pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-27 07:16:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into clients-user

Browse Source
This commit is contained in:
miloschwartz
2025-12-04 11:38:05 -05:00
parent eaeb65e9b4 6da7f58ced
commit a746ef36a8
31 changed files with 3098 additions and 313 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
server/routers/auditLogs/exportRequstAuditLog.ts → server/routers/auditLogs/exportRequestAuditLog.ts
View File

@@ -6,7 +6,11 @@ import createHttpError from "http-errors";
import HttpCode from "@server/types/HttpCode";
import { fromError } from "zod-validation-error";
import logger from "@server/logger";
import { queryAccessAuditLogsQuery, queryRequestAuditLogsParams, queryRequest } from "./queryRequstAuditLog";
import {
queryAccessAuditLogsQuery,
queryRequestAuditLogsParams,
queryRequest
} from "./queryRequestAuditLog";
import { generateCSV } from "./generateCSV";
registry.registerPath({
@@ -54,10 +58,13 @@ export async function exportRequestAuditLogs(
const log = await baseQuery.limit(data.limit).offset(data.offset);
const csvData = generateCSV(log);
res.setHeader('Content-Type', 'text/csv');
res.setHeader('Content-Disposition', `attachment; filename="request-audit-logs-${data.orgId}-${Date.now()}.csv"`);
res.setHeader("Content-Type", "text/csv");
res.setHeader(
"Content-Disposition",
`attachment; filename="request-audit-logs-${data.orgId}-${Date.now()}.csv"`
);
return res.send(csvData);
} catch (error) {
logger.error(error);

5
server/routers/auditLogs/index.ts
View File

@@ -1,2 +1,3 @@
export * from "./queryRequstAuditLog";
export * from "./exportRequstAuditLog";
export * from "./queryRequestAuditLog";
export * from "./queryRequestAnalytics";
export * from "./exportRequestAuditLog";

192
server/routers/auditLogs/queryRequestAnalytics.ts Normal file
View File

@@ -0,0 +1,192 @@
import { db, requestAuditLog, driver } from "@server/db";
import { registry } from "@server/openApi";
import { NextFunction } from "express";
import { Request, Response } from "express";
import { eq, gt, lt, and, count, sql, desc, not, isNull } from "drizzle-orm";
import { OpenAPITags } from "@server/openApi";
import { z } from "zod";
import createHttpError from "http-errors";
import HttpCode from "@server/types/HttpCode";
import { fromError } from "zod-validation-error";
import response from "@server/lib/response";
import logger from "@server/logger";
const queryAccessAuditLogsQuery = z.object({
// iso string just validate its a parseable date
timeStart: z
.string()
.refine((val) => !isNaN(Date.parse(val)), {
error: "timeStart must be a valid ISO date string"
})
.transform((val) => Math.floor(new Date(val).getTime() / 1000))
.optional(),
timeEnd: z
.string()
.refine((val) => !isNaN(Date.parse(val)), {
error: "timeEnd must be a valid ISO date string"
})
.transform((val) => Math.floor(new Date(val).getTime() / 1000))
.optional()
.prefault(new Date().toISOString())
.openapi({
type: "string",
format: "date-time",
description:
"End time as ISO date string (defaults to current time)"
}),
resourceId: z
.string()
.optional()
.transform(Number)
.pipe(z.int().positive())
.optional()
});
const queryRequestAuditLogsParams = z.object({
orgId: z.string()
});
const queryRequestAuditLogsCombined = queryAccessAuditLogsQuery.merge(
queryRequestAuditLogsParams
);
type Q = z.infer<typeof queryRequestAuditLogsCombined>;
async function query(query: Q) {
let baseConditions = and(
eq(requestAuditLog.orgId, query.orgId),
lt(requestAuditLog.timestamp, query.timeEnd)
);
if (query.timeStart) {
baseConditions = and(
baseConditions,
gt(requestAuditLog.timestamp, query.timeStart)
);
}
if (query.resourceId) {
baseConditions = and(
baseConditions,
eq(requestAuditLog.resourceId, query.resourceId)
);
}
const [all] = await db
.select({ total: count() })
.from(requestAuditLog)
.where(baseConditions);
const [blocked] = await db
.select({ total: count() })
.from(requestAuditLog)
.where(and(baseConditions, eq(requestAuditLog.action, false)));
const totalQ = sql<number>`count(${requestAuditLog.id})`
.mapWith(Number)
.as("total");
const requestsPerCountry = await db
.selectDistinct({
code: requestAuditLog.location,
count: totalQ
})
.from(requestAuditLog)
.where(and(baseConditions, not(isNull(requestAuditLog.location))))
.groupBy(requestAuditLog.location)
.orderBy(desc(totalQ));
const groupByDayFunction =
driver === "pg"
? sql<string>`DATE_TRUNC('day', TO_TIMESTAMP(${requestAuditLog.timestamp}))`
: sql<string>`DATE(${requestAuditLog.timestamp}, 'unixepoch')`;
const booleanTrue = driver === "pg" ? sql`true` : sql`1`;
const booleanFalse = driver === "pg" ? sql`false` : sql`0`;
const requestsPerDay = await db
.select({
day: groupByDayFunction.as("day"),
allowedCount:
sql<number>`SUM(CASE WHEN ${requestAuditLog.action} = ${booleanTrue} THEN 1 ELSE 0 END)`.as(
"allowed_count"
),
blockedCount:
sql<number>`SUM(CASE WHEN ${requestAuditLog.action} = ${booleanFalse} THEN 1 ELSE 0 END)`.as(
"blocked_count"
),
totalCount: sql<number>`COUNT(*)`.as("total_count")
})
.from(requestAuditLog)
.where(and(baseConditions))
.groupBy(groupByDayFunction)
.orderBy(groupByDayFunction);
return {
requestsPerCountry: requestsPerCountry as Array<{
code: string;
count: number;
}>,
requestsPerDay,
totalBlocked: blocked.total,
totalRequests: all.total
};
}
registry.registerPath({
method: "get",
path: "/org/{orgId}/logs/analytics",
description: "Query the request audit analytics for an organization",
tags: [OpenAPITags.Org],
request: {
query: queryAccessAuditLogsQuery,
params: queryRequestAuditLogsParams
},
responses: {}
});
export type QueryRequestAnalyticsResponse = Awaited<ReturnType<typeof query>>;
export async function queryRequestAnalytics(
req: Request,
res: Response,
next: NextFunction
): Promise<any> {
try {
const parsedQuery = queryAccessAuditLogsQuery.safeParse(req.query);
if (!parsedQuery.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedQuery.error)
)
);
}
const parsedParams = queryRequestAuditLogsParams.safeParse(req.params);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error)
)
);
}
const params = { ...parsedQuery.data, ...parsedParams.data };
const data = await query(params);
return response<QueryRequestAnalyticsResponse>(res, {
data,
success: true,
error: false,
message: "Request audit analytics retrieved successfully",
status: HttpCode.OK
});
} catch (error) {
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
);
}
}

