Skip to content

feat(test): implement 'test run audit' command#93

Merged
gemanor merged 23 commits intopermitio:mainfrom
daveads:feat/permit-audit-logs
Apr 10, 2025
Merged

feat(test): implement 'test run audit' command#93
gemanor merged 23 commits intopermitio:mainfrom
daveads:feat/permit-audit-logs

Conversation

@daveads
Copy link
Copy Markdown
Collaborator

@daveads daveads commented Mar 27, 2025

This commit adds a new command to compare historical audit logs against a running PDP. The command:

  • Fetches audit logs from the Permit API based on provided filters
  • Replays these authorization decisions against a specified PDP
  • Shows differences between original decisions and current PDP behavior

Features:

  • Flexible filtering options (time frame, users, resources, etc.)
  • Clear comparison results with detailed diff information
  • Early failure detection for unreachable PDPs
  • Default values for easy execution without arguments

Closes this issue >>> #72

@daveads daveads marked this pull request as draft March 27, 2025 21:48
@daveads daveads marked this pull request as ready for review March 28, 2025 21:47
gemanor
gemanor reviewed Apr 1, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@gemanor gemanor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The is generally good, but it mismatches the API clients.

  1. Make sure you're using only API clients from useClient and not custom built ones from fetchUtil and lib/api
  2. In the same manner, all the scope handling in the component is redundant. It's against the guidelines to do API calls from the component

daveads and others added 9 commits April 2, 2025 00:16
gemanor
gemanor requested changes Apr 6, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@gemanor gemanor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there are some gaps in the implementations that need to clarify. Left some comments.

@daveads
fix: enhance audit test command with ABAC/ReBAC support
53e472c 
- Improve error handling to display actual error details to users
- Remove redundant scope fetching as it's handled by API client
- Add proper support for ABAC and ReBAC in check functions
- Enhance PDP request generation to properly handle resource keys and IDs
- Add proper handling of user and resource attributes in PDP requests
@daveads
Copy link
Copy Markdown
Collaborator Author

daveads commented Apr 10, 2025

audit
review_audit

@daveads
Copy link
Copy Markdown
Collaborator Author

daveads commented Apr 10, 2025

docker

npx tsx ./source/cli.tsx pdp run

@daveads daveads force-pushed the feat/permit-audit-logs branch from 9e0ec78 to 53e472c Compare April 10, 2025 09:10
gemanor
gemanor approved these changes Apr 10, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@gemanor gemanor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clean and comprehensive code! Well done

@gemanor gemanor merged commit 17b94f1 into permitio:main Apr 10, 2025
3 checks passed
@algora-pbc
Copy link
Copy Markdown

algora-pbc bot commented Apr 22, 2025

🎉🎈 @daveads has been awarded $2,000 by Permit.io! 🎈🎊

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gemanor gemanor gemanor approved these changes

Assignees

No one assigned

Labels

💰 Rewarded

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@daveads @gemanor