Adding audit trail actions into the publish, yank and unyank transactions.

Author: markcatley

src/controllers/krate/publish.rs

@@ -11,8 +11,12 @@ use crate::util::{internal, ChainError, Maximums};
 use crate::util::{read_fill, read_le_u32};
 
 use crate::controllers::prelude::*;
+use crate::middleware::current_user::AuthenticationSource;
 use crate::models::dependency;
-use crate::models::{Badge, Category, Keyword, NewCrate, NewVersion, Rights, User};
+use crate::models::{
+    Badge, Category, Keyword, NewCrate, NewVersion, NewVersionOwnerAction, Rights, User,
+    VersionAction,
+};
 use crate::views::{EncodableCrateUpload, GoodCrate, PublishWarnings};
 
 /// Handles the `PUT /crates/new` route.
@@ -149,6 +153,11 @@ pub fn publish(req: &mut dyn Request) -> CargoResult<Response> {
         )?
         .save(&conn, &new_crate.authors, &verified_email_address)?;
 
+        if let AuthenticationSource::ApiToken(token_id) = req.authentication_source()? {
+            NewVersionOwnerAction::new(version.id, user.id, token_id, VersionAction::Publish)
+                .save(&conn)?;
+        }
+
         // Link this new version to all dependencies
         let git_deps = dependency::add_dependencies(&conn, &new_crate.deps, version.id)?;
 

src/controllers/version/yank.rs

@@ -4,7 +4,9 @@ use crate::controllers::prelude::*;
 
 use crate::git;
 
-use crate::models::Rights;
+use crate::middleware::current_user::AuthenticationSource;
+
+use crate::models::{NewVersionOwnerAction, Rights, VersionAction};
 
 use super::version_and_crate;
 
@@ -36,6 +38,15 @@ fn modify_yank(req: &mut dyn Request, yanked: bool) -> CargoResult<Response> {
         return Err(human("must already be an owner to yank or unyank"));
     }
 
+    if let AuthenticationSource::ApiToken(token_id) = req.authentication_source()? {
+        let action = if yanked {
+            VersionAction::Yank
+        } else {
+            VersionAction::Unyank
+        };
+        NewVersionOwnerAction::new(version.id, user.id, token_id, action).save(&conn)?;
+    }
+
     git::yank(&conn, krate.name, version, yanked)?;
 
     #[derive(Serialize)]