From 34b1d79e9d1e28caa86b3460d04ab44a550c2ecf Mon Sep 17 00:00:00 2001
From: mozillazg <mozillazg101@gmail.com>
Date: Wed, 13 Dec 2023 11:57:46 +0800
Subject: [PATCH] rbac: display the audit log details

---
 pkg/ctl/rbac/cleanupuserpermissions/cmd.go |  5 ++++-
 pkg/openapi/cs.go                          | 15 ++++++++++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/pkg/ctl/rbac/cleanupuserpermissions/cmd.go b/pkg/ctl/rbac/cleanupuserpermissions/cmd.go
index 07991ffb..aa282a00 100644
--- a/pkg/ctl/rbac/cleanupuserpermissions/cmd.go
+++ b/pkg/ctl/rbac/cleanupuserpermissions/cmd.go
@@ -6,6 +6,7 @@ import (
 	"github.com/AliyunContainerService/ack-ram-tool/pkg/ctl/rbac/scanuserpermissions"
 	"github.com/AliyunContainerService/ack-ram-tool/pkg/log"
 	"github.com/briandowns/spinner"
+	"github.com/fatih/color"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"time"
 
@@ -161,7 +162,9 @@ func cleanupOneCluster(ctx context.Context, bindings []binding.Binding,
 		if err != nil {
 			logger.Errorf("check cluster audit log failed: %s", err)
 		} else if resp.Active {
-			logger.Warnf("this user is active, and the last activity time was: %s", resp.LastActivity)
+			warn := color.RedString("this user has been active in the past 7 days, and the last activity time was: %s", resp.LastLocalActivity())
+			logger.Warnf("%s. You will find the relevant audit log details below:\nsls project: %s\nsls logstore: %s\nlast activity: %s (auditID: %s)",
+				warn, resp.LogProjectName, resp.LogStoreName, resp.LastLocalActivity(), resp.LastAuditId)
 		} else if !resp.Active {
 			logger.Info("no activity has been found in the cluster audit log for this user in the past 7 days")
 		}
diff --git a/pkg/openapi/cs.go b/pkg/openapi/cs.go
index c922a6ea..6bea9fbf 100644
--- a/pkg/openapi/cs.go
+++ b/pkg/openapi/cs.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"strings"
 	"time"
 
@@ -271,9 +272,17 @@ func (c *Client) CleanClusterUserPermissions(ctx context.Context, clusterId stri
 }
 
 type UserClusterActivityState struct {
-	Active       bool   `json:"active,omitempty"`
-	LastActivity string `json:"last_activity,omitempty"`
-	LastAuditId  string `json:"last_audit_id,omitempty"`
+	LogProjectName string `json:"log_project_name,omitempty"`
+	LogStoreName   string `json:"log_store_name,omitempty"`
+	LogQueryExp    string `json:"log_query_exp,omitempty"`
+
+	Active       bool         `json:"active"`
+	LastActivity *metav1.Time `json:"last_activity,omitempty"`
+	LastAuditId  string       `json:"last_audit_id,omitempty"`
+}
+
+func (s UserClusterActivityState) LastLocalActivity() string {
+	return s.LastActivity.Local().Format(time.RFC3339)
 }
 
 type describeUserClusterActivityState struct {