NAME

ort-audit-json — audit ort role access as JSON

SYNOPSIS

DESCRIPTION

Accepts ort(5) config files, defaulting to standard input, and generates a JSON or JavaScript audit report on standard output. Its arguments are as follows:

-s

Emit a full JavaScript document instead of just a JSON object.

-r role

Audit the named role.

By default, the all role is audited. The audit consists of all operations and reachable structures and fields along with documentation and other information germane to the audit target.

Output is formatted in JSON or as a JavaScript document. In the default JSON case, the output conforms to the following:

interface auditAccessFrom {
  function: string;
  exporting: boolean;
  path: string;
}

interface auditAccess {
  exportable: boolean;
  data: string[];
  accessfrom: auditAccessFrom[];
  insert: string|null;
  delete: string[];
  update: string[];
  count: string[];
  get: string[];
  iterate: string[];
  list: string[];
}

interface auditFunction{
  doc: string|null;
  type: 'insert'|'delete'|...;
}

interface auditFunctionSet {
  [name: string]: auditFunction;
}

interface auditField {
  export: boolean;
  doc: string|null;
}

interface auditFieldSet {
  [name: string]: auditField;
}

export interface audit {
  role: string;
  doc: string|null;
  access: auditAccess[];
  functions: auditFunctionSet;
  fields: auditFieldSet;
}

The root object is a "audit" object. If the -s flag is given, the "audit" object is wrapped as follows:

(function(root) {
 'use strict';
 var audit = { /* Contents of audit object. */ };
});

FILES

The audit.css, audit.html, and audit.js files, all installed into the share directory, provide an example implementation of a web-based front-end. By putting these into a single directory along with audit-out.js, consisting of the output of ort-audit-json with -s, a browser may be used to audit a role's access.

EXIT STATUS

The ort-audit-json utility exits 0 on success, and >0 if an error occurs.

SEE ALSO

ort(5)