forked from cloudflare/cloudflare-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auditlogs.go
158 lines (143 loc) · 4.33 KB
/
auditlogs.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
package cloudflare
import (
"context"
"net/http"
"net/url"
"path"
"strconv"
"time"
"github.com/goccy/go-json"
)
// AuditLogAction is a member of AuditLog, the action that was taken.
type AuditLogAction struct {
Result bool `json:"result"`
Type string `json:"type"`
}
// AuditLogActor is a member of AuditLog, who performed the action.
type AuditLogActor struct {
Email string `json:"email"`
ID string `json:"id"`
IP string `json:"ip"`
Type string `json:"type"`
}
// AuditLogOwner is a member of AuditLog, who owns this audit log.
type AuditLogOwner struct {
ID string `json:"id"`
}
// AuditLogResource is a member of AuditLog, what was the action performed on.
type AuditLogResource struct {
ID string `json:"id"`
Type string `json:"type"`
}
// AuditLog is an resource that represents an update in the cloudflare dash.
type AuditLog struct {
Action AuditLogAction `json:"action"`
Actor AuditLogActor `json:"actor"`
ID string `json:"id"`
Metadata map[string]interface{} `json:"metadata"`
NewValue string `json:"newValue"`
NewValueJSON map[string]interface{} `json:"newValueJson"`
OldValue string `json:"oldValue"`
OldValueJSON map[string]interface{} `json:"oldValueJson"`
Owner AuditLogOwner `json:"owner"`
Resource AuditLogResource `json:"resource"`
When time.Time `json:"when"`
}
// AuditLogResponse is the response returned from the cloudflare v4 api.
type AuditLogResponse struct {
Response Response
Result []AuditLog `json:"result"`
ResultInfo `json:"result_info"`
}
// AuditLogFilter is an object for filtering the audit log response from the api.
type AuditLogFilter struct {
ID string
ActorIP string
ActorEmail string
HideUserLogs bool
Direction string
ZoneName string
Since string
Before string
PerPage int
Page int
}
// ToQuery turns an audit log filter in to an HTTP Query Param
// list, suitable for use in a url.URL.RawQuery. It will not include empty
// members of the struct in the query parameters.
func (a AuditLogFilter) ToQuery() url.Values {
v := url.Values{}
if a.ID != "" {
v.Add("id", a.ID)
}
if a.ActorIP != "" {
v.Add("actor.ip", a.ActorIP)
}
if a.ActorEmail != "" {
v.Add("actor.email", a.ActorEmail)
}
if a.HideUserLogs {
v.Add("hide_user_logs", "true")
}
if a.ZoneName != "" {
v.Add("zone.name", a.ZoneName)
}
if a.Direction != "" {
v.Add("direction", a.Direction)
}
if a.Since != "" {
v.Add("since", a.Since)
}
if a.Before != "" {
v.Add("before", a.Before)
}
if a.PerPage > 0 {
v.Add("per_page", strconv.Itoa(a.PerPage))
}
if a.Page > 0 {
v.Add("page", strconv.Itoa(a.Page))
}
return v
}
// GetOrganizationAuditLogs will return the audit logs of a specific
// organization, based on the ID passed in. The audit logs can be
// filtered based on any argument in the AuditLogFilter.
//
// API Reference: https://api.cloudflare.com/#audit-logs-list-organization-audit-logs
func (api *API) GetOrganizationAuditLogs(ctx context.Context, organizationID string, a AuditLogFilter) (AuditLogResponse, error) {
uri := url.URL{
Path: path.Join("/accounts", organizationID, "audit_logs"),
ForceQuery: true,
RawQuery: a.ToQuery().Encode(),
}
res, err := api.makeRequestContext(ctx, http.MethodGet, uri.String(), nil)
if err != nil {
return AuditLogResponse{}, err
}
return unmarshalReturn(res)
}
// unmarshalReturn will unmarshal bytes and return an auditlogresponse.
func unmarshalReturn(res []byte) (AuditLogResponse, error) {
var auditResponse AuditLogResponse
err := json.Unmarshal(res, &auditResponse)
if err != nil {
return auditResponse, err
}
return auditResponse, nil
}
// GetUserAuditLogs will return your user's audit logs. The audit logs can be
// filtered based on any argument in the AuditLogFilter.
//
// API Reference: https://api.cloudflare.com/#audit-logs-list-user-audit-logs
func (api *API) GetUserAuditLogs(ctx context.Context, a AuditLogFilter) (AuditLogResponse, error) {
uri := url.URL{
Path: path.Join("/user", "audit_logs"),
ForceQuery: true,
RawQuery: a.ToQuery().Encode(),
}
res, err := api.makeRequestContext(ctx, http.MethodGet, uri.String(), nil)
if err != nil {
return AuditLogResponse{}, err
}
return unmarshalReturn(res)
}