feat(pedm): log and query JIT elevations (#1334)

JIT elevations (where the user right-clicks and chooses "Run elevated")
are logged in the SQL datastore. The full elevation request is not
logged - the current capabilities don't give any worth in logging
anything about the asker application (beyond the path, maybe).
Additionally we log the authenticate status of the target application
but not the actual certificates used to sign it. This can be added later
if needed, but that level of data is probably too high fidelity for now.

We need the user to exist in the database, which isn't happening
currently; so we do an upsert of the user information at the time of
logging.

A new route is added /log/jit to query the elevation logs from RDM.

The user must filter by start and end times, and optionally by user. If
the user is not elevated, they can only query their own logs.

The user can specify a sort column and sort direction (currently what is
available here is determined by the columns we show in RDM, it can be
extended).

The user must specify a page size and offset; this facilitates paging
the query results rather than sending back the whole data set on one
call.

The data set returned is, again, driven by what we currently display in
RDM. It can be extended easily.

Author: thenextman

crates/devolutions-pedm-shared/devolutions-pedm-client-http/.openapi-generator/FILES

@@ -1,29 +1,25 @@
 Cargo.toml
 README.md
-docs/Application.md
+docs/AboutData.md
 docs/Assignment.md
-docs/AuthenticodeSignatureStatus.md
-docs/Certificate.md
 docs/DefaultApi.md
 docs/ElevateTemporaryPayload.md
 docs/ElevationConfigurations.md
 docs/ElevationKind.md
 docs/ElevationMethod.md
-docs/ElevationRequest.md
-docs/ElevationResult.md
 docs/Error.md
 docs/ErrorResponse.md
 docs/GetProfilesMeResponse.md
-docs/Hash.md
+docs/JitElevationLogPage.md
+docs/JitElevationLogQueryOptions.md
+docs/JitElevationLogRow.md
 docs/LaunchPayload.md
 docs/LaunchResponse.md
 docs/OptionalId.md
 docs/PathIdParameter.md
 docs/Profile.md
 docs/SessionElevationConfiguration.md
 docs/SessionElevationStatus.md
-docs/Signature.md
-docs/Signer.md
 docs/StartupInfoDto.md
 docs/StatusResponse.md
 docs/TemporaryElevationConfiguration.md
@@ -35,20 +31,18 @@ src/apis/default_api.rs
 src/apis/mod.rs
 src/apis/request.rs
 src/lib.rs
-src/models/application.rs
+src/models/about_data.rs
 src/models/assignment.rs
-src/models/authenticode_signature_status.rs
-src/models/certificate.rs
 src/models/elevate_temporary_payload.rs
 src/models/elevation_configurations.rs
 src/models/elevation_kind.rs
 src/models/elevation_method.rs
-src/models/elevation_request.rs
-src/models/elevation_result.rs
 src/models/error.rs
 src/models/error_response.rs
 src/models/get_profiles_me_response.rs
-src/models/hash.rs
+src/models/jit_elevation_log_page.rs
+src/models/jit_elevation_log_query_options.rs
+src/models/jit_elevation_log_row.rs
 src/models/launch_payload.rs
 src/models/launch_response.rs
 src/models/mod.rs
@@ -57,8 +51,6 @@ src/models/path_id_parameter.rs
 src/models/profile.rs
 src/models/session_elevation_configuration.rs
 src/models/session_elevation_status.rs
-src/models/signature.rs
-src/models/signer.rs
 src/models/startup_info_dto.rs
 src/models/status_response.rs
 src/models/temporary_elevation_configuration.rs

crates/devolutions-pedm-shared/devolutions-pedm-client-http/README.md

@@ -26,10 +26,11 @@ All URIs are relative to *http://localhost*
 
 Class | Method | HTTP request | Description
 ------------ | ------------- | ------------- | -------------
+*DefaultApi* | [**about_get**](docs/DefaultApi.md#about_get) | **Get** /about | 
 *DefaultApi* | [**elevate_session_post**](docs/DefaultApi.md#elevate_session_post) | **Post** /elevate/session | 
 *DefaultApi* | [**elevate_temporary_post**](docs/DefaultApi.md#elevate_temporary_post) | **Post** /elevate/temporary | 
 *DefaultApi* | [**launch_post**](docs/DefaultApi.md#launch_post) | **Post** /launch | 
-*DefaultApi* | [**logs_get**](docs/DefaultApi.md#logs_get) | **Get** /logs | 
+*DefaultApi* | [**log_jit_get**](docs/DefaultApi.md#log_jit_get) | **Get** /log/jit | 
 *DefaultApi* | [**policy_assignments_get**](docs/DefaultApi.md#policy_assignments_get) | **Get** /policy/assignments | 
 *DefaultApi* | [**policy_assignments_id_put**](docs/DefaultApi.md#policy_assignments_id_put) | **Put** /policy/assignments/{id} | 
 *DefaultApi* | [**policy_me_get**](docs/DefaultApi.md#policy_me_get) | **Get** /policy/me | 
@@ -45,29 +46,25 @@ Class | Method | HTTP request | Description
 
