feat: add appConfig value to auditUser cdn deploys #888
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds user identification to CDN deploy audit logs by extracting the user ID from JWT access tokens. The changes enable tracking which user initiated a CDN asset deployment for audit purposes.
- Adds
getTokenDatahelper function to decode JWT tokens and extract payload data - Extracts user ID from access token and stores it in
appInfo.auditUserId - Propagates
auditUserIdto config objects used in deployment operations
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| src/lib/auth-helper.js | Adds getTokenData function to decode JWT tokens and extract payload |
| src/commands/app/deploy.js | Extracts user ID from token and adds it to app config for audit logging |
| test/commands/lib/auth-helper.test.js | Adds unit test for the new getTokenData function |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
src/commands/app/deploy.js
Outdated
| const k = keys[i] | ||
| const v = setRuntimeApiHostAndAuthHandler(values[i]) | ||
|
|
||
| v.auditUserId = appInfo.auditUserId |
There was a problem hiding this comment.
[nitpick] The auditUserId property is being added directly to the config object returned by setRuntimeApiHostAndAuthHandler, which modifies the cloned config structure. Consider adding this property within setRuntimeApiHostAndAuthHandler by passing auditUserId as a parameter, or document this side-effect clearly to maintain consistency in how config objects are modified.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
Comments suppressed due to low confidence (1)
src/lib/auth-helper.js:1
- The JSDoc format is incorrect. The function returns either an object or null, so use a union type
@returns {object|null}with a single @returns tag instead of two separate tags. The description should explain both return cases.
/*
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
* feat: add appConfig value to auditUser cdn deploys * nit: firmly state that we throw an error if called with bad token * nit: added typechecking and tests * Rely on ims-lib getTokenData
Description
This PR adds user identification to CDN deploy audit logs by extracting the user ID from JWT access tokens. The changes enable tracking which user initiated a CDN asset deployment for audit purposes.
Adds getTokenData helper function to decode JWT tokens and extract payload data
Extracts user ID from access token and stores it in appInfo.auditUserId
Propagates auditUserId to config objects used in deployment operations
Related Issue
Motivation and Context
How Has This Been Tested?
Screenshots (if appropriate):
Types of changes
Checklist: