Add audit logs app (#46)

* add SSO skeleton to strip down later

* add proper images to the images folder

* change css in public folder to login.css with relevant css

* rename folders

* change folder names back to original names & adjust stylesheet and picture paths

* clean up '/' route in app.rb

* configure basic structure for /set_org before redirect

* add redirecft to /set_org

* remove render and set erb variables to display in send_events.erb

* add initial structure for /send_event route

* Add global variables from audit_log_events to app.rb

* remove auth route

* add exports_events page with initial structure

* add export_events route

* change pathing and variables in export_events.erb

* add today and last_month time to /get_events method

* Add if statement logic to /get_events

* remove redirect uri reference

* add snackbar to css and adjust variable names for send_events method

* commit to share

* add snackbar onClick to each send event button

* remove requires that aren't needed anymore

* add up to date css

* remove json require

* remove comments

* fix login.erb flex_column class name

* remove connection_id reference and adjust version number

* add readme

* adjust .env.example

Co-authored-by: Chase Lancaster <[email protected]>
Co-authored-by: Chase Lancaster <[email protected]>

Author: 3 people

ruby-audit-logs-example/.env.example

@@ -0,0 +1,2 @@
+WORKOS_API_KEY=''
+WORKOS_CLIENT_ID=''

ruby-audit-logs-example/.gitignore

@@ -0,0 +1 @@
+.env

ruby-audit-logs-example/.ruby-version

@@ -0,0 +1 @@
+2.9.0

ruby-audit-logs-example/Gemfile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+gem 'dotenv', '2.7.6'
+gem 'sinatra', '2.2.0'
+gem 'workos', '2.9.0'
+

ruby-audit-logs-example/Gemfile.lock

@@ -0,0 +1,33 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    dotenv (2.7.6)
+    mustermann (1.1.2)
+      ruby2_keywords (~> 0.0.1)
+    rack (2.2.4)
+    rack-protection (2.2.0)
+      rack
+    ruby2_keywords (0.0.5)
+    sinatra (2.2.0)
+      mustermann (~> 1.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.0)
+      tilt (~> 2.0)
+    sinatra-flash (0.3.0)
+      sinatra (>= 1.0.0)
+    sorbet-runtime (0.5.10461)
+    tilt (2.0.11)
+    workos (2.5.0)
+      sorbet-runtime (~> 0.5)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  dotenv (= 2.7.6)
+  sinatra (= 2.2.0)
+  sinatra-flash
+  workos (= 2.5.0)
+
+BUNDLED WITH
+   2.3.23

ruby-audit-logs-example/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 WorkOS
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

ruby-audit-logs-example/README.md

@@ -0,0 +1,49 @@
+# ruby-audit-logs-example
+
+An example Ruby application demonstrating how to use the [WorkOS Ruby SDK](https://github.com/workos/workos-ruby) to send and retrieve Audit Log events. This example is not meant to show a real-world example of an Audit Logs implementation, but rather to show concrete examples of how events can be sent using the Python SDK.
+
+## Clone and Install
+
+1. Clone the main repo:
+
+   ```sh
+   # HTTPS
+   $ git clone https://github.com/workos/ruby-example-applications.git
+   ```
+   
+
+2. Navigate to the Audit Logs example app within the cloned repo and install dependencies:
+
+   ```sh
+   $ cd ruby-example-applications/ruby-audit-logs-example && bundle install
+   ```
+
+## Configure your environment
+
+1. Grab your [API Key](https://dashboard.workos.com/api-keys) and your [Client ID](https://dashboard.workos.com/configuration).
+2. Run `cp .env.example .env` and add your API key and Client ID. The `workos` gem will read your API key from the ENV variable `WORKOS_API_KEY` and your Client ID from the ENV variable `WORKOS_CLIENT_ID`. You may also set the API key and Client ID yourself by adding `WorkOS.key = $YOUR_API_KEY` and `CLIENT_ID = $YOUR_CLIENT_ID` to `app.rb`.
+
+### Audit Logs Setup with WorkOS
+
+1. Follow the [Audit Logs configuration steps](https://workos.com/docs/audit-logs/emit-an-audit-log-event/sign-in-to-your-workos-dashboard-account-and-configure-audit-log-event-schemas) to set up the following 5 events that are sent with this example:
+
+Action title: "user.signed_in" | Target type: "team"
+Action title: "user.logged_out" | Target type: "team"
+Action title: "user.organization_set" | Target type: "team"
+Action title: "user.organization_deleted" | Target type: "team"
+Action title: "user.connection_deleted" | Target type: "team"
+
+2. Next, take note of the Organization ID for the Org which you will be sending the Audit Log events for. This ID gets entered into the splash page of the example application.
+
+3. Once you enter the Organization ID and submit it, you will be brought to the page where you'll be able to send the audit log events that were just configured. You'll also notice that the action of setting the Organization triggered an Audit Log already. Click the buttons to send the respective events.
+
+4. To obtain a CSV of the Audit Log events that were sent for the last 30 days, click the "Export Events" button. This will bring you to a new page where you can download the events. Downloading the events is a 2 step process. First you need to create the report by clicking the "Generate CSV" button. Then click the "Access CSV" button to download a CSV of the Audit Log events for the selected Organization for the past 30 days.
+
+## Run the app
+```sh
+ruby app.rb
+```
+
+## Need help?
+
+If you get stuck and aren't able to resolve the issue by reading our API reference or tutorials, you can reach out to us at [email protected] and we'll lend a hand.

