feat(cli): new open event command (#197)

Users can now use this new command to do further investigation on an
event:
```
$ lacework event open 123
```

Additionally, we now display a URL at the end of the command:
```
$ lacework event show 123

  ...

For further investigation of this event navigate to https://account.lacework.net/ui/investigation/recents/EventDossier-123
```

Closes #194

Signed-off-by: Salim Afiune Maya <[email protected]>

Author: afiune

cli/cmd/event.go

@@ -20,7 +20,10 @@ package cmd
 
 import (
 	"fmt"
+	"os/exec"
+	"runtime"
 	"sort"
+	"strconv"
 	"strings"
 	"time"
 
@@ -175,6 +178,46 @@ For example, to list all events from the last day with severity medium and above
 				cli.OutputHuman("\n")
 				cli.OutputHuman(entityTable)
 			}
+
+			cli.OutputHuman(
+				"\nFor further investigation of this event navigate to %s\n",
+				eventLinkBuilder(args[0]),
+			)
+			return nil
+		},
+	}
+
+	// eventOpenCmd represents the open sub-command inside the event command
+	eventOpenCmd = &cobra.Command{
+		Use:   "open <event_id>",
+		Short: "open a specified event in a web browser",
+		Long:  "Open a specified event in a web browser.",
+		Args:  cobra.ExactArgs(1),
+		RunE: func(_ *cobra.Command, args []string) error {
+			// Event IDs should be only numeric values
+			if _, err := strconv.Atoi(args[0]); err != nil {
+				return errors.Errorf("invalid event id %s. Event id should be a numeric value", args[0])
+			}
+
+			var (
+				err error
+				url = eventLinkBuilder(args[0])
+			)
+
+			switch runtime.GOOS {
+			case "linux":
+				err = exec.Command("xdg-open", url).Start()
+			case "windows":
+				err = exec.Command("rundll32", "url.dll,FileProtocolHandler", url).Start()
+			case "darwin":
+				err = exec.Command("open", url).Start()
+			default:
+				err = fmt.Errorf("unsupported platform\n\nNavigate to %s", url)
+			}
+			if err != nil {
+				return errors.Wrap(err, "unable to open web browser")
+			}
+
 			return nil
 		},
 	}
@@ -209,6 +252,13 @@ func init() {
 	)
 
 	eventCmd.AddCommand(eventShowCmd)
+	eventCmd.AddCommand(eventOpenCmd)
+}
+
+// Generates a URL similar to:
+//   => https://account.lacework.net/ui/investigate/recents/EventDossier-123
+func eventLinkBuilder(id string) string {
+	return fmt.Sprintf("https://%s.lacework.net/ui/investigation/recents/EventDossier-%s", cli.Account, id)
 }
 
 func eventsToTableReport(events []api.Event) string {

integration/event_test.go

@@ -58,11 +58,11 @@ func TestEventCommandList(t *testing.T) {
 		"EXITCODE is not the expected one")
 }
 
-func TestEventCommandListDays(t *testing.T) {
+func TestEventCommandList3Days(t *testing.T) {
 	// @afiune could we find a way to generate a consistent event? but if we do
 	// wouldn't the ML learn it and then become a known behavior? uhmmm
 	// for now we will just check that we have the headers :wink:
-	out, err, exitcode := LaceworkCLIWithTOMLConfig("event", "list", "--days", "1")
+	out, err, exitcode := LaceworkCLIWithTOMLConfig("event", "list", "--days", "3")
 	assert.Contains(t, out.String(), "EVENT ID",
 		"STDOUT table headers changed, please check")
 	assert.Contains(t, out.String(), "TYPE",
@@ -94,7 +94,7 @@ func TestEventCommandListSeverityError(t *testing.T) {
 func TestEventCommandListTimeRange(t *testing.T) {
 	var (
 		now  = time.Now().UTC()
-		from = now.AddDate(0, 0, -1) // 1 days from now
+		from = now.AddDate(0, 0, -2) // 2 days from now
 	)
 
 	out, err, exitcode := LaceworkCLIWithTOMLConfig("event", "list", "--start", from.Format(time.RFC3339), "--end", now.Format(time.RFC3339))
@@ -114,3 +114,15 @@ func TestEventCommandListTimeRange(t *testing.T) {
 	assert.Equal(t, 0, exitcode,
 		"EXITCODE is not the expected one")
 }
+
+func TestEventCommandOpenError(t *testing.T) {
+	out, err, exitcode := LaceworkCLIWithTOMLConfig("event", "open", "123abc")
+	assert.Contains(t, err.String(),
+		"ERROR invalid event id 123abc. Event id should be a numeric value",
+		"STDERR the error message changed, update")
+	assert.Empty(t,
+		out.String(),
+		"STDOUT should be empty")
+	assert.Equal(t, 1, exitcode,
+		"EXITCODE is not the expected one")
+}