mirror of
https://dev.azure.com/schwarzit/schwarzit.stackit-public/_git/audit-go
synced 2026-02-07 16:47:24 +00:00
Do not return the operation name from AuditEventBuilder's build method
This commit is contained in:
Christian Schaible
parent
81dff7b29a
commit
c222e6f79a
3 changed files with 18 additions and 26 deletions
|
|
@ -11,6 +11,8 @@ import (
|
|||
"time"
|
||||
)
|
||||
|
||||
const quadZero = "0.0.0.0"
|
||||
|
||||
type SequenceNumber uint64
|
||||
|
||||
type AuditParameters struct {
|
||||
|
|
@ -86,7 +88,7 @@ func NewAuditLogEntryBuilder() *AuditLogEntryBuilder {
|
|||
},
|
||||
auditRequest: AuditRequest{
|
||||
Request: &ApiRequest{},
|
||||
RequestClientIP: "0.0.0.0",
|
||||
RequestClientIP: quadZero,
|
||||
RequestCorrelationId: nil,
|
||||
RequestId: nil,
|
||||
RequestTime: &requestTime,
|
||||
|
|
@ -123,7 +125,7 @@ func (builder *AuditLogEntryBuilder) AsSystemEvent() *AuditLogEntryBuilder {
|
|||
builder.auditRequest.Request.Header = map[string][]string{"user-agent": {"none"}}
|
||||
}
|
||||
if builder.auditRequest.Request.Host == "" {
|
||||
builder.auditRequest.Request.Host = "0.0.0.0"
|
||||
builder.auditRequest.Request.Host = quadZero
|
||||
}
|
||||
if builder.auditRequest.Request.Method == "" {
|
||||
builder.auditRequest.Request.Method = "OTHER"
|
||||
|
|
@ -138,7 +140,7 @@ func (builder *AuditLogEntryBuilder) AsSystemEvent() *AuditLogEntryBuilder {
|
|||
builder.auditRequest.Request.URL.Path = "none"
|
||||
}
|
||||
if builder.auditRequest.RequestClientIP == "" {
|
||||
builder.auditRequest.RequestClientIP = "0.0.0.0"
|
||||
builder.auditRequest.RequestClientIP = quadZero
|
||||
}
|
||||
builder.WithEventType(EventTypeSystemEvent)
|
||||
return builder
|
||||
|
|
@ -609,9 +611,9 @@ func (builder *AuditEventBuilder) IsBuilt() bool {
|
|||
// - The RoutableIdentifier required for routing the cloud event
|
||||
// - The operation name
|
||||
// - Error if the event cannot be built
|
||||
func (builder *AuditEventBuilder) Build(ctx context.Context, sequenceNumber SequenceNumber) (*CloudEvent, *RoutableIdentifier, string, error) {
|
||||
func (builder *AuditEventBuilder) Build(ctx context.Context, sequenceNumber SequenceNumber) (*CloudEvent, *RoutableIdentifier, error) {
|
||||
if builder.auditLogEntryBuilder == nil {
|
||||
return nil, nil, "", fmt.Errorf("audit log entry builder not set")
|
||||
return nil, nil, fmt.Errorf("audit log entry builder not set")
|
||||
}
|
||||
|
||||
objectId := builder.auditLogEntryBuilder.auditParams.ObjectId
|
||||
|
|
@ -633,7 +635,7 @@ func (builder *AuditEventBuilder) Build(ctx context.Context, sequenceNumber Sequ
|
|||
|
||||
auditLogEntry, err := builder.auditLogEntryBuilder.Build(ctx, sequenceNumber)
|
||||
if err != nil {
|
||||
return nil, nil, "", err
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
ctx, span := builder.tracer.Start(ctx, "create-audit-event")
|
||||
|
|
@ -643,7 +645,6 @@ func (builder *AuditEventBuilder) Build(ctx context.Context, sequenceNumber Sequ
|
|||
var traceParent = &w3cTraceParent
|
||||
var traceState *string = nil
|
||||
visibility := builder.visibility
|
||||
operation := auditLogEntry.ProtoPayload.OperationName
|
||||
|
||||
// Validate and serialize the protobuf event into a cloud event
|
||||
_, validateSerializeSpan := builder.tracer.Start(ctx, "validate-and-serialize-audit-event")
|
||||
|
|
@ -651,12 +652,11 @@ func (builder *AuditEventBuilder) Build(ctx context.Context, sequenceNumber Sequ
|
|||
validateSerializeSpan.End()
|
||||
|
||||
if err != nil {
|
||||
return nil, nil, "", err
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
builder.built = true
|
||||
return cloudEvent,
|
||||
routingIdentifier,
|
||||
operation,
|
||||
nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -521,14 +521,13 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
sequenceNumberGenerator := utils.NewDefaultSequenceNumberGenerator()
|
||||
tracer := otel.Tracer("test")
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
cloudEvent, routingIdentifier, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
Build(context.Background(), SequenceNumber(1))
|
||||
|
||||
assert.Error(t, err)
|
||||
assert.Equal(t, "object id missing", err.Error())
|
||||
assert.Nil(t, cloudEvent)
|
||||
assert.Nil(t, routingIdentifier)
|
||||
assert.Equal(t, "", op)
|
||||
})
|
||||
|
||||
t.Run("details missing", func(t *testing.T) {
|
||||
|
|
@ -536,7 +535,7 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
sequenceNumberGenerator := utils.NewDefaultSequenceNumberGenerator()
|
||||
tracer := otel.Tracer("test")
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
cloudEvent, routingIdentifier, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
WithRequiredObjectId("objectId").
