diff --git a/package.json b/package.json index 1ae813d..2350328 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "setup": "git config blame.ignoreRevsFile .git-blame-ignore-revs", "build": "concurrently --names 'api,ui' 'yarn workspace infra-core-api run build' 'yarn workspace infra-core-ui run build'", "postbuild": "yarn lockfile-manage", - "dev": "concurrently --names 'api,ui' 'yarn workspace infra-core-api run dev' 'yarn workspace infra-core-ui run dev'", + "dev": "cross-env DISABLE_AUDIT_LOG=true concurrently --names 'api,ui' 'yarn workspace infra-core-api run dev' 'yarn workspace infra-core-ui run dev'", "lockfile-manage": "synp --with-workspace --source-file yarn.lock", "postlockfile-manage": "cp package-lock.json dist/lambda/ && cp package-lock.json dist/sqsConsumer/ && cp src/api/package.lambda.json dist/lambda/package.json && cp src/api/package.lambda.json dist/sqsConsumer/package.json && rm package-lock.json", "prettier": "yarn workspaces run prettier && prettier --check tests/**/*.ts", diff --git a/src/api/functions/auditLog.ts b/src/api/functions/auditLog.ts index add38c7..c5a0790 100644 --- a/src/api/functions/auditLog.ts +++ b/src/api/functions/auditLog.ts @@ -55,7 +55,11 @@ export function buildAuditLogTransactPut({ entry, }: { entry: AuditLogEntry; -}): TransactWriteItem { +}): TransactWriteItem | null { + if (process.env.DISABLE_AUDIT_LOG && process.env.RunEnvironment === "dev") { + console.log(`Audit log entry: ${JSON.stringify(entry)}`); + return null; + } const item = buildMarshalledAuditLogItem(entry); return { Put: { diff --git a/src/api/index.ts b/src/api/index.ts index 5cd222b..3087089 100644 --- a/src/api/index.ts +++ b/src/api/index.ts @@ -224,11 +224,27 @@ async function init(prettyPrint: boolean = false) { if (!process.env.RunEnvironment) { process.env.RunEnvironment = "dev"; } + if (!runEnvironments.includes(process.env.RunEnvironment as RunEnvironment)) { throw new InternalServerError({ message: `Invalid run environment ${app.runEnvironment}.`, }); } + if (process.env.DISABLE_AUDIT_LOG) { + if (process.env.RunEnvironment !== "dev") { + throw new InternalServerError({ + message: `Audit log can only be disabled if the run environment is "dev"!`, + }); + } + if (process.env.LAMBDA_TASK_ROOT || process.env.AWS_LAMBDA_FUNCTION_NAME) { + throw new InternalServerError({ + message: `Audit log cannot be disabled when running in AWS Lambda environment!`, + }); + } + app.log.warn( + "Audit logging to Dynamo is disabled! Audit log statements will be logged to the console.", + ); + } app.runEnvironment = process.env.RunEnvironment as RunEnvironment; app.environmentConfig = environmentConfig[app.runEnvironment as RunEnvironment]; diff --git a/src/api/routes/apiKey.ts b/src/api/routes/apiKey.ts index 6f66ffd..f84b0aa 100644 --- a/src/api/routes/apiKey.ts +++ b/src/api/routes/apiKey.ts @@ -65,7 +65,7 @@ const apiKeyRoute: FastifyPluginAsync = async (fastify, _options) => { }; const command = new TransactWriteItemsCommand({ TransactItems: [ - logStatement, + ...(logStatement ? [logStatement] : []), { Put: { TableName: genericConfig.ApiKeyTable, @@ -123,7 +123,7 @@ const apiKeyRoute: FastifyPluginAsync = async (fastify, _options) => { }); const command = new TransactWriteItemsCommand({ TransactItems: [ - logStatement, + ...(logStatement ? [logStatement] : []), { Delete: { TableName: genericConfig.ApiKeyTable, diff --git a/src/api/routes/roomRequests.ts b/src/api/routes/roomRequests.ts index e8c0e25..8195d1e 100644 --- a/src/api/routes/roomRequests.ts +++ b/src/api/routes/roomRequests.ts @@ -103,7 +103,7 @@ const roomRequestRoutes: FastifyPluginAsync = async (fastify, _options) => { ...request.body, }), }; - const logPut = buildAuditLogTransactPut({ + const logStatement = buildAuditLogTransactPut({ entry: { module: Modules.ROOM_RESERVATIONS, actor: request.username!, @@ -115,7 +115,10 @@ const roomRequestRoutes: FastifyPluginAsync = async (fastify, _options) => { try { await fastify.dynamoClient.send( new TransactWriteItemsCommand({ - TransactItems: [{ Put: itemPut }, logPut], + TransactItems: [ + { Put: itemPut }, + ...(logStatement ? [logStatement] : []), + ], }), ); } catch (e) { @@ -292,7 +295,7 @@ const roomRequestRoutes: FastifyPluginAsync = async (fastify, _options) => { "userId#requestId": `${request.username}#${requestId}`, semesterId: request.body.semester, }; - const logPut = buildAuditLogTransactPut({ + const logStatement = buildAuditLogTransactPut({ entry: { module: Modules.ROOM_RESERVATIONS, actor: request.username!, @@ -324,7 +327,7 @@ const roomRequestRoutes: FastifyPluginAsync = async (fastify, _options) => { }), }, }, - logPut, + ...(logStatement ? [logStatement] : []), ], }); await fastify.dynamoClient.send(transactionCommand); diff --git a/src/api/routes/stripe.ts b/src/api/routes/stripe.ts index 4f26a5b..21b3830 100644 --- a/src/api/routes/stripe.ts +++ b/src/api/routes/stripe.ts @@ -140,7 +140,7 @@ const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => { }); const dynamoCommand = new TransactWriteItemsCommand({ TransactItems: [ - logStatement, + ...(logStatement ? [logStatement] : []), { Put: { TableName: genericConfig.StripeLinksDynamoTableName, @@ -245,7 +245,7 @@ const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => { }); const dynamoCommand = new TransactWriteItemsCommand({ TransactItems: [ - logStatement, + ...(logStatement ? [logStatement] : []), { Update: { TableName: genericConfig.StripeLinksDynamoTableName, @@ -437,7 +437,7 @@ const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => { }); const dynamoCommand = new TransactWriteItemsCommand({ TransactItems: [ - logStatement, + ...(logStatement ? [logStatement] : []), { Update: { TableName: genericConfig.StripeLinksDynamoTableName,