UNPKG

azure-cli

Version:

Microsoft Azure Cross Platform Command Line tool

github.com/Azure/azure-xplat-cli

Azure/azure-xplat-cli

106 lines (49 loc) 7.59 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
/*** Generated by streamline 0.10.17 (callbacks) - DO NOT EDIT ***/ "use strict"; var __rt=require('streamline/lib/callbacks/runtime').runtime(__filename, false),__func=__rt.__func,__cb=__rt.__cb,__tryCatch=__rt.__tryCatch; var __ = require("underscore"); var util = require("util"); var utils = require("../../../util/utils"); var insightsUtils = require("../insights/insights.utils"); var auditUtils = require("./role.assignment.auditUtils"); var profile = require("../../../util/profile"); var adUtils = require("../ad/adUtils"); var rbacClients = require("../role/rbacClients"); var $ = utils.getLocaleString; exports.init = function(cli) { var log = cli.output; var role = cli.category("role"); var roleAssignmentComand = role.category("assignment").description($("Commands to manage role assignments")); var roleAssignmentLogsCommand = roleAssignmentComand.category("changelog").description($("Gets access change history for the selected subscription for the specified time range i.e. role assignments that were added or removed, including classic administrators (co-administrators and service administrators). Maximum duration that can be queried is 15 days (going back up to past 90 days).")); roleAssignmentLogsCommand.command("list").description($("List all access changes")).usage(((((((((("[-b startTime] [-e endTime]" + "\n") + "\n ----- Example 1 -------") + "\n azure role assignment changelog list") + "\n Gets the access change logs for the past hour.") + "\n") + "\n ----- Example 2 -------") + "\n azure role assignment changelog list -b \"09/20/2015 15:00\" -e \"09/24/2015 15:00\"") + "\n Gets all access change logs between the specified dates.") + "\n")).option("-b --startTime <startTime>", $("The start time of the query. E.g. \"2015-08-29 15:30\". If both startTime and endTime are not specified, defaults to the last one hour. Maximum query interval supported is 15 days.")).option("-e --endTime <endTime>", $("The end time of the query. E.g. \"2015-08-29 15:30\".If both startTime and endTime are not specified, defaults to the last one hour. Maximum query interval supported is 15 days.")).option("-s --subscription <subscription>", $("Name or identifier of the subscription where the changelog is to be retrieved.")).execute(function __1(options, _) { var __frame = { name: "__1", line: 52 }; return __func(_, this, arguments, __1, 1, __frame, function __$__1() { return roleAssignmentLogsCommand._prepareAndExecute(options, __cb(_, __frame, 1, 34, function __$__1() { _(); }, true)); }); }); roleAssignmentLogsCommand._prepareAndExecute = function roleAssignmentLogsCommand__prepareAndExecute__2(options, _) { var client, queryFilter, __this = this; var __frame = { name: "roleAssignmentLogsCommand__prepareAndExecute__2", line: 57 }; return __func(_, this, arguments, roleAssignmentLogsCommand__prepareAndExecute__2, 1, __frame, function __$roleAssignmentLogsCommand__prepareAndExecute__2() { client = insightsUtils.createInsightsClient(log, options); queryFilter = __this._processGeneralParameters(options.startTime, options.endTime); queryFilter = insightsUtils.addConditionIfPresent(queryFilter, "resourceProvider", "Microsoft.Authorization"); return __this._executeEventsCmd(client, queryFilter, insightsUtils.passAllFilter, options, __cb(_, __frame, 4, 9, function __$roleAssignmentLogsCommand__prepareAndExecute__2() { _(); }, true)); }); }; roleAssignmentLogsCommand._processGeneralParameters = function(startTime, endTime) { var queryFilter = insightsUtils.validateDateTimeRangeAndAddDefaultsEvents(startTime, endTime); return queryFilter; }; roleAssignmentLogsCommand._executeEventsCmd = function roleAssignmentLogsCommand__executeEventsCmd__3(client, queryFilter, keepTheRecord, options, _) { var progress, insightsResult, subscription, response, recordFilter, nextLink, graphClient, authzClient; var __frame = { name: "roleAssignmentLogsCommand__executeEventsCmd__3", line: 69 }; return __func(_, this, arguments, roleAssignmentLogsCommand__executeEventsCmd__3, 4, __frame, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { progress = cli.interaction.progress(util.format($("Querying \"%s\""), queryFilter)); insightsResult = []; subscription = profile.current.getSubscription(options.subscription); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { return client.eventOperations.listEvents(queryFilter, null, __cb(_, __frame, 6, 44, function ___(__0, __1) { response = __1; log.silly((__.isObject(response) ? util.inspect(response) : "nothing in response")); log.silly(((__.isObject(response) && response.eventDataCollection) ? util.inspect(response.eventDataCollection) : "nothing in eventDataCollection")); recordFilter = function(element) { if (keepTheRecord(element)) { insightsResult.push(element); } ; }; __.each(response.eventDataCollection.value, recordFilter); nextLink = response.eventDataCollection.nextLink; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { __more = false; var __4 = nextLink; if (__4) { log.silly("Following nextLink"); return client.eventOperations.listEventsNext(nextLink, __cb(_, __frame, 20, 42, function ___(__0, __2) { response = __2; __.each(response.eventDataCollection.value, recordFilter); nextLink = response.eventDataCollection.nextLink; while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(function __$roleAssignmentLogsCommand__executeEventsCmd__3() { _(null, null, true); }); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { graphClient = adUtils.getADGraphClient(subscription); authzClient = rbacClients.getAuthzClient(subscription); return (function __$roleAssignmentLogsCommand__executeEventsCmd__3(__then) { if ((insightsResult.length > 0)) { progress = cli.interaction.progress("Processing logs"); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { return auditUtils.processInsightsResults(cli, log, insightsResult, subscription, graphClient, authzClient, __cb(_, __frame, 33, 19, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$roleAssignmentLogsCommand__executeEventsCmd__3() { log.silly("done"); progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, __then); }); } else { __then(); } ; })(_); }); }); }); };};