ruby-audit-logs-example/app.rb

@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+
+require 'dotenv/load'
+require 'sinatra'
+require 'workos'
+require 'date'
+require_relative 'audit_log_events.rb'
+
+# Pull API key and Client ID from ENV variable
+WorkOS.key = ENV['WORKOS_API_KEY']
+CLIENT_ID = ENV['WORKOS_CLIENT_ID']
+
+enable :sessions
+
+use(
+  Rack::Session::Cookie,
+  key: 'rack.session',
+  domain: 'localhost',
+  path: '/',
+  expire_after: 2_592_000,
+  secret: SecureRandom.hex(16)
+)
+
+get '/' do
+  erb :login, :layout => :layout
+end
+
+post '/set_org' do
+  @organization_id = params[:org]
+
+  session[:organization_id] = @organization_id
+  
+  organization = WorkOS::Organizations.get_organization(
+  id: @organization_id
+  )
+  
+  @org_name = organization.name
+  session[:organization_name] = @org_name
+  erb :send_events, :layout => :layout
+end
+
+get '/set_org' do
+  @organization_id = session[:organization_id]
+  @org_name = session[:organization_name]
+  erb :send_events, :layout => :layout
+end  
+
+post '/send_event' do
+  event_type = params[:event]
+  @organization_id = session[:organization_id]
+  @org_name = session[:organization_name]
+
+  events = [
+        $user_signed_in,
+        $user_logged_out,
+        $user_organization_deleted,
+        $user_connection_deleted,
+    ]
+
+  event = events[event_type.to_i]
+
+  WorkOS::AuditLogs.create_event(
+    organization: @organization_id,
+    event: event
+  )
+
+  erb :send_events, :layout => :layout
+end
+
+get '/export_events' do
+  @organization_id = session[:organization_id]
+  @org_name = session[:organization_name]
+  erb :export_events, :layout => :layout
+end
+
+post '/get_events' do
+  organization_id = session[:organization_id]
+  event_type = params[:event]
+  today = DateTime.now.to_s
+  last_month = DateTime.now.prev_month.to_s
+  
+  if event_type == 'generate_csv'
+    audit_log_export = WorkOS::AuditLogs.create_export(
+      organization: organization_id,
+      range_start: last_month,
+      range_end: today
+    )
+    session[:export_id] = audit_log_export.id
+    puts audit_log_export.id
+    redirect '/export_events'
+  end
+  
+  if event_type == 'access_csv'
+    export_id = session[:export_id].to_s
+    puts export_id
+    audit_log_export = WorkOS::AuditLogs.get_export(
+      id: export_id
+    )
+    url = audit_log_export.url
+
+    redirect url
+  end
+
+end  
+
+
+# Logout a user
+get '/logout' do
+  session[:organization_id] = nil
+  session[:organization_name] = nil
+  session[:export_id] = nil
+  redirect '/'
+end

ruby-audit-logs-example/audit_log_events.rb

@@ -0,0 +1,96 @@
+require 'date'
+
+$user_signed_in = {
+    "action": "user.signed_in",
+    "occurred_at": DateTime.now,
+    "actor": {
+        "type": "user",
+        "id": "user_01GBNJC3MX9ZZJW1FSTF4C5938",
+    },
+    "targets": [
+        {
+            "type": "team",
+            "id": "team_01GBNJD4MKHVKJGEWK42JNMBGS",
+        },
+    ],
+    "context": {
+        "location": "123.123.123.123",
+        "user_agent": "Chrome/104.0.0.0",
+    },
+}
+
+$user_logged_out = {
+    "action": "user.logged_out",
+    "occurred_at": DateTime.now,
+    "actor": {
+        "type": "user",
+        "id": "user_01GBNJC3MX9ZZJW1FSTF4C5938",
+    },
+    "targets": [
+        {
+            "type": "team",
+            "id": "team_01GBNJD4MKHVKJGEWK42JNMBGS",
+        },
+    ],
+    "context": {
+        "location": "123.123.123.123",
+        "user_agent": "Chrome/104.0.0.0",
+    },
+}
+
+$user_organization_set = {
+    "action": "user.organization_set",
+    "occurred_at": DateTime.now,
+    "actor": {
+        "type": "user",
+        "id": "user_01GBNJC3MX9ZZJW1FSTF4C5938",
+    },
+    "targets": [
+        {
+            "type": "team",
+            "id": "team_01GBNJD4MKHVKJGEWK42JNMBGS",
+        },
+    ],
+    "context": {
+        "location": "123.123.123.123",
+        "user_agent": "Chrome/104.0.0.0",
+    },
+}
+
+$user_organization_deleted = {
+    "action": "user.organization_deleted",
+    "occurred_at": DateTime.now,
+    "actor": {
+        "type": "user",
+        "id": "user_01GBNJC3MX9ZZJW1FSTF4C5938",
+    },
+    "targets": [
+        {
+            "type": "team",
+            "id": "team_01GBNJD4MKHVKJGEWK42JNMBGS",
+        },
+    ],
+    "context": {
+        "location": "123.123.123.123",
+        "user_agent": "Chrome/104.0.0.0",
+    },
+}
+
+$user_connection_deleted = {
+    "action": "user.connection_deleted",
+    "occurred_at": DateTime.now,
+    "actor": {
+        "type": "user",
+        "id": "user_01GBNJC3MX9ZZJW1FSTF4C5938",
+    },
+    "targets": [
+        {
+            "type": "team",
+            "id": "team_01GBNJD4MKHVKJGEWK42JNMBGS",
+        },
+    ],
+    "context": {
+        "location": "123.123.123.123",
+        "user_agent": "Chrome/104.0.0.0",
+    },
+}