add more logger event types

Author: wojcik91

src/db/models/audit_log.rs

@@ -15,15 +15,32 @@ pub enum AuditModule {
     Enrollment,
 }
 
+/// Represents audit event type as it's stored in the DB
+///
+/// To make searching and exporting the type is stored as text and not a custom Postgres enum.
+/// Variant names are renamed to `snake_case` so `UserLogin` becomes `user_login` in the DB table.
 #[derive(Clone, Debug, Deserialize, Serialize, Type)]
 #[sqlx(type_name = "text", rename_all = "snake_case")]
 #[serde(rename_all = "snake_case")]
 pub enum EventType {
+    // user management
     UserLogin,
     UserLogout,
+    UserAdded,
+    UserRemoved,
+    UserModified,
+    // device management
     DeviceAdded,
     DeviceRemoved,
     DeviceModified,
+    // OpenID app management
+    OpenIdAppAdded,
+    OpenIdAppRemoved,
+    OpenIdAppModified,
+    // VPN location management
+    VpnLocationAdded,
+    VpnLocationRemoved,
+    VpnLocationModified,
 }
 
 #[derive(Model, FromRow)]

src/event_logger/message.rs

@@ -1,7 +1,10 @@
 use chrono::NaiveDateTime;
 use ipnetwork::IpNetwork;
 
-use crate::db::Id;
+use crate::{
+    db::{models::authentication_key::AuthenticationKeyType, Id},
+    grpc::proto::proxy::MfaMethod,
+};
 
 /// Messages that can be sent to the event logger
 pub struct EventLoggerMessage {
@@ -32,20 +35,174 @@ pub struct EventContext {
     pub device: String,
 }
 
-/// Represents audit events related to Web UI
+/// Represents audit events related to actions performed in Web UI
 pub enum DefguardEvent {
+    // authentication
     UserLogin,
     UserLogout,
-    DeviceAdded { device_name: String },
-    DeviceRemoved { device_name: String },
-    DeviceModified { device_name: String },
+    RecoveryCodeUsed,
+    PasswordChanged,
+    MfaFailed,
+    // user MFA management
+    MfaDisabled,
+    MfaDefaultChanged {
+        mfa_method: MfaMethod,
+    },
+    MfaTotpEnabled,
+    MfaTotpDisabled,
+    MfaEmailEnabled,
+    MfaEmailDisabled,
+    MfaSecurityKeyAdded {
+        key_id: Id,
+        key_name: String,
+    },
+    MfaSecurityKeyRemoved {
+        key_id: Id,
+        key_name: String,
+    },
+    // authentication key management
+    AuthenticationKeyAdded {
+        key_id: Id,
+        key_name: String,
+        key_type: AuthenticationKeyType,
+    },
+    AuthenticationKeyRemoved {
+        key_id: Id,
+        key_name: String,
+        key_type: AuthenticationKeyType,
+    },
+    AuthenticationKeyRenamed {
+        key_id: Id,
+        key_name: String,
+        key_type: AuthenticationKeyType,
+    },
+    // API token management
+    ApiTokenAdded {
+        token_id: Id,
+        token_name: String,
+    },
+    ApiTokenRemoved {
+        token_id: Id,
+        token_name: String,
+    },
+    ApiTokenRenamed {
+        token_id: Id,
+        token_name: String,
+    },
+    // user management
+    UserAdded {
+        username: String,
+        enrollment: bool,
+    },
+    UserRemoved {
+        username: String,
+    },
+    UserModified {
+        username: String,
+    },
+    UserDisabled {
+        username: String,
+    },
+    // device management
+    UserDeviceAdded {
+        device_id: Id,
+        device_name: String,
+        user: String,
+    },
+    UserDeviceRemoved {
+        device_id: Id,
+        device_name: String,
+        user: String,
+    },
+    UserDeviceModified {
+        device_id: Id,
+        device_name: String,
+        user: String,
+    },
+    NetworkDeviceAdded {
+        device_id: Id,
+        device_name: String,
+        location_id: Id,
+        location: String,
+    },
+    NetworkDeviceRemoved {
+        device_id: Id,
+        device_name: String,
+        location_id: Id,
+        location: String,
+    },
+    NetworkDeviceModified {
+        device_id: Id,
+        device_name: String,
+        location_id: Id,
+        location: String,
+    },
+    // VPN location management
+    VpnLocationAdded {
+        location_id: Id,
+        location_name: String,
+    },
+    VpnLocationRemoved {
+        location_id: Id,
+        location_name: String,
+    },
+    VpnLocationModified {
+        location_id: Id,
+        location_name: String,
+    },
+    // OpenID app management
+    OpenIdAppAdded {
+        app_id: Id,
+        app_name: String,
+    },
+    OpenIdAppRemoved {
+        app_id: Id,
+        app_name: String,
+    },
+    OpenIdAppModified {
+        app_id: Id,
+        app_name: String,
+    },
+    OpenIdAppDisabled {
+        app_id: Id,
+        app_name: String,
+    },
+    // OpenID provider management
+    OpenIdProviderAdded {
+        provider_id: Id,
+        provider_name: String,
+    },
+    OpenIdProviderRemoved {
+        provider_id: Id,
+        provider_name: String,
+    },
+    // settings management
+    SettingsUpdated,
+    SettingsUpdatedPartial,
+    SettingsDefaultBrandingRestored,
 }
 
 /// Represents audit events related to client applications
-pub enum ClientEvent {}
+pub enum ClientEvent {
+    DesktopClientActivated { device_id: Id, device_name: String },
+    DesktopClientUpdated { device_id: Id, device_name: String },
+}
 
 /// Represents audit events related to VPN
-pub enum VpnEvent {}
+pub enum VpnEvent {
+    ConnectedToMfaLocation {
+        location_id: Id,
+        location_name: String,
+    },
+    DisconnectedFromMfaLocation {
+        location_id: Id,
+        location_name: String,
+    },
+    MfaFailed {
+        location_id: Id,
+        location_name: String,
+    },
+}
 ///
 /// Represents audit events related to enrollment process
 pub enum EnrollmentEvent {}