def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self._cadf_audit.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target = self._cadf_audit.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event
def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self._cadf_audit.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target = self._cadf_audit.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event
def test_missing_catalog_endpoint_id(self): env_headers = { 'HTTP_X_SERVICE_CATALOG': '''[{"endpoints_links": [], "endpoints": [{"adminURL": "http://admin_host:8774", "region": "RegionOne", "publicURL": "http://public_host:8774", "internalURL": "http://internal_host:8774"}], "type": "compute", "name": "nova"},]''', 'HTTP_X_USER_ID': 'user_id', 'HTTP_X_USER_NAME': 'user_name', 'HTTP_X_AUTH_TOKEN': 'token', 'HTTP_X_PROJECT_ID': 'tenant_id', 'HTTP_X_IDENTITY_STATUS': 'Confirmed', 'REQUEST_METHOD': 'GET' } req = webob.Request.blank('http://admin_host:8774/v2/' + str(uuid.uuid4()) + '/servers', environ=env_headers) self.middleware._process_request(req) payload = req.environ['cadf_event'].as_dict() self.assertEqual(payload['target']['id'], identifier.norm_ns('nova'))
def _get_service_info(self, endp): service = self.Service( type=self._MAP.service_endpoints.get(endp['type'], taxonomy.UNKNOWN), name=endp['name'], id=identifier.norm_ns(endp['endpoints'][0]['id']), admin_endp=endpoint.Endpoint(name='admin', url=endp['endpoints'][0]['adminURL']), private_endp=endpoint.Endpoint( name='private', url=endp['endpoints'][0]['internalURL']), public_endp=endpoint.Endpoint( name='public', url=endp['endpoints'][0]['publicURL'])) return service
def _get_service_info(self, endp): service = self.Service( type=self._MAP.service_endpoints.get( endp['type'], taxonomy.UNKNOWN), name=endp['name'], id=identifier.norm_ns(endp['endpoints'][0]['id']), admin_endp=endpoint.Endpoint( name='admin', url=endp['endpoints'][0]['adminURL']), private_endp=endpoint.Endpoint( name='private', url=endp['endpoints'][0]['internalURL']), public_endp=endpoint.Endpoint( name='public', url=endp['endpoints'][0]['publicURL'])) return service
def _get_service_info(self, endp): # NOTE(stevemar): The catalog returned by X-Service-Catalog # does not include IDs for endpoints, use the service name # as a backup. endpoint_id = endp['endpoints'][0].get('id', endp['name']) service = self.Service( type=self._MAP.service_endpoints.get( endp['type'], taxonomy.UNKNOWN), name=endp['name'], id=identifier.norm_ns(endpoint_id), admin_endp=endpoint.Endpoint( name='admin', url=endp['endpoints'][0]['adminURL']), private_endp=endpoint.Endpoint( name='private', url=endp['endpoints'][0]['internalURL']), public_endp=endpoint.Endpoint( name='public', url=endp['endpoints'][0]['publicURL'])) return service
def test_missing_catalog_endpoint_id(self): env_headers = { "HTTP_X_SERVICE_CATALOG": """[{"endpoints_links": [], "endpoints": [{"adminURL": "http://admin_host:8774", "region": "RegionOne", "publicURL": "http://public_host:8774", "internalURL": "http://internal_host:8774"}], "type": "compute", "name": "nova"},]""", "HTTP_X_USER_ID": "user_id", "HTTP_X_USER_NAME": "user_name", "HTTP_X_AUTH_TOKEN": "token", "HTTP_X_PROJECT_ID": "tenant_id", "HTTP_X_IDENTITY_STATUS": "Confirmed", "REQUEST_METHOD": "GET", } req = webob.Request.blank("http://admin_host:8774/v2/" + str(uuid.uuid4()) + "/servers", environ=env_headers) self.middleware._process_request(req) payload = req.environ["cadf_event"].as_dict() self.assertEqual(payload["target"]["id"], identifier.norm_ns("nova"))
def test_missing_catalog_endpoint_id(self): env_headers = {'HTTP_X_SERVICE_CATALOG': '''[{"endpoints_links": [], "endpoints": [{"adminURL": "http://admin_host:8774", "region": "RegionOne", "publicURL": "http://public_host:8774", "internalURL": "http://internal_host:8774"}], "type": "compute", "name": "nova"},]''', 'HTTP_X_USER_ID': 'user_id', 'HTTP_X_USER_NAME': 'user_name', 'HTTP_X_AUTH_TOKEN': 'token', 'HTTP_X_PROJECT_ID': 'tenant_id', 'HTTP_X_IDENTITY_STATUS': 'Confirmed', 'REQUEST_METHOD': 'GET'} req = webob.Request.blank('http://admin_host:8774/v2/' + str(uuid.uuid4()) + '/servers', environ=env_headers) self.middleware._process_request(req) payload = req.environ['cadf_event'].as_dict() self.assertEqual(payload['target']['id'], identifier.norm_ns('nova'))
def create_event(self, req, correlation_id): if not self._MAP: self._MAP = _configure_audit_map() action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) service_info = self.Service(type=taxonomy.UNKNOWN, name=taxonomy.UNKNOWN, id=taxonomy.UNKNOWN, admin_endp=None, private_endp=None, public_endp=None) default_endpoint = None for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_info = self._get_service_info(endp) break elif (self._MAP.default_target_endpoint_type and endp['type'] == self._MAP.default_target_endpoint_type): default_endpoint = endp else: if default_endpoint: service_info = self._get_service_info(default_endpoint) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target_typeURI = (self._build_typeURI(req, service_info.type) if service_info.type != taxonomy.UNKNOWN else service_info.type) target = resource.Resource(typeURI=target_typeURI, id=service_info.id, name=service_info.name) if service_info.admin_endp: target.add_address(service_info.admin_endp) if service_info.private_endp: target.add_address(service_info.private_endp) if service_info.public_endp: target.add_address(service_info.public_endp) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def create_event(self, req, correlation_id): action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) service_info = self.Service(type=taxonomy.UNKNOWN, name=taxonomy.UNKNOWN, id=taxonomy.UNKNOWN, admin_endp=None, private_endp=None, public_endp=None) default_endpoint = None for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_info = self._get_service_info(endp) break elif (self._MAP.default_target_endpoint_type and endp['type'] == self._MAP.default_target_endpoint_type): default_endpoint = endp else: if default_endpoint: service_info = self._get_service_info(default_endpoint) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target_typeURI = (self._build_typeURI(req, service_info.type) if service_info.type != taxonomy.UNKNOWN else service_info.type) target = resource.Resource(typeURI=target_typeURI, id=service_info.id, name=service_info.name) if service_info.admin_endp: target.add_address(service_info.admin_endp) if service_info.private_endp: target.add_address(service_info.private_endp) if service_info.public_endp: target.add_address(service_info.public_endp) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) return event