diff options
author | Takashi Kajinami <tkajinam@redhat.com> | 2022-04-15 23:47:33 +0900 |
---|---|---|
committer | Takashi Kajinami <tkajinam@redhat.com> | 2022-04-19 17:08:58 +0900 |
commit | 7ed065f38df0595881d07eb91cec9e5c07cb38be (patch) | |
tree | 282c0d7d70c343178e8c2eeba8b8b305fef4e7af | |
parent | f31946fd8925887ae026e99a504866339c1806de (diff) | |
download | oslo-log-7ed065f38df0595881d07eb91cec9e5c07cb38be.tar.gz |
Add system scope information to default user identity string
As part of Secure RBAC work, support for system users(eg. system admin)
is being added. However current default format does not include
the system scope information so we can't determine whether the context
is non-scoped or system-scoped.
This change updates the default logging_user_identity_format so that
system scope is logged by default.
Change-Id: I7982cdb280599fb38362eb837cb527592267b91f
-rw-r--r-- | oslo_log/_options.py | 4 | ||||
-rw-r--r-- | oslo_log/tests/unit/test_log.py | 14 | ||||
-rw-r--r-- | releasenotes/notes/add-system_scope-to-logging_user_identity_format-0581ce5070740375.yaml | 5 | ||||
-rw-r--r-- | requirements.txt | 2 |
4 files changed, 18 insertions, 7 deletions
diff --git a/oslo_log/_options.py b/oslo_log/_options.py index 141c0d4..ce47c86 100644 --- a/oslo_log/_options.py +++ b/oslo_log/_options.py @@ -167,8 +167,8 @@ log_opts = [ help='Prefix each line of exception output with this format. ' 'Used by oslo_log.formatters.ContextFormatter'), cfg.StrOpt('logging_user_identity_format', - default='%(user)s %(project)s ' - '%(domain)s %(user_domain)s %(project_domain)s', + default='%(user)s %(project)s %(domain)s %(system_scope)s ' + '%(user_domain)s %(project_domain)s', help='Defines the format string for %(user_identity)s that ' 'is used in logging_context_format_string. ' 'Used by oslo_log.formatters.ContextFormatter'), diff --git a/oslo_log/tests/unit/test_log.py b/oslo_log/tests/unit/test_log.py index 2159315..041d5cf 100644 --- a/oslo_log/tests/unit/test_log.py +++ b/oslo_log/tests/unit/test_log.py @@ -71,6 +71,7 @@ handlers= def _fake_context(): ctxt = context.RequestContext(user_id="myuser", user_name="myuser", + system_scope="myscope", domain="mydomain", project_id="mytenant", project_name="mytenant", @@ -957,9 +958,9 @@ class ContextFormatterTestCase(LogTestBase): ctxt.request_id = '99' message = 'test' self.log.info(message, context=ctxt) - expected = ("HAS CONTEXT [%s %s %s %s %s %s]: %s\n" % + expected = ("HAS CONTEXT [%s %s %s %s %s %s %s]: %s\n" % (ctxt.request_id, ctxt.user, ctxt.project_id, ctxt.domain, - ctxt.user_domain, ctxt.project_domain, + ctxt.system_scope, ctxt.user_domain, ctxt.project_domain, str(message))) self.assertEqual(expected, self.stream.getvalue()) @@ -1254,7 +1255,11 @@ class DomainTestCase(LogTestBase): super(DomainTestCase, self).setUp() self.config(logging_context_format_string="[%(request_id)s]: " "%(user_identity)s " - "%(message)s") + "%(message)s", + logging_user_identity_format="%(user)s %(project)s " + "%(user_domain)s " + "%(project_domain)s " + "%(domain)s") self.mylog = log.getLogger() self._add_handler_with_cleanup(self.mylog) self._set_log_level_with_cleanup(self.mylog, logging.DEBUG) @@ -1273,7 +1278,8 @@ class DomainTestCase(LogTestBase): def test_domain_in_log_msg(self): ctxt = _fake_context() - user_identity = ctxt.get_logging_values()['user_identity'] + user_identity = (self.CONF.logging_user_identity_format % + ctxt.get_logging_values()) self.assertIn(ctxt.domain, user_identity) self.assertIn(ctxt.project_domain, user_identity) self.assertIn(ctxt.user_domain, user_identity) diff --git a/releasenotes/notes/add-system_scope-to-logging_user_identity_format-0581ce5070740375.yaml b/releasenotes/notes/add-system_scope-to-logging_user_identity_format-0581ce5070740375.yaml new file mode 100644 index 0000000..dfde314 --- /dev/null +++ b/releasenotes/notes/add-system_scope-to-logging_user_identity_format-0581ce5070740375.yaml @@ -0,0 +1,5 @@ +--- +upgrade: + - | + Default value of the ``[DEFAULT] logging_user_identity_format`` option has + been updated and now includes system scope information by default. diff --git a/requirements.txt b/requirements.txt index 04331e4..a5626e8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ pbr>=3.1.1 # Apache-2.0 oslo.config>=5.2.0 # Apache-2.0 -oslo.context>=2.20.0 # Apache-2.0 +oslo.context>=2.21.0 # Apache-2.0 oslo.i18n>=3.20.0 # Apache-2.0 oslo.utils>=3.36.0 # Apache-2.0 oslo.serialization>=2.25.0 # Apache-2.0 |