Module: Legion::API::Routes::IdentityAudit

Defined in:
lib/legion/api/identity_audit.rb

Defined Under Namespace

Modules: IdentityAuditHelpers

Class Method Summary collapse

Class Method Details

.registered(app) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/legion/api/identity_audit.rb', line 7

def self.registered(app)
  app.helpers IdentityAuditHelpers

  app.get '/api/identity' do
    identity = defined?(Legion::Identity::Process) ? Legion::Identity::Process.identity_hash : {}

    registered_providers = if defined?(Legion::Identity::Resolver)
                             Legion::Identity::Resolver.providers.map do |p|
                               {
                                 name:         p.provider_name,
                                 type:         p.provider_type,
                                 trust_level:  p.trust_level,
                                 priority:     p.respond_to?(:priority) ? p.priority : nil,
                                 capabilities: p.respond_to?(:capabilities) ? p.capabilities : []
                               }
                             end
                           else
                             []
                           end

    json_response(identity.merge(registered_providers: registered_providers))
  end

  app.get '/api/identity/audit' do
    require_data!
    halt 503, json_error('unavailable', 'identity audit log not available') unless defined?(Legion::Data::Model::Identity::AuditLog)

    dataset = Legion::Data::Model::Identity::AuditLog.dataset

    principal = params[:principal]
    if principal && defined?(Legion::Data::Model::Identity::Principal)
      principal_record = Legion::Data::Model::Identity::Principal.where(canonical_name: principal).first
      halt 404, json_error('not_found', "principal '#{principal}' not found") unless principal_record
      dataset = dataset.where(principal_id: principal_record.id)
    end

    provider = params[:provider]
    dataset = dataset.where(provider_name: provider) if provider

    event_type = params[:event_type]
    dataset = dataset.where(event_type: event_type) if event_type

    since = params[:since]
    if since
      duration = parse_since_duration(since)
      dataset = dataset.where { created_at >= Time.now - duration } if duration
    end

    records = dataset.order(Sequel.desc(:created_at)).limit(100).all
    json_collection(records.map do |r|
      { id: r.id, event_type: r.event_type, provider_name: r.provider_name,
        trust_level: r.trust_level, detail_payload: r.detail_payload,
        node_ref: r.node_ref, session_ref: r.session_ref, created_at: r.created_at }
    end)
  end
end