/**@jsx React.DOM*/
// Generated by LiveScript 1.2.0
(function(){
var ref$, em, strong, table, div, th, tr, td, thead, tbody, section, h3, time, map, each, unique, isType, join, compact_fields, extended_fields, FieldsMixin, AuditTableHeader, Timestamp, wrapArray, AuditEntry, newEventSet, AuditTable, GlobalAudit, urlOfRole, urlOfResource, AuditBox, out$ = typeof exports != 'undefined' && exports || this, slice$ = [].slice;
ref$ = React.DOM, em = ref$.em, strong = ref$.strong, table = ref$.table, div = ref$.div, th = ref$.th, tr = ref$.tr, td = ref$.td, thead = ref$.thead, tbody = ref$.tbody, section = ref$.section, h3 = ref$.h3, time = ref$.time;
ref$ = require('prelude-ls'), map = ref$.map, each = ref$.each, unique = ref$.unique, isType = ref$.isType, join = ref$.join;
compact_fields = ['auditview_user', 'auditview_action'];
//extended_fields = ['timestamp', 'user', 'acting_as', 'action', 'entities', 'privilege','human'];
extended_fields = ['timestamp','auditview_user','auditview_action'];
known_rolsource_types = [ 'user','group','host','layer','policy']; // what if somebody explicitly will create the role of such type?
FieldsMixin = {
fields: function(){
if (this.props.compact) {
return compact_fields;
} else {
return extended_fields;
}
}
};
AuditTableHeader = React.createClass({
mixins: [FieldsMixin],
displayName: 'AuditTableHeader',
render: function(){
return thead({}, tr({}, map(function(it){
return th({
key: it
}, it.replace('auditview_','').replace('_', ' '));
})(
this.fields())));
}
});
Timestamp = React.createClass({
displayName: 'Timestamp',
render: function(){
var ts;
ts = moment(this.props.time); /*.format('YYYY-MM-DD hh:mm:ss');
return
{ts}
;
*/
return time({
className: "timestamp",
dateTime: ts.format(),
title: ts.calendar()
}, [ts.fromNow()]);
}
});
wrapArray = function(it){
if (isType('Array', it)) {
return it;
} else {
return [it];
}
};
out$.AuditEntry = AuditEntry = React.createClass({
mixins: [FieldsMixin],
displayName: 'AuditEntry',
// TODO: make message a separate React Class
humanizeEvent: function(e) {
// copy of SHORT_FORMATS logic from cli-ruby:lib/conjur/command/audit.rb
var msg=[];
var ResourceLink = conjur.views.ResourceLink;
var RoleLink = conjur.views.RoleLink;
if ((e.kind=='resource') && (e.action=='check')) {
msg = [ ]
if ( e.allowed ) {
msg.push("performed ");
msg.push(em({}, e.privilege));
msg.push(" on ");
msg.push(ResourceLink({id: e.resource, noIcon: true}));
}
else {
msg.push("was ");
msg.push(strong({}, "denied permission"));
msg.push(" to ");
msg.push(em({}, e.privilege));
msg.push(" ");
msg.push(ResourceLink({id: e.resource, noIcon: true}));
}
} else if ((e.kind=="resource") && (e.action=="create")) {
msg = [ " created ", ResourceLink({id: e.resource, noIcon: true}), " owned by ", RoleLink({id: e.owner, noIcon: true}) ];
} else if ((e.kind=="resource") && (e.action=="update")) { // this is suspicious, but CLI audit does this
msg = [ " gave ", ResourceLink({id: e.resource, noIcon: true}), " to ", RoleLink({id: e.owner, noIcon: true}) ];
} else if ((e.kind=="resource") && (e.action=="destroy")) {
msg = [ " deleted ", ResourceLink({id: e.resource, noIcon: true}) ];
} else if ((e.kind=="resource") && (e.action=="permit")) {
msg = [ " permitted ", RoleLink({id: e.grantee, noIcon: true}), " to ", em({}, e.privilege), " ", ResourceLink({id: e.resource, noIcon: true}) ]
if ( e.grant_option )
msg.push(" with grant option");
} else if ((e.kind=="resource") && (e.action=="deny")) {
