Add cert renewals to audit log

2019-05-09 09:20:49 +10:00
parent 099ec00155
commit 3885c0ad6d
2 changed files with 14 additions and 1 deletions
--- a/src/backend/internal/certificate.js
+++ b/src/backend/internal/certificate.js
@ -756,7 +756,19 @@ const internalCertificate = {
                                .patchAndFetchById(certificate.id, {
                                    expires_on: certificateModel.raw('FROM_UNIXTIME(' + cert_info.dates.to + ')')
                                });
-                        });
+                        })
+                        .then((updated_certificate) => {
+                            // Add to audit log
+                            return internalAuditLog.add(access, {
+                                action:      'renewed',
+                                object_type: 'certificate',
+                                object_id:   updated_certificate.id,
+                                meta:        updated_certificate
+                            })
+                                .then(() => {
+                                    return certificate;
+                                });
+                        })
                } else {
                    throw new error.ValidationError('Only Let\'sEncrypt certificates can be renewed');
                }