def _create_event(self, req):
correlation_id = identifier.generate_uuid()
action = self._cadf_audit.get_action(req)
initiator = ClientResource(
typeURI=taxonomy.ACCOUNT_USER,
id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])),
name=req.environ['HTTP_X_USER_NAME'],
host=host.Host(address=req.client_addr, agent=req.user_agent),
credential=KeystoneCredential(
token=req.environ['HTTP_X_AUTH_TOKEN'],
identity_status=req.environ['HTTP_X_IDENTITY_STATUS']),
project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID']))
target = self._cadf_audit.get_target_resource(req)
event = factory.EventFactory().new_event(
eventType=cadftype.EVENTTYPE_ACTIVITY,
outcome=taxonomy.OUTCOME_PENDING,
action=action,
initiator=initiator,
target=target,
observer=resource.Resource(id='target'))
event.requestPath = req.path_qs
event.add_tag(
tag.generate_name_value_tag('correlation_id', correlation_id))
# cache model in request to allow tracking of transistive steps.
req.environ['cadf_event'] = event
return event
def _create_event(self, req):
correlation_id = identifier.generate_uuid()
action = self._cadf_audit.get_action(req)
initiator = ClientResource(
typeURI=taxonomy.ACCOUNT_USER,
id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])),
name=req.environ['HTTP_X_USER_NAME'],
host=host.Host(address=req.client_addr, agent=req.user_agent),
credential=KeystoneCredential(
token=req.environ['HTTP_X_AUTH_TOKEN'],
identity_status=req.environ['HTTP_X_IDENTITY_STATUS']),
project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID']))
target = self._cadf_audit.get_target_resource(req)
event = factory.EventFactory().new_event(
eventType=cadftype.EVENTTYPE_ACTIVITY,
outcome=taxonomy.OUTCOME_PENDING,
action=action,
initiator=initiator,
target=target,
observer=resource.Resource(id='target'))
event.requestPath = req.path_qs
event.add_tag(tag.generate_name_value_tag('correlation_id',
correlation_id))
# cache model in request to allow tracking of transistive steps.
req.environ['cadf_event'] = event
return event
def test_missing_catalog_endpoint_id(self):
env_headers = {
'HTTP_X_SERVICE_CATALOG': '''[{"endpoints_links": [],
"endpoints": [{"adminURL":
"http://admin_host:8774",
"region": "RegionOne",
"publicURL":
"http://public_host:8774",
"internalURL":
"http://internal_host:8774"}],
"type": "compute",
"name": "nova"},]''',
'HTTP_X_USER_ID': 'user_id',
'HTTP_X_USER_NAME': 'user_name',
'HTTP_X_AUTH_TOKEN': 'token',
'HTTP_X_PROJECT_ID': 'tenant_id',
'HTTP_X_IDENTITY_STATUS': 'Confirmed',
'REQUEST_METHOD': 'GET'
}
req = webob.Request.blank('http://admin_host:8774/v2/' +
str(uuid.uuid4()) + '/servers',
environ=env_headers)
self.middleware._process_request(req)
payload = req.environ['cadf_event'].as_dict()
self.assertEqual(payload['target']['id'], identifier.norm_ns('nova'))
def _get_service_info(self, endp):
service = self.Service(
type=self._MAP.service_endpoints.get(endp['type'],
taxonomy.UNKNOWN),
name=endp['name'],
id=identifier.norm_ns(endp['endpoints'][0]['id']),
admin_endp=endpoint.Endpoint(name='admin',
url=endp['endpoints'][0]['adminURL']),
private_endp=endpoint.Endpoint(
name='private', url=endp['endpoints'][0]['internalURL']),
public_endp=endpoint.Endpoint(
name='public', url=endp['endpoints'][0]['publicURL']))
return service
def _get_service_info(self, endp):
service = self.Service(
type=self._MAP.service_endpoints.get(
endp['type'],
taxonomy.UNKNOWN),
name=endp['name'],
id=identifier.norm_ns(endp['endpoints'][0]['id']),
admin_endp=endpoint.Endpoint(
name='admin',
url=endp['endpoints'][0]['adminURL']),
private_endp=endpoint.Endpoint(
name='private',
url=endp['endpoints'][0]['internalURL']),
public_endp=endpoint.Endpoint(
name='public',
url=endp['endpoints'][0]['publicURL']))
return service
def _get_service_info(self, endp):
