diff --git a/messages/en-US.json b/messages/en-US.json index 2919b165..ef50515d 100644 --- a/messages/en-US.json +++ b/messages/en-US.json @@ -1093,6 +1093,8 @@ "actionListSiteResources": "List Site Resources", "actionUpdateSiteResource": "Update Site Resource", "actionListInvitations": "List Invitations", + "actionExportLogs": "Export Logs", + "actionViewLogs": "View Logs", "noneSelected": "None selected", "orgNotFound2": "No organizations found.", "searchProgress": "Search...", diff --git a/server/private/middlewares/index.ts b/server/private/middlewares/index.ts index bb4d9c05..d6083f74 100644 --- a/server/private/middlewares/index.ts +++ b/server/private/middlewares/index.ts @@ -16,4 +16,5 @@ export * from "./verifyRemoteExitNodeAccess"; export * from "./verifyIdpAccess"; export * from "./verifyLoginPageAccess"; export * from "./logActionAudit"; -export * from "./verifySubscription"; \ No newline at end of file +export * from "./verifySubscription"; +export * from "./verifyValidLicense"; diff --git a/server/private/routers/integration.ts b/server/private/routers/integration.ts index 21c74624..7ce378d1 100644 --- a/server/private/routers/integration.ts +++ b/server/private/routers/integration.ts @@ -13,13 +13,17 @@ import * as orgIdp from "#private/routers/orgIdp"; import * as org from "#private/routers/org"; +import * as logs from "#private/routers/auditLogs"; -import { Router } from "express"; import { - verifyApiKey, verifyApiKeyHasAction, verifyApiKeyIsRoot, + verifyApiKeyOrgAccess, } from "@server/middlewares"; +import { + verifyValidSubscription, + verifyValidLicense +} from "#private/middlewares"; import { ActionsEnum } from "@server/auth/actions"; import { unauthenticated as ua, authenticated as a } from "@server/routers/integration"; @@ -42,4 +46,42 @@ authenticated.delete( verifyApiKeyHasAction(ActionsEnum.deleteIdp), logActionAudit(ActionsEnum.deleteIdp), orgIdp.deleteOrgIdp, -); \ No newline at end of file +); + +authenticated.get( + "/org/:orgId/logs/action", + verifyValidLicense, + verifyValidSubscription, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.exportLogs), + logs.queryActionAuditLogs +); + +authenticated.get( + "/org/:orgId/logs/action/export", + verifyValidLicense, + verifyValidSubscription, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.exportLogs), + logActionAudit(ActionsEnum.exportLogs), + logs.exportActionAuditLogs +); + +authenticated.get( + "/org/:orgId/logs/access", + verifyValidLicense, + verifyValidSubscription, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.exportLogs), + logs.queryAccessAuditLogs +); + +authenticated.get( + "/org/:orgId/logs/access/export", + verifyValidLicense, + verifyValidSubscription, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.exportLogs), + logActionAudit(ActionsEnum.exportLogs), + logs.exportAccessAuditLogs +); diff --git a/server/routers/integration.ts b/server/routers/integration.ts index 82741bd5..707db634 100644 --- a/server/routers/integration.ts +++ b/server/routers/integration.ts @@ -10,6 +10,7 @@ import * as client from "./client"; import * as accessToken from "./accessToken"; import * as apiKeys from "./apiKeys"; import * as idp from "./idp"; +import * as logs from "./auditLogs"; import * as siteResource from "./siteResource"; import { verifyApiKey, @@ -855,3 +856,18 @@ authenticated.put( logActionAudit(ActionsEnum.applyBlueprint), blueprints.applyJSONBlueprint ); + +authenticated.get( + "/org/:orgId/logs/request", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.viewLogs), + logs.queryRequestAuditLogs +); + +authenticated.get( + "/org/:orgId/logs/request/export", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.exportLogs), + logActionAudit(ActionsEnum.exportLogs), + logs.exportRequestAuditLogs +); diff --git a/src/components/PermissionsSelectBox.tsx b/src/components/PermissionsSelectBox.tsx index 938d9a80..963e343a 100644 --- a/src/components/PermissionsSelectBox.tsx +++ b/src/components/PermissionsSelectBox.tsx @@ -103,6 +103,11 @@ function getActionsCategories(root: boolean) { [t('actionUpdateClient')]: "updateClient", [t('actionListClients')]: "listClients", [t('actionGetClient')]: "getClient" + }, + + "Logs": { + [t('actionExportLogs')]: "exportLogs", + [t('actionViewLogs')]: "viewLogs", } };