108 lines
2.7 KiB
Go
108 lines
2.7 KiB
Go
package api
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"git.julianfamily.org/keepassgo/internal/apiaudit"
|
|
"git.julianfamily.org/keepassgo/internal/apitokens"
|
|
)
|
|
|
|
type AuditQuickFilter struct {
|
|
Label string
|
|
Query string
|
|
}
|
|
|
|
func Operations() []apitokens.Operation {
|
|
return []apitokens.Operation{
|
|
apitokens.OperationListEntries,
|
|
apitokens.OperationListGroups,
|
|
apitokens.OperationListTemplates,
|
|
apitokens.OperationReadEntry,
|
|
apitokens.OperationCopyPassword,
|
|
apitokens.OperationCopyUsername,
|
|
apitokens.OperationCopyURL,
|
|
apitokens.OperationMutateEntry,
|
|
apitokens.OperationMutateGroup,
|
|
apitokens.OperationMutateTemplate,
|
|
apitokens.OperationGeneratePassword,
|
|
apitokens.OperationManageVault,
|
|
}
|
|
}
|
|
|
|
func AuditDecisionLabel(eventType apiaudit.EventType) string {
|
|
switch eventType {
|
|
case apiaudit.EventApprovalRequested:
|
|
return "Requested"
|
|
case apiaudit.EventApprovalAllowed:
|
|
return "Allowed"
|
|
case apiaudit.EventApprovalDenied:
|
|
return "Denied"
|
|
case apiaudit.EventApprovalCanceled:
|
|
return "Canceled"
|
|
case apiaudit.EventApprovalTimedOut:
|
|
return "Timed Out"
|
|
case apiaudit.EventAuthRejected:
|
|
return "Auth Rejected"
|
|
default:
|
|
return strings.ReplaceAll(string(eventType), "_", " ")
|
|
}
|
|
}
|
|
|
|
func AuditOperationLabel(operation apitokens.Operation) string {
|
|
if strings.TrimSpace(string(operation)) == "" {
|
|
return "Other"
|
|
}
|
|
return strings.ReplaceAll(string(operation), "_", " ")
|
|
}
|
|
|
|
func CompactAuditFilterLabel(label string) string {
|
|
label = strings.TrimSpace(label)
|
|
if len(label) <= 22 {
|
|
return label
|
|
}
|
|
return label[:19] + "..."
|
|
}
|
|
|
|
func AuditEventSearchTerms(event apiaudit.Event) string {
|
|
parts := []string{
|
|
string(event.Type),
|
|
AuditDecisionLabel(event.Type),
|
|
event.TokenName,
|
|
event.ClientName,
|
|
string(event.Operation),
|
|
AuditOperationLabel(event.Operation),
|
|
FormatResourcePath(event.Resource.Path),
|
|
event.Resource.EntryID,
|
|
event.Message,
|
|
}
|
|
switch event.Type {
|
|
case apiaudit.EventApprovalAllowed:
|
|
parts = append(parts, "allow approved")
|
|
case apiaudit.EventApprovalDenied:
|
|
parts = append(parts, "deny denied")
|
|
case apiaudit.EventApprovalRequested:
|
|
parts = append(parts, "prompt requested")
|
|
case apiaudit.EventApprovalCanceled:
|
|
parts = append(parts, "cancel canceled")
|
|
case apiaudit.EventApprovalTimedOut:
|
|
parts = append(parts, "timeout timed out")
|
|
case apiaudit.EventAuthRejected:
|
|
parts = append(parts, "rejected unauthorized")
|
|
}
|
|
return strings.ToLower(strings.Join(parts, " "))
|
|
}
|
|
|
|
func DisplayResourcePath(path []string) []string {
|
|
if len(path) == 0 {
|
|
return nil
|
|
}
|
|
if path[0] == "keepass" {
|
|
return append([]string{"Root"}, append([]string(nil), path[1:]...)...)
|
|
}
|
|
return append([]string(nil), path...)
|
|
}
|
|
|
|
func FormatResourcePath(path []string) string {
|
|
return strings.Join(DisplayResourcePath(path), " / ")
|
|
}
|