# NOTE(stevemar): The catalog returned by X-Service-Catalog
# does not include IDs for endpoints, use the service name
# as a backup.
endpoint_id = endp['endpoints'][0].get('id', endp['name'])
service = self.Service(
type=self._MAP.service_endpoints.get(
endp['type'],
taxonomy.UNKNOWN),
name=endp['name'],
id=identifier.norm_ns(endpoint_id),
admin_endp=endpoint.Endpoint(
name='admin',
url=endp['endpoints'][0]['adminURL']),
private_endp=endpoint.Endpoint(
name='private',
url=endp['endpoints'][0]['internalURL']),
public_endp=endpoint.Endpoint(
name='public',
url=endp['endpoints'][0]['publicURL']))
return service
def test_missing_catalog_endpoint_id(self):
env_headers = {
"HTTP_X_SERVICE_CATALOG": """[{"endpoints_links": [],
"endpoints": [{"adminURL":
"http://admin_host:8774",
"region": "RegionOne",
"publicURL":
"http://public_host:8774",
"internalURL":
"http://internal_host:8774"}],
"type": "compute",
"name": "nova"},]""",
"HTTP_X_USER_ID": "user_id",
"HTTP_X_USER_NAME": "user_name",
"HTTP_X_AUTH_TOKEN": "token",
"HTTP_X_PROJECT_ID": "tenant_id",
"HTTP_X_IDENTITY_STATUS": "Confirmed",
"REQUEST_METHOD": "GET",
}
req = webob.Request.blank("http://admin_host:8774/v2/" + str(uuid.uuid4()) + "/servers", environ=env_headers)
self.middleware._process_request(req)
payload = req.environ["cadf_event"].as_dict()
self.assertEqual(payload["target"]["id"], identifier.norm_ns("nova"))
def test_missing_catalog_endpoint_id(self):
env_headers = {'HTTP_X_SERVICE_CATALOG':
'''[{"endpoints_links": [],
"endpoints": [{"adminURL":
"http://admin_host:8774",
"region": "RegionOne",
"publicURL":
"http://public_host:8774",
"internalURL":
"http://internal_host:8774"}],
"type": "compute",
"name": "nova"},]''',
'HTTP_X_USER_ID': 'user_id',
'HTTP_X_USER_NAME': 'user_name',
'HTTP_X_AUTH_TOKEN': 'token',
'HTTP_X_PROJECT_ID': 'tenant_id',
'HTTP_X_IDENTITY_STATUS': 'Confirmed',
'REQUEST_METHOD': 'GET'}
req = webob.Request.blank('http://admin_host:8774/v2/'
+ str(uuid.uuid4()) + '/servers',
environ=env_headers)
self.middleware._process_request(req)
payload = req.environ['cadf_event'].as_dict()
self.assertEqual(payload['target']['id'], identifier.norm_ns('nova'))
def create_event(self, req, correlation_id):
if not self._MAP:
self._MAP = _configure_audit_map()
action = self._get_action(req)
initiator_host = host.Host(address=req.client_addr,
agent=req.user_agent)
catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG'])
service_info = self.Service(type=taxonomy.UNKNOWN,
name=taxonomy.UNKNOWN,
id=taxonomy.UNKNOWN,
admin_endp=None,
private_endp=None,
public_endp=None)
default_endpoint = None
for endp in catalog:
admin_urlparse = urlparse.urlparse(
endp['endpoints'][0]['adminURL'])
public_urlparse = urlparse.urlparse(
endp['endpoints'][0]['publicURL'])
req_url = urlparse.urlparse(req.host_url)
if (req_url.netloc == admin_urlparse.netloc
or req_url.netloc == public_urlparse.netloc):
service_info = self._get_service_info(endp)
break
elif (self._MAP.default_target_endpoint_type
and endp['type'] == self._MAP.default_target_endpoint_type):
default_endpoint = endp
else:
if default_endpoint:
service_info = self._get_service_info(default_endpoint)
initiator = ClientResource(
