lib/conjur/command/audit.rb in conjur-cli-4.27.0 vs lib/conjur/command/audit.rb in conjur-cli-4.28.0
- old
+ new
@@ -20,11 +20,12 @@
resource_part = e[:resource_id] ? "on #{e[:resource_id]}" : nil
allowed_part = e.has_key?(:allowed) ? "(allowed: #{e[:allowed]})" : nil
message_part = e[:audit_message] ? "; message: #{e[:audit_message]}" : ""
statement = [ action_part, actor_part, resource_part, allowed_part ].compact.join(" ")
"reported #{statement}"+ message_part
- }
+ },
+ 'conjur:use_extra_privilege' => lambda{|e| "requested extra privilege #{e[:privilege]}"}
}
def ssh_sudo_message(e)
s = "#{e[:system_user]}"
s << " " << (e[:allowed] ? "ran" : "attempted to run")
@@ -68,16 +69,29 @@
end
extracted
end
def show_audit_events events, options
+ @count ||= 0
+
events = [events] unless events.kind_of?(Array)
# offset and limit options seem to be broken. this is a temporary workaround (should be applied on server-side eventually)
events = events.drop(options[:offset]) if options[:offset]
events = events.take(options[:limit]) if options[:limit]
if options[:short]
- events.each{|e| puts short_event_format(e)}
+ events.each do |e|
+ puts short_event_format(e)
+
+ # Undocumented, but for the sake of testing.... Allow
+ # --limit with --follow. When we hit the limit, bail out
+ # immediately: don't raise any exceptions, don't print any
+ # messages, just exit with status 0.
+ @count += 1
+ if options[:follow] && @count == options[:limit]
+ exit_now! 0
+ end
+ end
else
events.each{|e| puts JSON.pretty_generate(e) }
end
end