 ## Documentation For Models
 
- - [Application](docs/Application.md)
+ - [AboutData](docs/AboutData.md)
  - [Assignment](docs/Assignment.md)
- - [AuthenticodeSignatureStatus](docs/AuthenticodeSignatureStatus.md)
- - [Certificate](docs/Certificate.md)
  - [ElevateTemporaryPayload](docs/ElevateTemporaryPayload.md)
  - [ElevationConfigurations](docs/ElevationConfigurations.md)
  - [ElevationKind](docs/ElevationKind.md)
  - [ElevationMethod](docs/ElevationMethod.md)
- - [ElevationRequest](docs/ElevationRequest.md)
- - [ElevationResult](docs/ElevationResult.md)
  - [Error](docs/Error.md)
  - [ErrorResponse](docs/ErrorResponse.md)
  - [GetProfilesMeResponse](docs/GetProfilesMeResponse.md)
- - [Hash](docs/Hash.md)
+ - [JitElevationLogPage](docs/JitElevationLogPage.md)
+ - [JitElevationLogQueryOptions](docs/JitElevationLogQueryOptions.md)
+ - [JitElevationLogRow](docs/JitElevationLogRow.md)
  - [LaunchPayload](docs/LaunchPayload.md)
  - [LaunchResponse](docs/LaunchResponse.md)
  - [OptionalId](docs/OptionalId.md)
  - [PathIdParameter](docs/PathIdParameter.md)
  - [Profile](docs/Profile.md)
  - [SessionElevationConfiguration](docs/SessionElevationConfiguration.md)
  - [SessionElevationStatus](docs/SessionElevationStatus.md)
- - [Signature](docs/Signature.md)
- - [Signer](docs/Signer.md)
  - [StartupInfoDto](docs/StartupInfoDto.md)
  - [StatusResponse](docs/StatusResponse.md)
  - [TemporaryElevationConfiguration](docs/TemporaryElevationConfiguration.md)

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/AboutData.md

@@ -0,0 +1,15 @@
+# AboutData
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**current_request_count** | **i32** |  | 
+**last_request_time** | Option<**String**> | The time of the most recent request.  This can be `None` if `/about` is the first request made. | [optional]
+**run_id** | **i32** |  | 
+**start_time** | **String** |  | 
+**startup_request_count** | **i32** |  | 
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/Application.md

@@ -4,10 +4,11 @@ All URIs are relative to *http://localhost*
 
 Method | HTTP request | Description
 ------------- | ------------- | -------------
+[**about_get**](DefaultApi.md#about_get) | **Get** /about | 
 [**elevate_session_post**](DefaultApi.md#elevate_session_post) | **Post** /elevate/session | 
 [**elevate_temporary_post**](DefaultApi.md#elevate_temporary_post) | **Post** /elevate/temporary | 
 [**launch_post**](DefaultApi.md#launch_post) | **Post** /launch | 
-[**logs_get**](DefaultApi.md#logs_get) | **Get** /logs | 
+[**log_jit_get**](DefaultApi.md#log_jit_get) | **Get** /log/jit | 
 [**policy_assignments_get**](DefaultApi.md#policy_assignments_get) | **Get** /policy/assignments | 
 [**policy_assignments_id_put**](DefaultApi.md#policy_assignments_id_put) | **Put** /policy/assignments/{id} | 
 [**policy_me_get**](DefaultApi.md#policy_me_get) | **Get** /policy/me | 
@@ -22,6 +23,31 @@ Method | HTTP request | Description
 
 
 
+## about_get
+
+> models::AboutData about_get()
+
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**models::AboutData**](AboutData.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: application/json
+
+[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
+
+
 ## elevate_session_post
 
 > elevate_session_post()
@@ -103,26 +129,29 @@ No authorization required
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
 
-## logs_get
+## log_jit_get
 
-> Vec<models::ElevationResult> logs_get()
+> models::JitElevationLogPage log_jit_get(jit_elevation_log_query_options)
 
 
 ### Parameters
 
-This endpoint does not need any parameter.
+
+Name | Type | Description  | Required | Notes
+------------- | ------------- | ------------- | ------------- | -------------
+**jit_elevation_log_query_options** | [**JitElevationLogQueryOptions**](JitElevationLogQueryOptions.md) |  | [required] |
 
 ### Return type
 
-[**Vec<models::ElevationResult>**](ElevationResult.md)
+[**models::JitElevationLogPage**](JitElevationLogPage.md)
 
 ### Authorization
 
 No authorization required
 
 ### HTTP request headers
 
-- **Content-Type**: Not defined
+- **Content-Type**: application/json
 - **Accept**: application/json
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/AuthenticodeSignatureStatus.md

@@ -4,7 +4,7 @@
 
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**seconds** | **u64** |  | 
+**seconds** | **u64** | The number of seconds to elevate the user for.  This must be between 1 and `i32::MAX`. | 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/Certificate.md

@@ -1,11 +1,12 @@
-# Hash
+# JitElevationLogPage
 
 ## Properties
 
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**sha1** | **String** |  | 
-**sha256** | **String** |  | 
+**results** | [**Vec<models::JitElevationLogRow>**](JitElevationLogRow.md) |  | 
+**total_pages** | **u32** |  | 
+**total_records** | **u32** |  | 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 

crates/devolutions-pedm-shared/devolutions-pedm-client-http/docs/DefaultApi.md

@@ -0,0 +1,17 @@
+# JitElevationLogQueryOptions
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**end_time** | **i64** |  | 
+**page_number** | **u32** |  | 
+**page_size** | **u32** |  | 
+**sort_column** | **String** |  | 
+**sort_descending** | **bool** |  | 
+**start_time** | **i64** |  | 
+**user** | Option<[**models::User**](User.md)> |  | [optional]
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+