30
server/routers/auditLogs/queryRequstAuditLog.ts → server/routers/auditLogs/queryRequestAuditLog.ts
View File

@@ -31,7 +31,8 @@ export const queryAccessAuditLogsQuery = z.object({
.openapi({
type: "string",
format: "date-time",
description: "End time as ISO date string (defaults to current time)"
description:
"End time as ISO date string (defaults to current time)"
}),
action: z
.union([z.boolean(), z.string()])
@@ -72,8 +73,9 @@ export const queryRequestAuditLogsParams = z.object({
orgId: z.string()
});
export const queryRequestAuditLogsCombined =
queryAccessAuditLogsQuery.merge(queryRequestAuditLogsParams);
export const queryRequestAuditLogsCombined = queryAccessAuditLogsQuery.merge(
queryRequestAuditLogsParams
);
type Q = z.infer<typeof queryRequestAuditLogsCombined>;
function getWhere(data: Q) {
@@ -209,11 +211,21 @@ async function queryUniqueFilterAttributes(
.where(baseConditions);
return {
actors: uniqueActors.map(row => row.actor).filter((actor): actor is string => actor !== null),
resources: uniqueResources.filter((row): row is { id: number; name: string | null } => row.id !== null),
locations: uniqueLocations.map(row => row.locations).filter((location): location is string => location !== null),
hosts: uniqueHosts.map(row => row.hosts).filter((host): host is string => host !== null),
paths: uniquePaths.map(row => row.paths).filter((path): path is string => path !== null)
actors: uniqueActors
.map((row) => row.actor)
.filter((actor): actor is string => actor !== null),
resources: uniqueResources.filter(
(row): row is { id: number; name: string | null } => row.id !== null
),
locations: uniqueLocations
.map((row) => row.locations)
.filter((location): location is string => location !== null),
hosts: uniqueHosts
.map((row) => row.hosts)
.filter((host): host is string => host !== null),
paths: uniquePaths
.map((row) => row.paths)
.filter((path): path is string => path !== null)
};
}
@@ -270,7 +282,7 @@ export async function queryRequestAuditLogs(
},
success: true,
error: false,
message: "Action audit logs retrieved successfully",
message: "Request audit logs retrieved successfully",
status: HttpCode.OK
});
} catch (error) {