msg = [ " denied ", em({}, e.privilege), " from ", RoleLink({id: e.grantee, noIcon: true}), " on ", ResourceLink({id: e.resource, noIcon: true}) ];
} else if ((e.kind=="resource") && (e.action=="permitted_roles")) {
msg = [ " listed roles permitted to ", em({}, e.privilege), " on ", ResourceLink({id: e.resource, noIcon: true}) ];
} else if ((e.kind=="role") && (e.action=="check")) {
msg = [ ]
if ( e.allowed ) {
//msg.push(RoleLink({id: e.role, noIcon: true}))
msg.push(" performed ");
msg.push(em({}, e.privilege));
msg.push(" on ");
msg.push(ResourceLink({id: e.resource, noIcon: true}));
}
else {
//msg.push(RoleLink({id: e.role, noIcon: true}))
msg.push(" was ");
msg.push(strong({}, "denied permission"));
msg.push(" to ");
msg.push(em({}, e.privilege));
msg.push(" on ");
msg.push(ResourceLink({id: e.resource, noIcon: true}));
}
} else if ((e.kind=="role") && (e.action=="grant")) {
/* what was the point of commenting this out? */
msg = [ " granted role ", RoleLink({id: e.role, noIcon: true}), " to ", RoleLink({id: e.member, noIcon: true}) ];
if (e.admin_option) {
msg.push(" with admin permission");
} else {
msg.push(" without admin permission");
}
} else if ((e.kind=="role") && (e.action=="revoke")) {
msg = [ " revoked role ", RoleLink({id: e.role, noIcon: true}), " from ", RoleLink({id: e.member, noIcon: true}) ];
} else if ((e.kind=="role") && (e.action=="create")) {
msg = [ " created role ", RoleLink({id: e.role, noIcon: true}) ];
} else if ((e.kind=="annotation") && (e.action=="update")) {
msg = [ " updated annotation on ", ResourceLink({id: e.resource, noIcon: true}) ];
} else if (e.kind=="audit") {
var action_part = _.compact([e.facility, e.action]).join(":");
var parts = [action_part];
if (e.role!=null) {
parts.push(" by ");
parts.push(RoleLink({id: e.role, noIcon: true}));
}
if (e.resource_id!=null) {
parts.push(" on");
parts.push(ResourceLink({id: e.resource_id, noIcon: true}));
}
if (e.allowed!=null) {
parts.push(" (allowed: "+e.allowed+")");
}
var statement = parts.join(" ");
msg = [" reported ", parts ];
if (e.audit_message!=null) {
msg.push("; message: ");
msg.push(e.audit_message);
}
} else {
msg.push(" unknown event: "+e.kind+":"+e.action+"!");
}
if (e.error!=null) {
msg.push(" (failed with "+e.error+")");
}
return msg;
},
transformField: function(key, value){
var ResourceLink = conjur.views.ResourceLink;
var RoleLink = conjur.views.RoleLink;
var that;
switch (key) {
case 'entities':
return [
(that = this.props.resource) != null ? ResourceLink({
data: that
}) : void 8, (that = this.props.role) != null ? RoleLink({
id: that
}) : void 8
];
case 'user':
if (value != null) {
return RoleLink({
id: value
});
}
break;
case 'acting_as':
that = this.props.user;
if ((value != null) && ( value != that )) {
return RoleLink({
id: value
});
}
break;
case 'auditview_user': //virtual field
var acting_user =this.props.user;
var acting_role = this.props.acting_as;
msg = [ RoleLink({id: acting_user}) ];
if ((acting_role!=null) && (acting_role != acting_user)) {
msg.push([" as ", RoleLink({id: acting_role})]);
}
return msg;
case 'timestamp':
if (value != null) {
return Timestamp({
time: value
});
}
break;
case 'auditview_action':
return this.humanizeEvent(this.props);
default:
return value;
}
},
render: function(){
var this$ = this;
return tr({
className: this.props.action
}, map(function(it){
return td.apply(null, [{
key: it
}].concat(slice$.call(wrapArray(this$.transformField(it, this$.props[it])))));
})(
this.fields()));
}
});
newEventSet = function(){
var evts;
evts = new SortedSet({