|
||||
WithRequiredObjectType(ObjectTypeProject).
|
||||
Build(context.Background(), SequenceNumber(1))
|
||||
|
|
@ -545,7 +544,6 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
assert.Equal(t, "validation error:\n - log_name: value does not match regex pattern `^[a-z-]+/[a-z0-9-]+/logs/(?:admin-activity|system-event|policy-denied|data-access)$` [string.pattern]\n - proto_payload.operation_name: value is required [required]\n - proto_payload.resource_name: value does not match regex pattern `^[a-z]+/[a-z0-9-]+(?:/[a-z0-9-]+/[a-z0-9-_]+)*$` [string.pattern]\n - proto_payload.request_metadata.caller_supplied_user_agent: value is required [required]\n - proto_payload.request_metadata.request_attributes.method: value is required [required]\n - proto_payload.request_metadata.request_attributes.headers: value is required [required]\n - proto_payload.request_metadata.request_attributes.path: value is required [required]\n - proto_payload.request_metadata.request_attributes.host: value is required [required]\n - proto_payload.request_metadata.request_attributes.scheme: value is required [required]\n - proto_payload.request_metadata.request_attributes.protocol: value is required [required]", err.Error())
|
||||
assert.Nil(t, cloudEvent)
|
||||
assert.Nil(t, routingIdentifier)
|
||||
assert.Equal(t, "", op)
|
||||
})
|
||||
|
||||
t.Run("required only", func(t *testing.T) {
|
||||
|
|
@ -575,12 +573,11 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
|
||||
routableIdentifier := RoutableIdentifier{Identifier: objectId, Type: ObjectTypeProject}
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
cloudEvent, routingIdentifier, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, builder.IsBuilt())
|
||||
|
||||
assert.Equal(t, &routableIdentifier, routingIdentifier)
|
||||
assert.Equal(t, operation, op)
|
||||
|
||||
assert.NotNil(t, cloudEvent)
|
||||
assert.Equal(t, "application/cloudevents+protobuf", cloudEvent.DataContentType)
|
||||
|
|
@ -726,12 +723,11 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
|
||||
routableIdentifier := RoutableIdentifier{Identifier: objectId, Type: ObjectTypeProject}
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
cloudEvent, routingIdentifier, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, builder.IsBuilt())
|
||||
|
||||
assert.Equal(t, &routableIdentifier, routingIdentifier)
|
||||
assert.Equal(t, operation, op)
|
||||
|
||||
assert.NotNil(t, cloudEvent)
|
||||
assert.Equal(t, "application/cloudevents+protobuf", cloudEvent.DataContentType)
|
||||
|
|
@ -847,13 +843,12 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
WithRequiredOperation(operation).
|
||||
AsSystemEvent()
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
cloudEvent, routingIdentifier, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, builder.IsBuilt())
|
||||
|
||||
assert.Equal(t, SystemIdentifier.Identifier, routingIdentifier.ToObjectIdentifier().Identifier)
|
||||
assert.Equal(t, SystemIdentifier.Type, routingIdentifier.ToObjectIdentifier().Type)
|
||||
assert.Equal(t, operation, op)
|
||||
|
||||
assert.NotNil(t, cloudEvent)
|
||||
assert.Equal(t, "application/cloudevents+protobuf", cloudEvent.DataContentType)
|
||||
|
|
@ -960,13 +955,12 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
WithRequiredOperation(operation).
