mirror of
https://github.com/khoaliber/dockhand.git
synced 2026-03-03 13:18:56 +00:00
183 lines
5.0 KiB
TypeScript
183 lines
5.0 KiB
TypeScript
import { authorize, enterpriseRequired } from '$lib/server/authorize';
|
|
import { getAuditLogs, type AuditLogFilters, type AuditEntityType, type AuditAction, type AuditLog } from '$lib/server/db';
|
|
import type { RequestHandler } from './$types';
|
|
|
|
function escapeCSV(value: string | null | undefined): string {
|
|
if (value === null || value === undefined) return '';
|
|
const str = String(value);
|
|
if (str.includes(',') || str.includes('"') || str.includes('\n')) {
|
|
return `"${str.replace(/"/g, '""')}"`;
|
|
}
|
|
return str;
|
|
}
|
|
|
|
function formatToJSON(logs: AuditLog[]): string {
|
|
return JSON.stringify(logs, null, 2);
|
|
}
|
|
|
|
function formatToCSV(logs: AuditLog[]): string {
|
|
const headers = [
|
|
'ID',
|
|
'Timestamp',
|
|
'Username',
|
|
'Action',
|
|
'Entity Type',
|
|
'Entity ID',
|
|
'Entity Name',
|
|
'Environment ID',
|
|
'Description',
|
|
'IP Address',
|
|
'User Agent',
|
|
'Details'
|
|
];
|
|
|
|
const rows = logs.map((log) => [
|
|
log.id,
|
|
log.createdAt,
|
|
escapeCSV(log.username),
|
|
escapeCSV(log.action),
|
|
escapeCSV(log.entityType),
|
|
escapeCSV(log.entityId),
|
|
escapeCSV(log.entityName),
|
|
log.environmentId ?? '',
|
|
escapeCSV(log.description),
|
|
escapeCSV(log.ipAddress),
|
|
escapeCSV(log.userAgent),
|
|
escapeCSV(log.details ? JSON.stringify(log.details) : '')
|
|
]);
|
|
|
|
return [headers.join(','), ...rows.map((row) => row.join(','))].join('\n');
|
|
}
|
|
|
|
function formatToMarkdown(logs: AuditLog[]): string {
|
|
const lines: string[] = [];
|
|
|
|
lines.push('# Audit Log Export');
|
|
lines.push('');
|
|
lines.push(`Generated: ${new Date().toISOString()}`);
|
|
lines.push('');
|
|
lines.push(`Total entries: ${logs.length}`);
|
|
lines.push('');
|
|
lines.push('---');
|
|
lines.push('');
|
|
|
|
for (const log of logs) {
|
|
lines.push(`## ${log.action.toUpperCase()} - ${log.entityType}`);
|
|
lines.push('');
|
|
lines.push(`| Field | Value |`);
|
|
lines.push(`|-------|-------|`);
|
|
lines.push(`| Timestamp | ${log.createdAt} |`);
|
|
lines.push(`| User | ${log.username} |`);
|
|
lines.push(`| Action | ${log.action} |`);
|
|
lines.push(`| Entity Type | ${log.entityType} |`);
|
|
if (log.entityName) lines.push(`| Entity Name | ${log.entityName} |`);
|
|
if (log.entityId) lines.push(`| Entity ID | \`${log.entityId}\` |`);
|
|
if (log.environmentId) lines.push(`| Environment ID | ${log.environmentId} |`);
|
|
if (log.description) lines.push(`| Description | ${log.description} |`);
|
|
if (log.ipAddress) lines.push(`| IP Address | ${log.ipAddress} |`);
|
|
|
|
if (log.details) {
|
|
lines.push('');
|
|
lines.push('**Details:**');
|
|
lines.push('```json');
|
|
lines.push(JSON.stringify(log.details, null, 2));
|
|
lines.push('```');
|
|
}
|
|
|
|
lines.push('');
|
|
lines.push('---');
|
|
lines.push('');
|
|
}
|
|
|
|
return lines.join('\n');
|
|
}
|
|
|
|
export const GET: RequestHandler = async ({ url, cookies }) => {
|
|
const auth = await authorize(cookies);
|
|
|
|
// Audit log is Enterprise-only
|
|
if (!auth.isEnterprise) {
|
|
return new Response(JSON.stringify(enterpriseRequired()), {
|
|
status: 403,
|
|
headers: { 'Content-Type': 'application/json' }
|
|
});
|
|
}
|
|
|
|
// Check permission
|
|
if (!await auth.canViewAuditLog()) {
|
|
return new Response(JSON.stringify({ error: 'Permission denied' }), {
|
|
status: 403,
|
|
headers: { 'Content-Type': 'application/json' }
|
|
});
|
|
}
|
|
|
|
try {
|
|
// Parse query parameters
|
|
const filters: AuditLogFilters = {};
|
|
|
|
const username = url.searchParams.get('username');
|
|
if (username) filters.username = username;
|
|
|
|
const entityType = url.searchParams.get('entityType');
|
|
if (entityType) filters.entityType = entityType as AuditEntityType;
|
|
|
|
const action = url.searchParams.get('action');
|
|
if (action) filters.action = action as AuditAction;
|
|
|
|
const envId = url.searchParams.get('environmentId');
|
|
if (envId) filters.environmentId = parseInt(envId);
|
|
|
|
const fromDate = url.searchParams.get('fromDate');
|
|
if (fromDate) filters.fromDate = fromDate;
|
|
|
|
const toDate = url.searchParams.get('toDate');
|
|
if (toDate) filters.toDate = toDate;
|
|
|
|
// For export, get all matching records (no pagination)
|
|
filters.limit = 10000; // Reasonable max limit
|
|
|
|
const result = await getAuditLogs(filters);
|
|
const logs = result.logs;
|
|
|
|
const format = url.searchParams.get('format') || 'json';
|
|
const timestamp = new Date().toISOString().split('T')[0];
|
|
|
|
let content: string;
|
|
let contentType: string;
|
|
let filename: string;
|
|
|
|
switch (format) {
|
|
case 'csv':
|
|
content = formatToCSV(logs);
|
|
contentType = 'text/csv';
|
|
filename = `audit-log-${timestamp}.csv`;
|
|
break;
|
|
case 'md':
|
|
content = formatToMarkdown(logs);
|
|
contentType = 'text/markdown';
|
|
filename = `audit-log-${timestamp}.md`;
|
|
break;
|
|
case 'json':
|
|
default:
|
|
content = formatToJSON(logs);
|
|
contentType = 'application/json';
|
|
filename = `audit-log-${timestamp}.json`;
|
|
break;
|
|
}
|
|
|
|
return new Response(content, {
|
|
status: 200,
|
|
headers: {
|
|
'Content-Type': contentType,
|
|
'Content-Disposition': `attachment; filename="${filename}"`
|
|
}
|
|
});
|
|
} catch (error) {
|
|
console.error('Error exporting audit logs:', error);
|
|
return new Response(JSON.stringify({ error: 'Failed to export audit logs' }), {
|
|
status: 500,
|
|
headers: { 'Content-Type': 'application/json' }
|
|
});
|
|
}
|
|
};
|