comparator: function(a, b){
return a && b && b.id - a.id;
}
});
evts.containsLike = function(item){
var existing;
existing = this.findIterator(item).value();
if (existing != null) {
return this.priv.comparator(existing, item) === 0;
}
};
return evts;
};
out$.AuditTable = AuditTable = React.createClass({
displayName: 'AuditTable',
getInitialState: function(){
return {
events: newEventSet()
};
},
knownRolsourceTypes: function() {
return ;
},
render: function(){
var compact;
compact = this.props.compact;
return section({
className: 'audit'
}, [
h3({}, this.props.caption), table({
className: 'audit-table'
}, [
AuditTableHeader({
key: 'thead',
compact: compact
}), tbody({
key: 'tbody'
}, this.state.events.filter(function(ev){
// remove internal resources creation
if ((ev.role!=null) && (ev.role.split(':')[1] == '@')) {
return false;
}
if ((ev.resource!=null) && (ev.resource.split(':')[1] == '@')) {
return false;
}
if ((ev.resource!=null) && (ev.resource.split(':')[1] == 'secret')) {
return false;
}
if ((ev.grantee!=null) && (ev.grantee.split(':')[1] == '@')) {
return false;
}
// hide automated creation of roles corresponding to resources of known type
if ((ev.kind=="role") && (ev.action=="create")) {
var rolekind = ev.role.split(':')[1];
if (_.contains(known_rolsource_types, rolekind)) {
return false;
}
}
return true;
}).map(function(it){
// new way to clone objects, custom clone$ does not work no more as expected
var ref$ = React.addons.update(it, {$merge: {key: it.id, compact: compact} });
return new AuditEntry(ref$);
}))
])
]);
},
componentDidMount: function(){
return each(this.addSource)(
wrapArray(
this.props.src));
},
componentWillUnmount: function(){
return each(function(it){
// console.log("closing event source ", it);
return it.close();
})(
this.sources);
},
addEvent: function(arg$){
var data, event;
data = arg$.data;
event = JSON.parse(data);
if (event.action === "check" && event.privilege === "read" && event.allowed) {
return true;
} else {
if (!this.state.events.containsLike(event)) {
this.state.events.insert(event);
return this.forceUpdate();
}
}
},
addSource: function(url){
var evtSrc;
// console.log("opening eventsource to " + url);
evtSrc = new EventSource(url);
// console.log(evtSrc);
evtSrc.onmessage = this.addEvent;
evtSrc.onerror = function(a, b, c, d){
return console.log(a, b, c, d);
};
return (this.sources || (this.sources = [])).push(evtSrc);
}
});
out$.GlobalAudit = GlobalAudit = React.createClass({
displayName: 'GlobalAudit',
render: function(){
return AuditTable({
src: '/api/audit/all',
caption: 'All recent audit events'
});
}
});
urlOfRole = function(role){
return "/api/audit/roles/" + encodeURIComponent(role);
};
urlOfResource = function(resource){
return "/api/audit/resources/" + encodeURIComponent(resource);
};
out$.AuditBox = AuditBox = React.createClass({
displayName: 'AuditBox',
render: function(){
var roles, resources, roleSrcs, resSrcs, things;
roles = this.props.roles || [];
resources = this.props.resources || [];
roleSrcs = map(urlOfRole)(
roles);
resSrcs = map(urlOfResource)(
resources);
things = join(', ')(
unique(
roles.concat(resources)));
var options= { src: roleSrcs.concat(resSrcs) };
if (this.props.tabview==null) {
options=_.extend(options, {caption: "Recent Activity"});
}
return AuditTable(options);
}
});
/* it does not work as expected with new react any more (prototype fields are squashed within react)
function clone$(it){
function fun(){} fun.prototype = it;
return new fun;
}
*/
}).call(this);