mirror of
https://dev.azure.com/schwarzit/schwarzit.stackit-public/_git/audit-go
synced 2026-02-08 00:57:24 +00:00
111 lines
3.2 KiB
Go
111 lines
3.2 KiB
Go
package api
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"google.golang.org/protobuf/proto"
|
|
|
|
auditV1 "dev.azure.com/schwarzit/schwarzit.stackit-public/audit-go.git/gen/go/audit/v1"
|
|
|
|
"github.com/bufbuild/protovalidate-go"
|
|
)
|
|
|
|
// MockAuditApi is an implementation of AuditApi that does nothing and has no dependency to external systems.
|
|
type MockAuditApi struct {
|
|
validator *ProtobufValidator
|
|
}
|
|
|
|
func NewMockAuditApi() (*AuditApi, error) {
|
|
validator, err := protovalidate.New()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var protobufValidator ProtobufValidator = validator
|
|
var auditApi AuditApi = &MockAuditApi{validator: &protobufValidator}
|
|
return &auditApi, nil
|
|
}
|
|
|
|
// Log implements AuditApi.Log.
|
|
// Validates and serializes the event but doesn't send it.
|
|
func (a *MockAuditApi) Log(
|
|
ctx context.Context,
|
|
event *auditV1.AuditLogEntry,
|
|
visibility auditV1.Visibility,
|
|
routableIdentifier *RoutableIdentifier,
|
|
) error {
|
|
|
|
return a.LogWithTrace(ctx, event, visibility, routableIdentifier, nil, nil)
|
|
}
|
|
|
|
// LogWithTrace implements AuditApi.LogWithTrace.
|
|
// Validates and serializes the event but doesn't send it.
|
|
func (a *MockAuditApi) LogWithTrace(
|
|
_ context.Context,
|
|
event *auditV1.AuditLogEntry,
|
|
visibility auditV1.Visibility,
|
|
routableIdentifier *RoutableIdentifier,
|
|
traceParent *string,
|
|
traceState *string,
|
|
) error {
|
|
|
|
_, err := a.ValidateAndSerializeWithTrace(event, visibility, routableIdentifier, traceParent, traceState)
|
|
return err
|
|
}
|
|
|
|
// ValidateAndSerialize implements AuditApi.ValidateAndSerialize
|
|
func (a *MockAuditApi) ValidateAndSerialize(
|
|
event *auditV1.AuditLogEntry,
|
|
visibility auditV1.Visibility,
|
|
routableIdentifier *RoutableIdentifier,
|
|
) (*CloudEvent, error) {
|
|
|
|
return a.ValidateAndSerializeWithTrace(event, visibility, routableIdentifier, nil, nil)
|
|
}
|
|
|
|
// ValidateAndSerializeWithTrace implements AuditApi.ValidateAndSerializeWithTrace
|
|
func (a *MockAuditApi) ValidateAndSerializeWithTrace(
|
|
event *auditV1.AuditLogEntry,
|
|
visibility auditV1.Visibility,
|
|
routableIdentifier *RoutableIdentifier,
|
|
traceParent *string,
|
|
traceState *string,
|
|
) (*CloudEvent, error) {
|
|
|
|
routableEvent, err := validateAndSerializePartially(a.validator, event, visibility, routableIdentifier)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Reject event type data-access as the downstream services
|
|
// cannot handle it at the moment
|
|
if strings.HasSuffix(event.LogName, string(EventTypeDataAccess)) {
|
|
return nil, ErrUnsupportedEventTypeDataAccess
|
|
}
|
|
|
|
routableEventBytes, err := proto.Marshal(routableEvent)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
message := CloudEvent{
|
|
SpecVersion: "1.0",
|
|
Source: event.ProtoPayload.ServiceName,
|
|
Id: event.InsertId,
|
|
Time: event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(),
|
|
DataContentType: "application/cloudevents+protobuf",
|
|
DataType: fmt.Sprintf("%v", routableEvent.ProtoReflect().Descriptor().FullName()),
|
|
Subject: event.ProtoPayload.ResourceName,
|
|
Data: routableEventBytes,
|
|
TraceParent: traceParent,
|
|
TraceState: traceState,
|
|
}
|
|
|
|
return &message, nil
|
|
}
|
|
|
|
// Send implements AuditApi.Send
|
|
func (a *MockAuditApi) Send(context.Context, *RoutableIdentifier, *CloudEvent) error {
|
|
return nil
|
|
}
|