def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=req.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), name=req.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ.get('HTTP_X_AUTH_TOKEN', ''), identity_status=req.environ.get('HTTP_X_IDENTITY_STATUS', taxonomy.UNKNOWN)), project_id=req.environ.get('HTTP_X_PROJECT_ID', taxonomy.UNKNOWN)) target = self.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self._cadf_audit.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target = self._cadf_audit.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event
def test_event(self): ev = event.Event(eventType='activity', id=identifier.generate_uuid(), eventTime=timestamp.get_utc_now(), initiator=resource.Resource(typeURI='storage'), initiatorId=identifier.generate_uuid(), action='read', target=resource.Resource(typeURI='storage'), targetId=identifier.generate_uuid(), observer='target', outcome='success', reason=reason.Reason(reasonType='HTTP', reasonCode='200'), severity='high') ev.add_measurement(measurement.Measurement(result='100')) ev.add_tag(tag.generate_name_value_tag('name', 'val')) ev.add_attachment(attachment.Attachment(typeURI='attachURI', content='content', name='attachment_name')) ev.observer = resource.Resource(typeURI='service/security') ev.add_reporterstep(reporterstep.Reporterstep( role='observer', reporter=resource.Resource(typeURI='service/security'))) ev.add_reporterstep(reporterstep.Reporterstep( reporterId=identifier.generate_uuid())) dict_ev = ev.as_dict() for key in event.EVENT_KEYNAMES: self.assertIn(key, dict_ev)
def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self._cadf_audit.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target = self._cadf_audit.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event
def create_event(self, req, correlation_id): action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_type = self._SERVICE_ENDPOINTS.get(endp['type'], taxonomy.UNKNOWN) service_name = endp['name'] admin_end = endpoint.Endpoint( name='admin', url=endp['endpoints'][0]['adminURL']) private_end = endpoint.Endpoint( name='private', url=endp['endpoints'][0]['internalURL']) public_end = endpoint.Endpoint( name='public', url=endp['endpoints'][0]['publicURL']) service_id = endp['endpoints'][0]['id'] break else: service_type = service_id = service_name = taxonomy.UNKNOWN admin_end = private_end = public_end = None initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=str(req.environ['HTTP_X_USER_ID']), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=req.environ['HTTP_X_PROJECT_ID']) target = resource.Resource(typeURI=service_type, id=service_id, name=service_name) if admin_end: target.add_address(admin_end) if private_end: target.add_address(private_end) if public_end: target.add_address(public_end) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer='target') event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def test_event(self): ev = event.Event(eventType='activity', id=identifier.generate_uuid(), eventTime=timestamp.get_utc_now(), initiator=resource.Resource(typeURI='storage'), initiatorId=identifier.generate_uuid(), action='read', target=resource.Resource(typeURI='storage'), targetId=identifier.generate_uuid(), observer=resource.Resource(id='target'), observerId=identifier.generate_uuid(), outcome='success', reason=reason.Reason(reasonType='HTTP', reasonCode='200'), severity='high') ev.add_measurement( measurement.Measurement(result='100', metricId=identifier.generate_uuid())), ev.add_tag(tag.generate_name_value_tag('name', 'val')) ev.add_attachment(attachment.Attachment(typeURI='attachURI', content='content', name='attachment_name')) ev.observer = resource.Resource(typeURI='service/security') ev.add_reporterstep(reporterstep.Reporterstep( role='observer', reporter=resource.Resource(typeURI='service/security'))) ev.add_reporterstep(reporterstep.Reporterstep( reporterId=identifier.generate_uuid())) self.assertEqual(ev.is_valid(), False) dict_ev = ev.as_dict() for key in event.EVENT_KEYNAMES: self.assertIn(key, dict_ev) ev = event.Event(eventType='activity', id=identifier.generate_uuid(), eventTime=timestamp.get_utc_now(), initiator=resource.Resource(typeURI='storage'), action='read', target=resource.Resource(typeURI='storage'), observer=resource.Resource(id='target'), outcome='success') self.assertEqual(ev.is_valid(), True) ev = event.Event(eventType='activity', id=identifier.generate_uuid(), eventTime=timestamp.get_utc_now(), initiatorId=identifier.generate_uuid(), action='read', targetId=identifier.generate_uuid(), observerId=identifier.generate_uuid(), outcome='success') self.assertEqual(ev.is_valid(), True) ev = event.Event(eventType='activity', id=identifier.generate_uuid(), eventTime=timestamp.get_utc_now(), initiator=resource.Resource(typeURI='storage'), action='read', targetId=identifier.generate_uuid(), observer=resource.Resource(id='target'), outcome='success') self.assertEqual(ev.is_valid(), True)
def create_event(self, req, correlation_id): if not self._MAP: self._MAP = _configure_audit_map() action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) service_info = self.Service(type=taxonomy.UNKNOWN, name=taxonomy.UNKNOWN, id=taxonomy.UNKNOWN, admin_endp=None, private_endp=None, public_endp=None) default_endpoint = None for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_info = self._get_service_info(endp) break elif (self._MAP.default_target_endpoint_type and endp['type'] == self._MAP.default_target_endpoint_type): default_endpoint = endp else: if default_endpoint: service_info = self._get_service_info(default_endpoint) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target_typeURI = (self._build_typeURI(req, service_info.type) if service_info.type != taxonomy.UNKNOWN else service_info.type) target = resource.Resource(typeURI=target_typeURI, id=service_info.id, name=service_info.name) if service_info.admin_endp: target.add_address(service_info.admin_endp) if service_info.private_endp: target.add_address(service_info.private_endp) if service_info.public_endp: target.add_address(service_info.public_endp) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def create_event(self, req, correlation_id): action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) service_info = self.Service(type=taxonomy.UNKNOWN, name=taxonomy.UNKNOWN, id=taxonomy.UNKNOWN, admin_endp=None, private_endp=None, public_endp=None) default_endpoint = None for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_info = self._get_service_info(endp) break elif (self._MAP.default_target_endpoint_type and endp['type'] == self._MAP.default_target_endpoint_type): default_endpoint = endp else: if default_endpoint: service_info = self._get_service_info(default_endpoint) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target_typeURI = (self._build_typeURI(req, service_info.type) if service_info.type != taxonomy.UNKNOWN else service_info.type) target = resource.Resource(typeURI=target_typeURI, id=service_info.id, name=service_info.name) if service_info.admin_endp: target.add_address(service_info.admin_endp) if service_info.private_endp: target.add_address(service_info.private_endp) if service_info.public_endp: target.add_address(service_info.public_endp) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) return event