|
||||
AsSystemEvent()
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
cloudEvent, routingIdentifier, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, builder.IsBuilt())
|
||||
|
||||
assert.Equal(t, SystemIdentifier.Identifier, routingIdentifier.ToObjectIdentifier().Identifier)
|
||||
assert.Equal(t, SystemIdentifier.Type, routingIdentifier.ToObjectIdentifier().Type)
|
||||
assert.Equal(t, operation, op)
|
||||
|
||||
assert.NotNil(t, cloudEvent)
|
||||
assert.Equal(t, "application/cloudevents+protobuf", cloudEvent.DataContentType)
|
||||
|
|
@ -1111,12 +1105,11 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
|
||||
routableIdentifier := RoutableIdentifier{Identifier: objectId, Type: ObjectTypeProject}
|
||||
|
||||
cloudEvent, routingIdentifier, op, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
cloudEvent, routingIdentifier, err := builder.Build(context.Background(), SequenceNumber(1))
|
||||
assert.NoError(t, err)
|
||||
assert.True(t, builder.IsBuilt())
|
||||
|
||||
assert.Equal(t, &routableIdentifier, routingIdentifier)
|
||||
assert.Equal(t, operation, op)
|
||||
assert.NotNil(t, cloudEvent)
|
||||
|
||||
var routableAuditEvent auditV1.RoutableAuditEvent
|
||||
|
|
@ -1143,13 +1136,12 @@ func Test_AuditEventBuilder(t *testing.T) {
|
|||
sequenceNumberGenerator := utils.NewDefaultSequenceNumberGenerator()
|
||||
tracer := otel.Tracer("test")
|
||||
|
||||
cloudEvent, routingIdentifier, operation, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
cloudEvent, routingIdentifier, err := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", "worker-id", "eu01").
|
||||
WithAuditLogEntryBuilder(nil).Build(context.Background(), SequenceNumber(1))
|
||||
|
||||
assert.EqualError(t, err, "audit log entry builder not set")
|
||||
assert.Nil(t, cloudEvent)
|
||||
assert.Nil(t, routingIdentifier)
|
||||
assert.Equal(t, "", operation)
|
||||
})
|
||||
|
||||
t.Run("next sequence number", func(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ func Test_LogEvent(t *testing.T) {
|
|||
t.Run("new format", func(t *testing.T) {
|
||||
eventBuilder := NewAuditEventBuilder(api, sequenceNumberGenerator, tracer, "demo-service", uuid.NewString(), "eu01")
|
||||
|
||||
cloudEvent, _, _, err := eventBuilder.
|
||||
cloudEvent, _, err := eventBuilder.
|
||||
WithRequiredApiRequest(ApiRequest{
|
||||
Body: nil,
|
||||
Header: map[string][]string{"user-agent": {"custom"}, "authorization": {"Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjFlOGJlZjc1LWRmY2QtNGE3My1hMzkxLTU0YTdhZjU3YTdkNiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3RhY2tpdC1wb3J0YWwtbG9naW4tZGV2LWNsaWVudC1pZCJdLCJjbGllbnRfaWQiOiJzdGFja2l0LXBvcnRhbC1sb2dpbi1kZXYtY2xpZW50LWlkIiwiZW1haWwiOiJDaHJpc3RpYW4uU2NoYWlibGVAbm92YXRlYy1nbWJoLmRlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImV4cCI6MTcyMjU5MDM2NywiaWF0IjoxNzIyNTg2NzY3LCJpc3MiOiJodHRwczovL2FjY291bnRzLmRldi5zdGFja2l0LmNsb3VkIiwianRpIjoiZDczYTY3YWMtZDFlYy00YjU1LTk5ZDQtZTk1MzI3NWYwMjJhIiwibmJmIjoxNzIyNTg2NzY3LCJzY29wZSI6Im9wZW5pZCBlbWFpbCIsInN1YiI6ImNkOTRmMDFhLWRmMmUtNDQ1Ni05MDJlLTQ4ZjVlNTdmMGI2MyJ9.ajhjYbC5l5g7un9NSheoAwBT83YcZM91rH4DJxPTDsB78HzIVrmaKTPrK3AI_E1THlD2Z3_ot9nFr_eX7XcwWp_ZBlataKmakdXlAmeb4xSMGNYefIfzV_3w9ZZAZ66yoeTrtn8dUx5ezquenCYpctB1NcccmK4U09V0kNcq9dFcfF3Sg9YilF3orUCR0ql1d9RnOs3EiFZuUpdBEkyoVsAdSh2P-PRbNViR_FgCcAJem97TsN5CQc9RlvKYe4sYKgqQoqa2GDVi9Niiw3fe1V8SCnROYcpkOzBBWdvuzFMBUjln3uOogYVOz93xkmImV6jidgyQ70fLt-eDUmZZfg"}},
|
||||
|
|
|
|||
Loading…
Reference in a new issue