,7 @@ func TestOrganizationMembers(t *testing.T) {
 				})
 			})
 		}
+		mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
 	})
 
 	t.Run("non-members", func(t *testing.T) {
@@ -208,6 +220,8 @@ func TestOrganizationMembers(t *testing.T) {
 				},
 			})
 		})
+		mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
+
 	})
 }
 
@@ -224,10 +238,14 @@ func TestCreateOrganization(t *testing.T) {
 	orgMembers := dbmocks.NewMockOrgMemberStore()
 	orgMembers.CreateFunc.SetDefaultReturn(&types.OrgMembership{OrgID: mockedOrg.ID, UserID: userID}, nil)
 
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+
 	db := dbmocks.NewMockDB()
 	db.OrgsFunc.SetDefaultReturn(orgs)
 	db.UsersFunc.SetDefaultReturn(users)
 	db.OrgMembersFunc.SetDefaultReturn(orgMembers)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	ctx := actor.WithActor(context.Background(), &actor.Actor{UID: userID})
 
@@ -253,6 +271,7 @@ func TestCreateOrganization(t *testing.T) {
 				"name": "acme",
 			},
 		})
+		mockrequire.Called(t, securityLogEvents.LogSecurityEventFunc)
 	})
 
 	t.Run("Fails for unauthenticated user", func(t *testing.T) {
@@ -335,11 +354,15 @@ func TestAddOrganizationMember(t *testing.T) {
 	permssync.MockSchedulePermsSync = func(_ context.Context, logger log.Logger, _ database.DB, _ permssync.ScheduleSyncOpts) {}
 	defer func() { permssync.MockSchedulePermsSync = nil }()
 
+	securityLogEvents := dbmocks.NewMockSecurityEventLogsStore()
+	securityLogEvents.LogSecurityEventFunc.SetDefaultReturn(nil)
+
 	db := dbmocks.NewMockDB()
 	db.OrgsFunc.SetDefaultReturn(orgs)
 	db.UsersFunc.SetDefaultReturn(users)
 	db.OrgMembersFunc.SetDefaultReturn(orgMembers)
 	db.FeatureFlagsFunc.SetDefaultReturn(featureFlags)
+	db.SecurityEventLogsFunc.SetDefaultReturn(securityLogEvents)
 
 	ctx := actor.WithActor(context.Background(), &actor.Actor{UID: 1})
 

diff --git a/cmd/frontend/graphqlbackend/orgs.go b/cmd/frontend/graphqlbackend/orgs.go
@@ -8,7 +8,6 @@ import (
 	"github.com/sourcegraph/sourcegraph/internal/actor"
 	"github.com/sourcegraph/sourcegraph/internal/auth"
 	"github.com/sourcegraph/sourcegraph/internal/database"
-	"github.com/sourcegraph/sourcegraph/internal/featureflag"
 	"github.com/sourcegraph/sourcegraph/internal/gqlutil"
 )
 
@@ -47,14 +46,13 @@ func (r *orgConnectionResolver) Nodes(ctx context.Context) ([]*OrgResolver, erro
 			org: org,
 		})
 	}
-	if featureflag.FromContext(ctx).GetBoolOr("auditlog-expansion", false) {
 
-		// Log an event when listing organizations.
-		if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgListViewed, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", nil); err != nil {
-			logger.Error(err)
+	// Log an event when listing organizations.
+	if err := r.db.SecurityEventLogs().LogSecurityEvent(ctx, database.SecurityEventNameOrgListViewed, "", uint32(actor.FromContext(ctx).UID), "", "BACKEND", nil); err != nil {
+		logger.Error(err)
 
-		}
 	}
+
 	return l, nil
 }