github.com/gravitational/teleport/api@v0.0.0-20240507183017-3110591cbafc/client/events.go (about) 1 // Copyright 2022 Gravitational, Inc 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package client 16 17 import ( 18 "github.com/gravitational/trace" 19 20 "github.com/gravitational/teleport/api/client/proto" 21 accessmonitoringrulesv1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/accessmonitoringrules/v1" 22 crownjewelv1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/crownjewel/v1" 23 kubewaitingcontainerpb "github.com/gravitational/teleport/api/gen/proto/go/teleport/kubewaitingcontainer/v1" 24 notificationsv1 "github.com/gravitational/teleport/api/gen/proto/go/teleport/notifications/v1" 25 "github.com/gravitational/teleport/api/types" 26 "github.com/gravitational/teleport/api/types/accesslist" 27 accesslistv1conv "github.com/gravitational/teleport/api/types/accesslist/convert/v1" 28 "github.com/gravitational/teleport/api/types/discoveryconfig" 29 discoveryconfigv1conv "github.com/gravitational/teleport/api/types/discoveryconfig/convert/v1" 30 "github.com/gravitational/teleport/api/types/secreports" 31 secreprotsv1conv "github.com/gravitational/teleport/api/types/secreports/convert/v1" 32 "github.com/gravitational/teleport/api/types/userloginstate" 33 userloginstatev1conv "github.com/gravitational/teleport/api/types/userloginstate/convert/v1" 34 ) 35 36 // EventToGRPC converts types.Event to proto.Event. 37 func EventToGRPC(in types.Event) (*proto.Event, error) { 38 eventType, err := EventTypeToGRPC(in.Type) 39 if err != nil { 40 return nil, trace.Wrap(err) 41 } 42 out := proto.Event{ 43 Type: eventType, 44 } 45 if in.Type == types.OpInit { 46 watchStatus, ok := in.Resource.(*types.WatchStatusV1) 47 if !ok { 48 return nil, trace.BadParameter("unexpected resource type %T for Init event", in.Resource) 49 } 50 out.Resource = &proto.Event_WatchStatus{ 51 WatchStatus: watchStatus, 52 } 53 return &out, nil 54 } 55 switch r := in.Resource.(type) { 56 case types.Resource153Unwrapper: 57 switch r := r.Unwrap().(type) { 58 case *kubewaitingcontainerpb.KubernetesWaitingContainer: 59 out.Resource = &proto.Event_KubernetesWaitingContainer{ 60 KubernetesWaitingContainer: r, 61 } 62 case *notificationsv1.Notification: 63 out.Resource = &proto.Event_UserNotification{ 64 UserNotification: r, 65 } 66 case *notificationsv1.GlobalNotification: 67 out.Resource = &proto.Event_GlobalNotification{ 68 GlobalNotification: r, 69 } 70 case *accessmonitoringrulesv1.AccessMonitoringRule: 71 out.Resource = &proto.Event_AccessMonitoringRule{ 72 AccessMonitoringRule: r, 73 } 74 case *crownjewelv1.CrownJewel: 75 out.Resource = &proto.Event_CrownJewel{ 76 CrownJewel: r, 77 } 78 } 79 case *types.ResourceHeader: 80 out.Resource = &proto.Event_ResourceHeader{ 81 ResourceHeader: r, 82 } 83 case *types.CertAuthorityV2: 84 out.Resource = &proto.Event_CertAuthority{ 85 CertAuthority: r, 86 } 87 case *types.StaticTokensV2: 88 out.Resource = &proto.Event_StaticTokens{ 89 StaticTokens: r, 90 } 91 case *types.ProvisionTokenV2: 92 out.Resource = &proto.Event_ProvisionToken{ 93 ProvisionToken: r, 94 } 95 case *types.ClusterNameV2: 96 out.Resource = &proto.Event_ClusterName{ 97 ClusterName: r, 98 } 99 case *types.UserV2: 100 out.Resource = &proto.Event_User{ 101 User: r, 102 } 103 case *types.RoleV6: 104 out.Resource = &proto.Event_Role{ 105 Role: r, 106 } 107 case *types.Namespace: 108 out.Resource = &proto.Event_Namespace{ 109 Namespace: r, 110 } 111 case *types.ServerV2: 112 out.Resource = &proto.Event_Server{ 113 Server: r, 114 } 115 case *types.ReverseTunnelV2: 116 out.Resource = &proto.Event_ReverseTunnel{ 117 ReverseTunnel: r, 118 } 119 case *types.TunnelConnectionV2: 120 out.Resource = &proto.Event_TunnelConnection{ 121 TunnelConnection: r, 122 } 123 case *types.AccessRequestV3: 124 out.Resource = &proto.Event_AccessRequest{ 125 AccessRequest: r, 126 } 127 case *types.WebSessionV2: 128 switch r.GetSubKind() { 129 case types.KindAppSession: 130 out.Resource = &proto.Event_AppSession{ 131 AppSession: r, 132 } 133 case types.KindWebSession: 134 out.Resource = &proto.Event_WebSession{ 135 WebSession: r, 136 } 137 case types.KindSnowflakeSession: 138 out.Resource = &proto.Event_SnowflakeSession{ 139 SnowflakeSession: r, 140 } 141 case types.KindSAMLIdPSession: 142 out.Resource = &proto.Event_SAMLIdPSession{ 143 SAMLIdPSession: r, 144 } 145 default: 146 return nil, trace.BadParameter("only %q supported", types.WebSessionSubKinds) 147 } 148 case *types.WebTokenV3: 149 out.Resource = &proto.Event_WebToken{ 150 WebToken: r, 151 } 152 case *types.RemoteClusterV3: 153 out.Resource = &proto.Event_RemoteCluster{ 154 RemoteCluster: r, 155 } 156 case *types.KubernetesServerV3: 157 out.Resource = &proto.Event_KubernetesServer{ 158 KubernetesServer: r, 159 } 160 case *types.KubernetesClusterV3: 161 out.Resource = &proto.Event_KubernetesCluster{ 162 KubernetesCluster: r, 163 } 164 case *types.AppServerV3: 165 out.Resource = &proto.Event_AppServer{ 166 AppServer: r, 167 } 168 case *types.DatabaseServerV3: 169 out.Resource = &proto.Event_DatabaseServer{ 170 DatabaseServer: r, 171 } 172 case *types.DatabaseV3: 173 out.Resource = &proto.Event_Database{ 174 Database: r, 175 } 176 case *types.AppV3: 177 out.Resource = &proto.Event_App{ 178 App: r, 179 } 180 case *types.ClusterAuditConfigV2: 181 out.Resource = &proto.Event_ClusterAuditConfig{ 182 ClusterAuditConfig: r, 183 } 184 case *types.ClusterNetworkingConfigV2: 185 out.Resource = &proto.Event_ClusterNetworkingConfig{ 186 ClusterNetworkingConfig: r, 187 } 188 case *types.SessionRecordingConfigV2: 189 out.Resource = &proto.Event_SessionRecordingConfig{ 190 SessionRecordingConfig: r, 191 } 192 case *types.AuthPreferenceV2: 193 out.Resource = &proto.Event_AuthPreference{ 194 AuthPreference: r, 195 } 196 case *types.LockV2: 197 out.Resource = &proto.Event_Lock{ 198 Lock: r, 199 } 200 case *types.NetworkRestrictionsV4: 201 out.Resource = &proto.Event_NetworkRestrictions{ 202 NetworkRestrictions: r, 203 } 204 case *types.WindowsDesktopServiceV3: 205 out.Resource = &proto.Event_WindowsDesktopService{ 206 WindowsDesktopService: r, 207 } 208 case *types.WindowsDesktopV3: 209 out.Resource = &proto.Event_WindowsDesktop{ 210 WindowsDesktop: r, 211 } 212 case *types.InstallerV1: 213 out.Resource = &proto.Event_Installer{ 214 Installer: r, 215 } 216 case *types.UIConfigV1: 217 out.Resource = &proto.Event_UIConfig{ 218 UIConfig: r, 219 } 220 case *types.DatabaseServiceV1: 221 out.Resource = &proto.Event_DatabaseService{ 222 DatabaseService: r, 223 } 224 case *types.SAMLIdPServiceProviderV1: 225 out.Resource = &proto.Event_SAMLIdPServiceProvider{ 226 SAMLIdPServiceProvider: r, 227 } 228 case *types.UserGroupV1: 229 out.Resource = &proto.Event_UserGroup{ 230 UserGroup: r, 231 } 232 case *types.OktaImportRuleV1: 233 out.Resource = &proto.Event_OktaImportRule{ 234 OktaImportRule: r, 235 } 236 case *types.OktaAssignmentV1: 237 out.Resource = &proto.Event_OktaAssignment{ 238 OktaAssignment: r, 239 } 240 case *types.IntegrationV1: 241 out.Resource = &proto.Event_Integration{ 242 Integration: r, 243 } 244 case *types.HeadlessAuthentication: 245 out.Resource = &proto.Event_HeadlessAuthentication{ 246 HeadlessAuthentication: r, 247 } 248 case *accesslist.AccessList: 249 out.Resource = &proto.Event_AccessList{ 250 AccessList: accesslistv1conv.ToProto(r), 251 } 252 case *userloginstate.UserLoginState: 253 out.Resource = &proto.Event_UserLoginState{ 254 UserLoginState: userloginstatev1conv.ToProto(r), 255 } 256 case *accesslist.AccessListMember: 257 out.Resource = &proto.Event_AccessListMember{ 258 AccessListMember: accesslistv1conv.ToMemberProto(r), 259 } 260 case *discoveryconfig.DiscoveryConfig: 261 out.Resource = &proto.Event_DiscoveryConfig{ 262 DiscoveryConfig: discoveryconfigv1conv.ToProto(r), 263 } 264 case *secreports.AuditQuery: 265 out.Resource = &proto.Event_AuditQuery{ 266 AuditQuery: secreprotsv1conv.ToProtoAuditQuery(r), 267 } 268 case *secreports.Report: 269 out.Resource = &proto.Event_Report{ 270 Report: secreprotsv1conv.ToProtoReport(r), 271 } 272 case *secreports.ReportState: 273 out.Resource = &proto.Event_ReportState{ 274 ReportState: secreprotsv1conv.ToProtoReportState(r), 275 } 276 case *accesslist.Review: 277 out.Resource = &proto.Event_AccessListReview{ 278 AccessListReview: accesslistv1conv.ToReviewProto(r), 279 } 280 default: 281 return nil, trace.BadParameter("resource type %T is not supported", in.Resource) 282 } 283 return &out, nil 284 } 285 286 // EventTypeToGRPC converts types.OpType to proto.Operation 287 func EventTypeToGRPC(in types.OpType) (proto.Operation, error) { 288 switch in { 289 case types.OpInit: 290 return proto.Operation_INIT, nil 291 case types.OpPut: 292 return proto.Operation_PUT, nil 293 case types.OpDelete: 294 return proto.Operation_DELETE, nil 295 default: 296 return -1, trace.BadParameter("event type %v is not supported", in) 297 } 298 } 299 300 // EventFromGRPC converts proto.Event to types.Event 301 func EventFromGRPC(in *proto.Event) (*types.Event, error) { 302 eventType, err := EventTypeFromGRPC(in.Type) 303 if err != nil { 304 return nil, trace.Wrap(err) 305 } 306 out := types.Event{ 307 Type: eventType, 308 } 309 if eventType == types.OpInit { 310 if r := in.GetWatchStatus(); r != nil { 311 out.Resource = r 312 } 313 return &out, nil 314 } 315 if r := in.GetResourceHeader(); r != nil { 316 out.Resource = r 317 return &out, nil 318 } else if r := in.GetCertAuthority(); r != nil { 319 out.Resource = r 320 return &out, nil 321 } else if r := in.GetStaticTokens(); r != nil { 322 out.Resource = r 323 return &out, nil 324 } else if r := in.GetProvisionToken(); r != nil { 325 out.Resource = r 326 return &out, nil 327 } else if r := in.GetClusterName(); r != nil { 328 out.Resource = r 329 return &out, nil 330 } else if r := in.GetUser(); r != nil { 331 out.Resource = r 332 return &out, nil 333 } else if r := in.GetRole(); r != nil { 334 out.Resource = r 335 return &out, nil 336 } else if r := in.GetNamespace(); r != nil { 337 out.Resource = r 338 return &out, nil 339 } else if r := in.GetServer(); r != nil { 340 out.Resource = r 341 return &out, nil 342 } else if r := in.GetReverseTunnel(); r != nil { 343 out.Resource = r 344 return &out, nil 345 } else if r := in.GetTunnelConnection(); r != nil { 346 out.Resource = r 347 return &out, nil 348 } else if r := in.GetAccessRequest(); r != nil { 349 out.Resource = r 350 return &out, nil 351 } else if r := in.GetSnowflakeSession(); r != nil { 352 out.Resource = r 353 return &out, nil 354 } else if r := in.GetAppSession(); r != nil { 355 out.Resource = r 356 return &out, nil 357 } else if r := in.GetWebSession(); r != nil { 358 out.Resource = r 359 return &out, nil 360 } else if r := in.GetWebToken(); r != nil { 361 out.Resource = r 362 return &out, nil 363 } else if r := in.GetRemoteCluster(); r != nil { 364 out.Resource = r 365 return &out, nil 366 } else if r := in.GetAppServer(); r != nil { 367 out.Resource = r 368 return &out, nil 369 } else if r := in.GetDatabaseServer(); r != nil { 370 out.Resource = r 371 return &out, nil 372 } else if r := in.GetApp(); r != nil { 373 out.Resource = r 374 return &out, nil 375 } else if r := in.GetDatabase(); r != nil { 376 out.Resource = r 377 return &out, nil 378 } else if r := in.GetClusterAuditConfig(); r != nil { 379 out.Resource = r 380 return &out, nil 381 } else if r := in.GetClusterNetworkingConfig(); r != nil { 382 out.Resource = r 383 return &out, nil 384 } else if r := in.GetSessionRecordingConfig(); r != nil { 385 out.Resource = r 386 return &out, nil 387 } else if r := in.GetAuthPreference(); r != nil { 388 out.Resource = r 389 return &out, nil 390 } else if r := in.GetLock(); r != nil { 391 out.Resource = r 392 return &out, nil 393 } else if r := in.GetNetworkRestrictions(); r != nil { 394 out.Resource = r 395 return &out, nil 396 } else if r := in.GetWindowsDesktopService(); r != nil { 397 out.Resource = r 398 return &out, nil 399 } else if r := in.GetWindowsDesktop(); r != nil { 400 out.Resource = r 401 return &out, nil 402 } else if r := in.GetKubernetesServer(); r != nil { 403 out.Resource = r 404 return &out, nil 405 } else if r := in.GetKubernetesCluster(); r != nil { 406 out.Resource = r 407 return &out, nil 408 } else if r := in.GetInstaller(); r != nil { 409 out.Resource = r 410 return &out, nil 411 } else if r := in.GetUIConfig(); r != nil { 412 out.Resource = r 413 return &out, nil 414 } else if r := in.GetDatabaseService(); r != nil { 415 out.Resource = r 416 return &out, nil 417 } else if r := in.GetSAMLIdPServiceProvider(); r != nil { 418 out.Resource = r 419 return &out, nil 420 } else if r := in.GetUserGroup(); r != nil { 421 out.Resource = r 422 return &out, nil 423 } else if r := in.GetOktaImportRule(); r != nil { 424 out.Resource = r 425 return &out, nil 426 } else if r := in.GetOktaAssignment(); r != nil { 427 out.Resource = r 428 return &out, nil 429 } else if r := in.GetIntegration(); r != nil { 430 out.Resource = r 431 return &out, nil 432 } else if r := in.GetHeadlessAuthentication(); r != nil { 433 out.Resource = r 434 return &out, nil 435 } else if r := in.GetAccessList(); r != nil { 436 out.Resource, err = accesslistv1conv.FromProto(r) 437 if err != nil { 438 return nil, trace.Wrap(err) 439 } 440 return &out, nil 441 } else if r := in.GetUserLoginState(); r != nil { 442 out.Resource, err = userloginstatev1conv.FromProto(r) 443 if err != nil { 444 return nil, trace.Wrap(err) 445 } 446 return &out, nil 447 } else if r := in.GetAccessListMember(); r != nil { 448 out.Resource, err = accesslistv1conv.FromMemberProto(r) 449 if err != nil { 450 return nil, trace.Wrap(err) 451 } 452 return &out, nil 453 } else if r := in.GetDiscoveryConfig(); r != nil { 454 out.Resource, err = discoveryconfigv1conv.FromProto(r) 455 if err != nil { 456 return nil, trace.Wrap(err) 457 } 458 return &out, nil 459 } else if r := in.GetAuditQuery(); r != nil { 460 out.Resource, err = secreprotsv1conv.FromProtoAuditQuery(r) 461 if err != nil { 462 return nil, trace.Wrap(err) 463 } 464 return &out, nil 465 } else if r := in.GetReport(); r != nil { 466 out.Resource, err = secreprotsv1conv.FromProtoReport(r) 467 if err != nil { 468 return nil, trace.Wrap(err) 469 } 470 return &out, nil 471 } else if r := in.GetReportState(); r != nil { 472 out.Resource, err = secreprotsv1conv.FromProtoReportState(r) 473 if err != nil { 474 return nil, trace.Wrap(err) 475 } 476 return &out, nil 477 } else if r := in.GetAccessListReview(); r != nil { 478 out.Resource, err = accesslistv1conv.FromReviewProto(r) 479 if err != nil { 480 return nil, trace.Wrap(err) 481 } 482 return &out, nil 483 } else if r := in.GetKubernetesWaitingContainer(); r != nil { 484 out.Resource = types.Resource153ToLegacy(r) 485 return &out, nil 486 } else if r := in.GetUserNotification(); r != nil { 487 out.Resource = types.Resource153ToLegacy(r) 488 return &out, nil 489 } else if r := in.GetGlobalNotification(); r != nil { 490 out.Resource = types.Resource153ToLegacy(r) 491 return &out, nil 492 } else if r := in.GetAccessMonitoringRule(); r != nil { 493 out.Resource = types.Resource153ToLegacy(r) 494 return &out, nil 495 } else if r := in.GetCrownJewel(); r != nil { 496 out.Resource = types.Resource153ToLegacy(r) 497 return &out, nil 498 } else { 499 return nil, trace.BadParameter("received unsupported resource %T", in.Resource) 500 } 501 } 502 503 // EventTypeFromGRPC converts proto.Operation to types.OpType 504 func EventTypeFromGRPC(in proto.Operation) (types.OpType, error) { 505 switch in { 506 case proto.Operation_INIT: 507 return types.OpInit, nil 508 case proto.Operation_PUT: 509 return types.OpPut, nil 510 case proto.Operation_DELETE: 511 return types.OpDelete, nil 512 default: 513 return types.OpInvalid, trace.BadParameter("unsupported operation type: %v", in) 514 } 515 }