开发者

Using Google's Audit API to monitor google apps email

问答 作者:

I need to get some admin users using google apps gmail the ability to monitor their employees email. Have you used Google's Audit API to do this.

I wish there there was a way for the admins to just click a view my users email but that doesn't be the case.

If it matters the application is a rails app. The email is completely done on googles mail through google apps. Anyone that has done this any advice would be helpful.

Update! 500 points for this one!

I'm using ruby on rails hosting an app on heroku. The email is completely hosted with google apps standard, not business so we will hav开发者_如何转开发e to upgrade, and the DNS is with zerigo which you already know if you use heroku.

Well, I hadn't planned on extending the gdata-ruby-util gem :), but here's some code that could be used for the Google Audit API based on Google's documentation. I only wrote a create_monitor_on method, but the rest are pretty easy to get.

Let me know if it works or needs any rewrites and I'll update it here:

    class Audit < GData::Client::Base

      attr_accessor :store_at

      def initialize(options = {})
        options[:clientlogin_service] ||= 'apps'
        options[:authsub_scope] ||= 'https://apps-apis.google.com/a/feeds/compliance/audit/' 
        super(options)
      end

      def create_monitor_on(email_address)
        user_name, domain_name = email_address.split('@')
        entry = <<-EOF
        <atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>
        <apps:property name='destUserName' value='#{@store_at}'/>
        <apps:property name='beginDate' value=''/>
        <apps:property name='endDate' value='2019-06-30 23:20'/>
        <apps:property name='incomingEmailMonitorLevel' value='FULL_MESSAGE'/>
        <apps:property name='outgoingEmailMonitorLevel' value='FULL_MESSAGE'/>
        <apps:property name='draftMonitorLevel' value='FULL_MESSAGE'/>
        <apps:property name='chatMonitorLevel' value='FULL_MESSAGE'/>
        </atom:entry>
        EOF

        return true if post('https://apps-apis.google.com/a/feeds/compliance/audit/mail/monitor/'+domain_name+'/'+user_name, entry).status_code == 201
        false
      end   
   end

Then use it elsewhere like this:

auditor = Audit.new
auditor.store_at = 'this-username'
auditor.clientlogin(username, password)
render :success if auditor.create_monitor_on('email-address@my-domain.com')

My suggestion is to create one core email address that all the email monitors are sent to, so your admins' inboxes aren't slammed with everyone else's mail. Then in your Rails app, use Net::IMAP to download the messages you want from that master email account. i.e., you can create a link that says "View Joe's Email" and the method does something like this:

require 'net/imap'

imap = Net::IMAP.new('imap.gmail.com', 993, true)
imap.login('this-username@my-domain.com', password)
imap.select('INBOX')

messages = []
imap.search(["TO", "joe@email.com").each do |msg_id|
  msg = imap.fetch(msg_id, "(UID RFC822.SIZE ENVELOPE BODY[TEXT])")[0]
  body = msg.attr["BODY[TEXT]"]
  env = imap.fetch(msg_id, "ENVELOPE")[0].attr["ENVELOPE"]
  messages << {:subject => env.subject, :from => env.from[0].name, :body => body }
end

imap.logout
imap.disconnect

Then you can put those messages in your view -- or send them all in one bulk email, or whatever you want to do.

继续阅读:google-email-audit-apimonitorruby-on-rails

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9