diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2019-06-18 18:02:36 -0500 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2019-07-02 10:54:46 -0500 |
commit | da8cb8678c9072eb7db89288334c223f2e72162e (patch) | |
tree | 6fb1eb98cb488fe6c52b6268f8baf8462bfe872b | |
parent | 5de53c55654dc2e37d4fe51321f2ae55cb24dff7 (diff) | |
download | gitlab-ce-62756-include-user-info-in-access-logs.tar.gz |
Include username in auth log62756-include-user-info-in-access-logs
Fetches user based on the value of 'rack.attack.match_discriminator'
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62756
-rw-r--r-- | config/initializers/rack_attack_logging.rb | 12 | ||||
-rw-r--r-- | spec/requests/rack_attack_global_spec.rb | 41 |
2 files changed, 49 insertions, 4 deletions
diff --git a/config/initializers/rack_attack_logging.rb b/config/initializers/rack_attack_logging.rb index 2a3fdc8de5f..f02e33b8a11 100644 --- a/config/initializers/rack_attack_logging.rb +++ b/config/initializers/rack_attack_logging.rb @@ -4,12 +4,20 @@ ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req| if [:throttle, :blacklist].include? req.env['rack.attack.match_type'] - Gitlab::AuthLogger.error( + rack_attack_info = { message: 'Rack_Attack', env: req.env['rack.attack.match_type'], ip: req.ip, request_method: req.request_method, fullpath: req.fullpath - ) + } + + if req.env['rack.attack.matched'] != 'throttle_unauthenticated' + user = User.find_by(id: req.env['rack.attack.match_discriminator']) + + rack_attack_info[:username] = user.username unless user.nil? + end + + Gitlab::AuthLogger.error(rack_attack_info) end end diff --git a/spec/requests/rack_attack_global_spec.rb b/spec/requests/rack_attack_global_spec.rb index 89adbc77a7f..133da1376cb 100644 --- a/spec/requests/rack_attack_global_spec.rb +++ b/spec/requests/rack_attack_global_spec.rb @@ -102,6 +102,26 @@ describe 'Rack Attack global throttles' do expect_rejection { get(*get_args) } end + + it 'logs RackAttack info into structured logs' do + requests_per_period.times do + get(*get_args) + expect(response).to have_http_status 200 + end + + arguments = { + message: 'Rack_Attack', + env: :throttle, + ip: '127.0.0.1', + request_method: 'GET', + fullpath: get_args.first, + username: user.username + } + + expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once + + expect_rejection { get(*get_args) } + end end context 'when the throttle is disabled' do @@ -189,7 +209,15 @@ describe 'Rack Attack global throttles' do expect(response).to have_http_status 200 end - expect(Gitlab::AuthLogger).to receive(:error).once + arguments = { + message: 'Rack_Attack', + env: :throttle, + ip: '127.0.0.1', + request_method: 'GET', + fullpath: '/users/sign_in' + } + + expect(Gitlab::AuthLogger).to receive(:error).with(arguments) get url_that_does_not_require_authentication end @@ -345,7 +373,16 @@ describe 'Rack Attack global throttles' do expect(response).to have_http_status 200 end - expect(Gitlab::AuthLogger).to receive(:error).once + arguments = { + message: 'Rack_Attack', + env: :throttle, + ip: '127.0.0.1', + request_method: 'GET', + fullpath: '/dashboard/snippets', + username: user.username + } + + expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once get url_that_requires_authentication end |