typeURI=taxonomy.ACCOUNT_USER,
id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])),
name=req.environ['HTTP_X_USER_NAME'],
host=initiator_host,
credential=KeystoneCredential(
token=req.environ['HTTP_X_AUTH_TOKEN'],
identity_status=req.environ['HTTP_X_IDENTITY_STATUS']),
project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID']))
target_typeURI = (self._build_typeURI(req, service_info.type)
if service_info.type != taxonomy.UNKNOWN
else service_info.type)
target = resource.Resource(typeURI=target_typeURI,
id=service_info.id,
name=service_info.name)
if service_info.admin_endp:
target.add_address(service_info.admin_endp)
if service_info.private_endp:
target.add_address(service_info.private_endp)
if service_info.public_endp:
target.add_address(service_info.public_endp)
event = factory.EventFactory().new_event(
eventType=cadftype.EVENTTYPE_ACTIVITY,
outcome=taxonomy.OUTCOME_PENDING,
action=action,
initiator=initiator,
target=target,
observer=resource.Resource(id='target'))
event.requestPath = req.path_qs
event.add_tag(tag.generate_name_value_tag('correlation_id',
correlation_id))
return event
def create_event(self, req, correlation_id):
action = self._get_action(req)
initiator_host = host.Host(address=req.client_addr,
agent=req.user_agent)
catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG'])
service_info = self.Service(type=taxonomy.UNKNOWN,
name=taxonomy.UNKNOWN,
id=taxonomy.UNKNOWN,
admin_endp=None,
private_endp=None,
public_endp=None)
default_endpoint = None
for endp in catalog:
admin_urlparse = urlparse.urlparse(
endp['endpoints'][0]['adminURL'])
public_urlparse = urlparse.urlparse(
endp['endpoints'][0]['publicURL'])
req_url = urlparse.urlparse(req.host_url)
if (req_url.netloc == admin_urlparse.netloc
or req_url.netloc == public_urlparse.netloc):
service_info = self._get_service_info(endp)
break
elif (self._MAP.default_target_endpoint_type
and endp['type'] == self._MAP.default_target_endpoint_type):
default_endpoint = endp
else:
if default_endpoint:
service_info = self._get_service_info(default_endpoint)
initiator = ClientResource(
typeURI=taxonomy.ACCOUNT_USER,
id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])),
name=req.environ['HTTP_X_USER_NAME'],
host=initiator_host,
credential=KeystoneCredential(
token=req.environ['HTTP_X_AUTH_TOKEN'],
identity_status=req.environ['HTTP_X_IDENTITY_STATUS']),
project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID']))
target_typeURI = (self._build_typeURI(req, service_info.type)
if service_info.type != taxonomy.UNKNOWN else
service_info.type)
target = resource.Resource(typeURI=target_typeURI,
id=service_info.id,
name=service_info.name)
if service_info.admin_endp:
target.add_address(service_info.admin_endp)
if service_info.private_endp:
target.add_address(service_info.private_endp)
if service_info.public_endp:
target.add_address(service_info.public_endp)
event = factory.EventFactory().new_event(
eventType=cadftype.EVENTTYPE_ACTIVITY,
outcome=taxonomy.OUTCOME_PENDING,
action=action,
initiator=initiator,
target=target,
observer=resource.Resource(id='target'))
event.requestPath = req.path_qs
event.add_tag(
tag.generate_name_value_tag('correlation_id', correlation_id))
return event
