NAME
ort-audit-json —
audit ort role access as
JSON
SYNOPSIS
ort-audit-json |
[-s] [-r
role] [config...] |
DESCRIPTION
Accepts ort(5) config files, defaulting to standard input, and generates a JSON or JavaScript audit report on standard output. Its arguments are as follows:
-s- Emit a full JavaScript document instead of just a JSON object.
-rrole- Audit the named role.
By default, the all role is audited. The audit consists of all operations and reachable structures and fields along with documentation and other information germane to the audit target.
Output is formatted in JSON or as a JavaScript document. In the default JSON case, the output conforms to the following:
interface auditAccessFrom {
function: string;
exporting: boolean;
path: string;
}
interface auditAccess {
exportable: boolean;
data: string[];
accessfrom: auditAccessFrom[];
insert: string|null;
delete: string[];
update: string[];
count: string[];
get: string[];
iterate: string[];
list: string[];
}
interface auditFunction{
doc: string|null;
type: 'insert'|'delete'|...;
}
interface auditFunctionSet {
[name: string]: auditFunction;
}
interface auditField {
export: boolean;
doc: string|null;
}
interface auditFieldSet {
[name: string]: auditField;
}
export interface audit {
role: string;
doc: string|null;
access: auditAccess[];
functions: auditFunctionSet;
fields: auditFieldSet;
}
The root object is a "audit" object. If the
-s flag is given, the "audit" object is
wrapped as follows:
(function(root) {
'use strict';
var audit = { /* Contents of audit object. */ };
});
FILES
The audit.css,
audit.html, and audit.js
files, all installed into the share directory, provide an example
implementation of a web-based front-end. By putting these into a single
directory along with audit-out.js, consisting of the
output of ort-audit-json with
-s, a browser may be used to audit a role's
access.
EXIT STATUS
The ort-audit-json utility exits 0
on success, and >0 if an error occurs.