first set of adjustments

2023-07-30 22:30:12 +02:00
parent 313e595a91
commit 6f7b786ca0
4 changed files with 116 additions and 208 deletions
--- a/gdpr/srv/customAuditLog.js
+++ b/gdpr/srv/customAuditLog.js
@@ -1,8 +1,8 @@
 const cds = require('@sap/cds')

+// FIXME: no longer works like this with new audit logging plugin
 module.exports = class MyAuditLogService extends cds.AuditLogService {
  async init() {
-    
    // console.log('My Audit Log');
    // call AuditLogService's init
    await super.init()
@@ -12,132 +12,59 @@ module.exports = class MyAuditLogService extends cds.AuditLogService {

    // register custom handlers
    this.on('dataAccessLog', async req => {
-   
-    const logs = [];
+      const logs = []

-    const action    = 'DataAccess';
-    const user      = req.user.id;
-    const timestamp = req.timestamp;
-    const tenant    = req.tenant;
-    const channel   = req.channel;
-   
-    req.data.accesses.forEach( dataAccess => {
-      logs.push({
-          Action:          action,
-          User:            user,
-          Timestamp:       timestamp,
-          Tenant:          tenant,
-          Channel:         channel,
-          DataSubjectType: dataAccess.dataSubject.type,
-          DataSubjectRole: dataAccess.dataSubject.role,
-          DataSubjectID:   JSON.stringify(dataAccess.dataSubject.id),
-          ObjectType:      dataAccess.dataObject.type,
-          ObjectKey:       JSON.stringify(dataAccess.dataObject.id),
-          Blob: JSON.stringify(dataAccess)   
-      })  }
-    )
-   
+      const action = 'DataAccess'
+      const user = req.user.id
+      const timestamp = req.timestamp
+      const tenant = req.tenant
+      const channel = req.channel

-    await INSERT.into(AuditLogStore).entries(logs)
-    }
-    )
+      req.data.accesses.forEach(dataAccess => {
+        logs.push({
+          Action: action,
+          User: user,
+          Timestamp: timestamp,
+          Tenant: tenant,
+          Channel: channel,
+          DataSubjectType: dataAccess.data_subject.type,
+          DataSubjectRole: dataAccess.data_subject.role,
+          DataSubjectID: JSON.stringify(dataAccess.data_subject.id),
+          ObjectType: dataAccess.object.type,
+          ObjectKey: JSON.stringify(dataAccess.object.id),
+          Blob: JSON.stringify(dataAccess)
+        })
+      })
+
+      await INSERT.into(AuditLogStore).entries(logs)
+    })

    this.on('dataModificationLog', async req => {
+      const mods = []

-      const mods = [];
+      const action = 'DataModification'
+      const user = req.user.id
+      const timestamp = req.timestamp
+      const tenant = req.tenant
+      const channel = req.channel

-      const action    = 'DataModification';
-      const user      = req.user.id;
-      const timestamp = req.timestamp;
-      const tenant    = req.tenant;
-      const channel   = req.channel;
-
-      req.data.modifications.forEach( dataModification => {
+      req.data.modifications.forEach(dataModification => {
        mods.push({
-            Action:          action,
-            User:            user,
-            Timestamp:       timestamp,
-            Tenant:          tenant,
-            Channel:         channel,
-            DataSubjectType: dataModification.dataSubject.type,
-            DataSubjectRole: dataModification.dataSubject.role,
-            DataSubjectID:   JSON.stringify(dataModification.dataSubject.id),
-            ObjectType:      dataModification.dataObject.type,
-            ObjectKey:       JSON.stringify(dataModification.dataObject.id),
-            Blob: JSON.stringify(dataModification)   
-        })  }
-      )
-    
-      
+          Action: action,
+          User: user,
+          Timestamp: timestamp,
+          Tenant: tenant,
+          Channel: channel,
+          DataSubjectType: dataModification.data_subject.type,
+          DataSubjectRole: dataModification.data_subject.role,
+          DataSubjectID: JSON.stringify(dataModification.data_subject.id),
+          ObjectType: dataModification.object.type,
+          ObjectKey: JSON.stringify(dataModification.object.id),
+          Blob: JSON.stringify(dataModification)
+        })
+      })

      await INSERT.into(AuditLogStore).entries(mods)
-      }
-      )
-    }
-  
-  
-
-
-    
-
-
-    }
-
-/*
-service AuditLogService {
-
-    // SEC-254: Log read access to sensitive personal data
-    event dataAccessLog {
-      accesses         : array of Access;
-    };
-  
-    // SEC-265: Log changes to personal data
-    event dataModificationLog : {
-      c : array of DataModification;
-    };
+    })
+  }
 }
-*/
-
-
-/*
-define type KeyValuePair {
-  keyName : String;
-  value   : String;
-};
-
-define type DataObject {
-  type : String;
-  id   : array of KeyValuePair;
-};
-
-define type DataSubject {
-  type : String;
-  id   : array of KeyValuePair;
-  role : String;
-};
-
-define type Attribute {
-  name : String;
-};
-
-
-define type Access {
-  dataObject  : DataObject;
-  dataSubject : DataSubject;
-  attributes  : array of Attribute;
-  attachments : array of Attachment;
-};
-
-define type ChangedAttribute {
-  name     : String;
-  oldValue : String;
-  newValue : String;
-};
-
-define type DataModification {
-  dataObject  : DataObject;
-  dataSubject : DataSubject;
-  action      : String @assert.range enum { Create; Update; Delete; };
-  attributes  : array of ChangedAttribute;
-}
-*/