Skip to content

Fix access list audit log formatting #33344

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kimlisa merged 3 commits into from
Oct 12, 2023
Merged

Fix access list audit log formatting #33344

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4059766
Fix access list audit log formatting
kimlisa Oct 11, 2023
52eb0ce
Address CR
kimlisa Oct 12, 2023
bbf6dfa
Merge branch 'master' into lisa/fix-audit-log-formatting
kimlisa Oct 12, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -706,7 +706,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] failed to remove member [undefined] from access list [access-list]
User [mike] failed to remove members [carrot, apple, banana] from access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down Expand Up @@ -754,7 +754,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] removed member [undefined] from access list [access-list]
User [mike] removed member [user] from access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down Expand Up @@ -808,7 +808,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] failed to update member [undefined] in access list [access-list]
User [mike] failed to update member [user] in access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down Expand Up @@ -856,7 +856,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] updated member [undefined] in access list [access-list]
User [mike] updated member [user] in access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down Expand Up @@ -910,7 +910,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] failed to add member [undefined] to access list [access-list]
User [mike] failed to add member [user] to access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down Expand Up @@ -958,7 +958,7 @@ exports[`list of all events 1`] = `
<td
style="word-break: break-word;"
>
User [undefined] added member [undefined] to access list [access-list]
User [mike] added member [user] to access list [access-list]
</td>
<td
style="min-width: 120px;"
Expand Down
20 changes: 13 additions & 7 deletions web/packages/teleport/src/Audit/fixtures/index.ts
View file
Open in desktop
Copy link
Copy Markdown
Member

@ravicious ravicious Oct 12, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you add a fixture with multiple members?

Original file line number Diff line number Diff line change
Expand Up @@ -3059,9 +3059,9 @@ export const events = [
members: [
{
member_name: 'user',
updated_by: 'mike',
},
],
updated_by: 'mike',
},
{
code: 'TAL005E',
Expand All @@ -3071,9 +3071,9 @@ export const events = [
members: [
{
member_name: 'user',
updated_by: 'mike',
},
],
updated_by: 'mike',
},
{
code: 'TAL006I',
Expand All @@ -3083,9 +3083,9 @@ export const events = [
members: [
{
member_name: 'user',
updated_by: 'mike',
},
],
updated_by: 'mike',
},
{
code: 'TAL006E',
Expand All @@ -3095,9 +3095,9 @@ export const events = [
members: [
{
member_name: 'user',
updated_by: 'mike',
},
],
updated_by: 'mike',
},
{
code: 'TAL007I',
Expand All @@ -3107,9 +3107,9 @@ export const events = [
members: [
{
member_name: 'user',
updated_by: 'mike',
},
],
updated_by: 'mike',
},
{
code: 'TAL007E',
Expand All @@ -3118,10 +3118,16 @@ export const events = [
access_list_name: 'access-list',
members: [
{
member_name: 'user',
updated_by: 'mike',
member_name: 'carrot',
},
{
member_name: 'apple',
},
{
member_name: 'banana',
},
],
updated_by: 'mike',
},
{
code: 'TAL008I',
Expand Down
44 changes: 32 additions & 12 deletions web/packages/teleport/src/services/audit/makeEvent.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ limitations under the License.
*/

import { formatDistanceStrict } from 'date-fns';
import { pluralize } from 'shared/utils/text';

import { Event, RawEvent, Formatters, eventCodes, RawEvents } from './types';

Expand Down Expand Up @@ -1484,38 +1485,50 @@ export const formatters: Formatters = {
[eventCodes.ACCESS_LIST_MEMBER_CREATE]: {
type: 'access_list.member.create',
desc: 'Access list member added',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] added member [${member_name}] to access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] added ${formatMembers(
members
)} to access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE]: {
type: 'access_list.member.create',
desc: 'Access list member addition failure',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] failed to add member [${member_name}] to access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to add ${formatMembers(
members
)} to access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_UPDATE]: {
type: 'access_list.member.update',
desc: 'Access list member updated',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] updated member [${member_name}] in access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] updated ${formatMembers(
members
)} in access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE]: {
type: 'access_list.member.update',
desc: 'Access list member update failure',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] failed to update member [${member_name}] in access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to update ${formatMembers(
members
)} in access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE]: {
type: 'access_list.member.delete',
desc: 'Access list member removed',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] removed member [${member_name}] from access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] removed ${formatMembers(
members
)} from access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE]: {
type: 'access_list.member.delete',
desc: 'Access list member removal failure',
format: ({ access_list_name, member_name, updated_by }) =>
`User [${updated_by}] failed to remove member [${member_name}] from access list [${access_list_name}]`,
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to remove ${formatMembers(
members
)} from access list [${access_list_name}]`,
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST]: {
type: 'access_list.member.delete_all_members',
Expand Down Expand Up @@ -1575,3 +1588,10 @@ function truncateStr(str: string, len: number): string {
}
return str.substring(0, len - 3) + '...';
}

function formatMembers(members: { member_name: string }[]) {
const memberNames = members.map(m => m.member_name);
const memberNamesJoined = memberNames.join(', ');

return `${pluralize(memberNames.length, 'member')} [${memberNamesJoined}]`;
}
63 changes: 21 additions & 42 deletions web/packages/teleport/src/services/audit/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1377,53 +1377,23 @@ export type RawEvents = {
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_MEMBER_CREATE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_CREATE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_CREATE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_CREATE
>;
[eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE
>;
[eventCodes.ACCESS_LIST_MEMBER_UPDATE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_UPDATE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_UPDATE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_UPDATE
>;
[eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE
>;
[eventCodes.ACCESS_LIST_MEMBER_DELETE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_DELETE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE
>;
[eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE,
{
access_list_name: string;
member_name: string;
updated_by: string;
}
[eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE]: RawEventAccessList<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE
>;
[eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST,
Expand Down Expand Up @@ -1575,6 +1545,15 @@ type RawEventUserToken<T extends EventCode> = RawEvent<
}
>;

type RawEventAccessList<T extends EventCode> = RawEvent<
T,
{
access_list_name: string;
members: { member_name: string }[];
updated_by: string;
}
>;

type RawEventUser<T extends EventCode> = RawEvent<
T,
{
Expand Down