diff options
| author | Jamie Lennox <jamielennox@gmail.com> | 2016-06-27 10:46:50 +1000 |
|---|---|---|
| committer | Jamie Lennox <jamielennox@gmail.com> | 2016-06-27 12:15:26 +1000 |
| commit | bf80779ee0dbdacad71b78a88d83b8cfcf565350 (patch) | |
| tree | 21481837971702c56911c6e327d315c70a32498f | |
| parent | 515a990dce650497718a428ab25e0c9ff984855c (diff) | |
| download | keystonemiddleware-bf80779ee0dbdacad71b78a88d83b8cfcf565350.tar.gz | |
Refactor create_event onto the api object.
There are a number of methods on the api object that already handle
request specifics. Move the create_event method over to the api so that
it can be tested independantly of the middleware.
Change-Id: I60e524f1e03bfa4592756fc1da861b687ba2ee85
| -rw-r--r-- | keystonemiddleware/audit/__init__.py | 47 | ||||
| -rw-r--r-- | keystonemiddleware/audit/_api.py | 48 |
2 files changed, 51 insertions, 44 deletions
diff --git a/keystonemiddleware/audit/__init__.py b/keystonemiddleware/audit/__init__.py index 05dc4f1..546a55c 100644 --- a/keystonemiddleware/audit/__init__.py +++ b/keystonemiddleware/audit/__init__.py @@ -27,14 +27,9 @@ from oslo_config import cfg from oslo_context import context as oslo_context from pycadf import cadftaxonomy as taxonomy from pycadf import cadftype -from pycadf import credential -from pycadf import eventfactory as factory -from pycadf import host -from pycadf import identifier from pycadf import reason from pycadf import reporterstep from pycadf import resource -from pycadf import tag from pycadf import timestamp import webob.dec @@ -78,20 +73,6 @@ def _log_and_ignore_error(fn): return wrapper -class ClientResource(resource.Resource): - def __init__(self, project_id=None, **kwargs): - super(ClientResource, self).__init__(**kwargs) - if project_id is not None: - self.project_id = project_id - - -class KeystoneCredential(credential.Credential): - def __init__(self, identity_status=None, **kwargs): - super(KeystoneCredential, self).__init__(**kwargs) - if identity_status is not None: - self.identity_status = identity_status - - class AuditMiddleware(object): """Create an audit event based on request/response. @@ -117,31 +98,7 @@ class AuditMiddleware(object): self._notifier = _notifier.create_notifier(self._conf, _LOG) def _create_event(self, req): - correlation_id = identifier.generate_uuid() - action = self._cadf_audit.get_action(req) - - initiator = ClientResource( - typeURI=taxonomy.ACCOUNT_USER, - id=req.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), - name=req.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), - host=host.Host(address=req.client_addr, agent=req.user_agent), - credential=KeystoneCredential( - token=req.environ.get('HTTP_X_AUTH_TOKEN', ''), - identity_status=req.environ.get('HTTP_X_IDENTITY_STATUS', - taxonomy.UNKNOWN)), - project_id=req.environ.get('HTTP_X_PROJECT_ID', taxonomy.UNKNOWN)) - target = self._cadf_audit.get_target_resource(req) - - event = factory.EventFactory().new_event( - eventType=cadftype.EVENTTYPE_ACTIVITY, - outcome=taxonomy.OUTCOME_PENDING, - action=action, - initiator=initiator, - target=target, - observer=resource.Resource(id='target')) - event.requestPath = req.path_qs - event.add_tag(tag.generate_name_value_tag('correlation_id', - correlation_id)) + event = self._cadf_audit._create_event(req) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event @@ -232,3 +189,5 @@ Service = _api.Service AuditMap = _api.AuditMap PycadfAuditApiConfigError = _api.PycadfAuditApiConfigError OpenStackAuditApi = _api.OpenStackAuditApi +ClientResource = _api.ClientResource +KeystoneCredential = _api.KeystoneCredential diff --git a/keystonemiddleware/audit/_api.py b/keystonemiddleware/audit/_api.py index ddcff4e..87667e8 100644 --- a/keystonemiddleware/audit/_api.py +++ b/keystonemiddleware/audit/_api.py @@ -15,8 +15,14 @@ import collections import re from pycadf import cadftaxonomy as taxonomy +from pycadf import cadftype +from pycadf import credential from pycadf import endpoint +from pycadf import eventfactory as factory +from pycadf import host +from pycadf import identifier from pycadf import resource +from pycadf import tag import six from six.moves import configparser from six.moves.urllib import parse as urlparse @@ -52,6 +58,20 @@ class PycadfAuditApiConfigError(Exception): pass +class ClientResource(resource.Resource): + def __init__(self, project_id=None, **kwargs): + super(ClientResource, self).__init__(**kwargs) + if project_id is not None: + self.project_id = project_id + + +class KeystoneCredential(credential.Credential): + def __init__(self, identity_status=None, **kwargs): + super(KeystoneCredential, self).__init__(**kwargs) + if identity_status is not None: + self.identity_status = identity_status + + class OpenStackAuditApi(object): def __init__(self, cfg_file, log): @@ -261,3 +281,31 @@ class OpenStackAuditApi(object): if default_endpoint: service_info = self._get_service_info(default_endpoint) return self._build_target(req, service_info) + + def _create_event(self, req): + correlation_id = identifier.generate_uuid() + action = self.get_action(req) + + initiator = ClientResource( + typeURI=taxonomy.ACCOUNT_USER, + id=req.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), + name=req.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), + host=host.Host(address=req.client_addr, agent=req.user_agent), + credential=KeystoneCredential( + token=req.environ.get('HTTP_X_AUTH_TOKEN', ''), + identity_status=req.environ.get('HTTP_X_IDENTITY_STATUS', + taxonomy.UNKNOWN)), + project_id=req.environ.get('HTTP_X_PROJECT_ID', taxonomy.UNKNOWN)) + target = self.get_target_resource(req) + + event = factory.EventFactory().new_event( + eventType=cadftype.EVENTTYPE_ACTIVITY, + outcome=taxonomy.OUTCOME_PENDING, + action=action, + initiator=initiator, + target=target, + observer=resource.Resource(id='target')) + event.requestPath = req.path_qs + event.add_tag(tag.generate_name_value_tag('correlation_id', + correlation_id)) + return event |