forked from cloudflare/cloudflare-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccess_audit_log.go
86 lines (71 loc) · 2.29 KB
/
access_audit_log.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
package cloudflare
import (
"context"
"fmt"
"net/http"
"net/url"
"strconv"
"time"
"github.com/goccy/go-json"
)
// AccessAuditLogRecord is the structure of a single Access Audit Log entry.
type AccessAuditLogRecord struct {
UserEmail string `json:"user_email"`
IPAddress string `json:"ip_address"`
AppUID string `json:"app_uid"`
AppDomain string `json:"app_domain"`
Action string `json:"action"`
Connection string `json:"connection"`
Allowed bool `json:"allowed"`
CreatedAt *time.Time `json:"created_at"`
RayID string `json:"ray_id"`
}
// AccessAuditLogListResponse represents the response from the list
// access applications endpoint.
type AccessAuditLogListResponse struct {
Result []AccessAuditLogRecord `json:"result"`
Response
ResultInfo `json:"result_info"`
}
// AccessAuditLogFilterOptions provides the structure of available audit log
// filters.
type AccessAuditLogFilterOptions struct {
Direction string
Since *time.Time
Until *time.Time
Limit int
}
// AccessAuditLogs retrieves all audit logs for the Access service.
//
// API reference: https://api.cloudflare.com/#access-requests-access-requests-audit
func (api *API) AccessAuditLogs(ctx context.Context, accountID string, opts AccessAuditLogFilterOptions) ([]AccessAuditLogRecord, error) {
uri := fmt.Sprintf("/accounts/%s/access/logs/access-requests?%s", accountID, opts.Encode())
res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
if err != nil {
return []AccessAuditLogRecord{}, fmt.Errorf("%s: %w", errMakeRequestError, err)
}
var accessAuditLogListResponse AccessAuditLogListResponse
err = json.Unmarshal(res, &accessAuditLogListResponse)
if err != nil {
return []AccessAuditLogRecord{}, fmt.Errorf("%s: %w", errUnmarshalError, err)
}
return accessAuditLogListResponse.Result, nil
}
// Encode is a custom method for encoding the filter options into a usable HTTP
// query parameter string.
func (a AccessAuditLogFilterOptions) Encode() string {
v := url.Values{}
if a.Direction != "" {
v.Set("direction", a.Direction)
}
if a.Limit > 0 {
v.Set("limit", strconv.Itoa(a.Limit))
}
if a.Since != nil {
v.Set("since", a.Since.Format(time.RFC3339))
}
if a.Until != nil {
v.Set("until", a.Until.Format(time.RFC3339))
}
return v.Encode()
}