feat: audit events for user removal from org, group and disabling org (…

…#646)

* feat: add audit log event for group deletion

* move audit event for user removal to service

* emit event on disabling org

* feat: emit audit event+webhook when user is removed from a group (#640)

* feat: emit audit event+webhook when user is removed from a group

* emit event as soon as relation is deleted

* fix: send group org id instead of platform org id in user removal event

* feat(admin_ui): add filter, loader and sorting to the tables (#643)

* chore: update apsara version

* refactor: remove loading check from column definitions

* refactor: remove loading check from roles and user table

* refactor: remove loading check from billing list

* refactor: remove loading check from groups list

* refactor: remove loading check from projects list

* refactor: remove loading check from users list

* refactor: remove loading check from products list

* refactor: remove loading check from preferences list

* refactor: remove loading check and add filter in invoices list

* fix(admin_ui): type mismatch in apsara datatable (#644)

* ci: set goreleaser to v1 (#645)

* trigger audit event after relation and repository have both been updated

---------

Co-authored-by: Rishabh Mishra <me@rsbh.dev>

core/audit/audit.go

@@ -74,6 +74,7 @@ const (
 	OrgCreatedEvent       EventName = "app.organization.created"
 	OrgUpdatedEvent       EventName = "app.organization.updated"
 	OrgDeletedEvent       EventName = "app.organization.deleted"
+	OrgDisabledEvent      EventName = "app.organization.disabled"
 	OrgMemberCreatedEvent EventName = "app.organization.member.created"
 	OrgMemberDeletedEvent EventName = "app.organization.member.deleted"
 

core/group/service.go

@@ -362,12 +362,22 @@ func (s Service) Disable(ctx context.Context, id string) error {
 }
 
 func (s Service) Delete(ctx context.Context, id string) error {
-	if err := s.relationService.Delete(ctx, relation.Relation{Object: relation.Object{
+	group, err := s.repository.GetByID(ctx, id)
+	if err != nil {
+		return err
+	}
+
+	if err = s.relationService.Delete(ctx, relation.Relation{Object: relation.Object{
 		ID:        id,
 		Namespace: schema.GroupPrincipal,
 	}}); err != nil {
 		return err
 	}
 
-	return s.repository.Delete(ctx, id)
+	err = s.repository.Delete(ctx, id)
+	if err != nil {
+		return err
+	}
+	audit.NewLogger(ctx, group.OrganizationID).Log(audit.GroupDeletedEvent, audit.GroupTarget(id))
+	return nil
 }

core/organization/service.go

@@ -5,6 +5,8 @@ import (
 	"errors"
 	"fmt"
 
+	"github.com/raystack/frontier/core/audit"
+
 	"github.com/raystack/frontier/core/preference"
 
 	"github.com/raystack/frontier/core/policy"
@@ -288,6 +290,8 @@ func (s Service) RemoveUsers(ctx context.Context, orgID string, userIDs []string
 		}); err != nil {
 			err = errors.Join(err, currentErr)
 		}
+
+		audit.GetAuditor(ctx, orgID).Log(audit.OrgMemberDeletedEvent, audit.UserTarget(userID))
 	}
 	return err
 }
@@ -297,7 +301,11 @@ func (s Service) Enable(ctx context.Context, id string) error {
 }
 
 func (s Service) Disable(ctx context.Context, id string) error {
-	return s.repository.SetState(ctx, id, Disabled)
+	err := s.repository.SetState(ctx, id, Disabled)
+	if err == nil {
+		audit.GetAuditor(ctx, id).Log(audit.OrgDisabledEvent, audit.OrgTarget(id))
+	}
+	return err
 }
 
 // DeleteModel doesn't delete the nested resource, only itself

internal/api/v1beta1/org.go

@@ -449,7 +449,6 @@ func (h Handler) RemoveOrganizationUser(ctx context.Context, request *frontierv1
 		logger.Error(err.Error())
 		return nil, grpcInternalServerError
 	}
-	audit.GetAuditor(ctx, orgResp.ID).Log(audit.OrgMemberDeletedEvent, audit.UserTarget(request.GetUserId()))
 	return &frontierv1beta1.RemoveOrganizationUserResponse{}, nil
 }