show audit events for admin

2025-10-30 09:32:34 +00:00 · 2020-07-25 20:49:01 +00:00
parent 042368245d
commit 67a445d506
4 changed files with 63 additions and 10 deletions
--- a/src/audit_api.go
+++ b/src/audit_api.go
@@ -12,7 +12,6 @@ func (e mainEnv) getAuditEvents(w http.ResponseWriter, r *http.Request, ps httpr
 	userTOKEN := ps.ByName("token")
 	event := audit("view audit events", userTOKEN, "token", userTOKEN)
 	defer func() { event.submit(e.db) }()
-	//fmt.Println("error code")
 	if enforceUUID(w, userTOKEN, event) == false {
 		return
 	}
@@ -40,6 +39,33 @@ func (e mainEnv) getAuditEvents(w http.ResponseWriter, r *http.Request, ps httpr
 	w.Write([]byte(str))
 }

+func (e mainEnv) getAdminAuditEvents(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+	authResult := e.enforceAdmin(w, r)
+        if authResult == "" {
+                return
+        }
+        var offset int32
+        var limit int32 = 10
+        args := r.URL.Query()
+        if value, ok := args["offset"]; ok {
+                offset = atoi(value[0])
+        }
+        if value, ok := args["limit"]; ok {
+                limit = atoi(value[0])
+        }
+        resultJSON, counter, err := e.db.getAdminAuditEvents(offset, limit)
+        if err != nil {
+                returnError(w, r, "internal error", 405, err, nil)
+                return
+        }
+        fmt.Printf("Total count of events: %d\n", counter)
+        w.Header().Set("Content-Type", "application/json; charset=utf-8")
+        w.WriteHeader(200)
+        str := fmt.Sprintf(`{"status":"ok","total":%d,"rows":%s}`, counter, resultJSON)
+        w.Write([]byte(str))
+}
+
+
 func (e mainEnv) getAuditEvent(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	atoken := ps.ByName("atoken")
 	event := audit("view audit event", atoken, "token", atoken)
--- a/src/audit_db.go
+++ b/src/audit_db.go
@@ -78,7 +78,6 @@ func (event auditEvent) submit(db *dbcon) {
 }

 func (dbobj dbcon) getAuditEvents(userTOKEN string, offset int32, limit int32) ([]byte, int64, error) {
-	//var results []*auditEvent
 	count, err := dbobj.store.CountRecords(storage.TblName.Audit, "record", userTOKEN)
 	if err != nil {
 		return nil, 0, err
@@ -107,15 +106,47 @@ func (dbobj dbcon) getAuditEvents(userTOKEN string, offset int32, limit int32) (
 		}
 		results = append(results, element)
 	}
-
 	resultJSON, err := json.Marshal(records)
 	if err != nil {
 		return nil, 0, err
 	}
-	//fmt.Printf("Found multiple documents (array of pointers): %+v\n", results)
 	return resultJSON, count, nil
 }

+func (dbobj dbcon) getAdminAuditEvents(offset int32, limit int32) ([]byte, int64, error) {
+	count := int64(1000)
+        if count == 0 {
+                return []byte("[]"), 0, nil
+        }
+        var results []bson.M
+        records, err := dbobj.store.GetList0(storage.TblName.Audit, offset, limit, "when")
+        if err != nil {
+                return nil, 0, err
+        }
+        for _, element := range records {
+                element["more"] = false
+                if _, ok := element["before"]; ok {
+                        element["more"] = true
+                        element["before"] = ""
+                }
+                if _, ok := element["after"]; ok {
+                        element["more"] = true
+                        element["after"] = ""
+                }
+                if _, ok := element["debug"]; ok {
+                        element["more"] = true
+                        element["debug"] = ""
+                }
+                results = append(results, element)
+        }
+        resultJSON, err := json.Marshal(records)
+        if err != nil {
+                return nil, 0, err
+        }
+        return resultJSON, count, nil
+}
+
+
 func (dbobj dbcon) getAuditEvent(atoken string) (string, []byte, error) {
 	//var results []*auditEvent
 	record, err := dbobj.store.GetRecord(storage.TblName.Audit, "atoken", atoken)
--- a/src/bunker.go
+++ b/src/bunker.go
@@ -208,6 +208,7 @@ func (e mainEnv) setupRouter() *httprouter.Router {

 	router.GET("/v1/metrics", e.metrics)

+	router.GET("/v1/audit/admin", e.getAdminAuditEvents)
 	router.GET("/v1/audit/list/:token", e.getAuditEvents)
 	router.GET("/v1/audit/get/:atoken", e.getAuditEvent)

--- a/ui/site/admin-audit.html
+++ b/ui/site/admin-audit.html
@@ -34,7 +34,6 @@

  <script>
    var xtoken = window.localStorage.getItem('xtoken');
-    var token = window.localStorage.getItem('token');
    function displayTargetObject(target, row, index) {
      if (row.mode) {
        return '(' + row.mode + ') ' + target;
@@ -138,10 +137,9 @@

    $(function () {
      //$('#msg').text("Loading data")
-      //token = "faa006da-475e-45c6-a4a1-6586dce8b8d2";
      $('#table').bootstrapTable({
        /*data: mydata */
-        url: "/v1/audit/list/" + token,
+        url: "/v1/audit/admin/",
        undefinedText: 'n/a',
        /* url: "data1.json", */
        method: "GET",
@@ -156,9 +154,6 @@
        classes: "table",
        onLoadError: function (status, res) {
          console.log(status);
-          if (status > 400 && status < 500) {
-            document.location = "/";
-          }
        }
      });
    });