def process_response(self, request, response):
try:
audit_logger = get_audit_logger()
audit_logger.debug(
JsonMessage(
**{
datetime.utcnow().strftime('%s'): {
'user':
request.user.username
if hasattr(request, 'user') else 'anonymous',
"status":
response.status_code,
"impersonator":
None,
"ip_address":
request.META.get('REMOTE_ADDR'),
"authorization_failure":
response.status_code == 401,
"service":
get_app_name(request),
"url":
request.path,
}
}))
response['audited'] = True
except Exception, e:
LOG.error('Could not audit the request: %s' % e)
def process_response(self, request, response):
try:
audit_logger = get_audit_logger()
audit_logger.debug(
JsonMessage(
**{
datetime.utcnow().strftime('%s'): {
'user':
request.user.username
if hasattr(request, 'user') else 'anonymous',
"status":
response.status_code,
"impersonator":
None,
"ip_address":
request.META.get('REMOTE_ADDR'),
"authorization_failure":
response.status_code == 401,
"service":
get_app_name(request),
"url":
request.path,
}
}))
response['audited'] = True
except Exception, e:
LOG.error('Could not audit the request: %s' % e)
def _log_message(self, operation, request, response=None):
audit_logger = get_audit_logger()
audit_logger.debug(JsonMessage(**{
'username': self._get_username(operation, request),
'impersonator': self.impersonator,
'ipAddress': self._get_client_ip(request),
'operation': operation,
'eventTime': self._milliseconds_since_epoch(),
'allowed': self._get_allowed(operation, request, response),
'service': get_app_name(request),
'url': request.path
}))
def _log_message(self, request, response=None):
audit_logger = get_audit_logger()
audit_logger.debug(
JsonMessage(
**{
"username": self._get_username(request),
"impersonator": self.impersonator,
"ipAddress": self._get_client_ip(request),
"operation": request.audit["operation"],
"operationText": request.audit.get("operationText", ""),
"eventTime": self._milliseconds_since_epoch(),
"allowed": self._get_allowed(request, response),
"service": get_app_name(request),
"url": request.path,
}
)
)
def _log_message(self, operation, request, response=None):
audit_logger = get_audit_logger()
allowed = True
status = 200
if response is not None:
allowed = response.status_code != 401
status = response.status_code
audit_logger.debug(JsonMessage(**{
'username': self._get_username(request),
'impersonator': self.impersonator,
'ipAddress': self._get_client_ip(request),
'operation': operation,
'eventTime': self._milliseconds_since_epoch(),
'allowed': allowed,
'statusCode': status,
'service': get_app_name(request),
'url': request.path
}))
def test_one_audit():
log_tmp = tempfile.NamedTemporaryFile("w+t")
# KB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25KB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 1, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
# MB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25MB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 2, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
# GB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25GB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 3, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
def test_one_audit():
with tempfile.NamedTemporaryFile("w+t") as log_tmp:
# KB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp.name),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25KB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 1, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
# MB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp.name),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25MB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 2, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
# GB
reset = [
AUDIT_EVENT_LOG_DIR.set_for_testing(log_tmp.name),
AUDIT_LOG_MAX_FILE_SIZE.set_for_testing('25GB')
]
audit_logger = get_audit_logger()
audit_handler = audit_logger.handlers[0]
assert_equal(25 * 1024 ** 3, audit_handler.maxBytes)
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers)
assert_true(isinstance(audit_handler, AuditHandler), audit_logger.handlers)
audit_logger = get_audit_logger()
assert_equal(len(audit_logger.handlers), 1, audit_logger.handlers) # Not adding handler twice
# Cleanup
audit_logger.removeHandler(audit_handler)
for r in reset:
r()
