def _process_response(self, request, response=None):
# NOTE(gordc): handle case where error processing request
if 'cadf_event' not in request.environ:
self._create_event(request)
event = request.environ['cadf_event']
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
event.reason = reason.Reason(
reasonType='HTTP', reasonCode=str(response.status_int))
else:
result = taxonomy.UNKNOWN
event.outcome = result
event.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter=resource.Resource(id='target'),
reporterTime=timestamp.get_utc_now()))
self._emit_audit(context.get_admin_context().to_dict(),
'audit.http.response', event.as_dict())
def mod_audit_event(self, req, response):
"""Modifies CADF event in request based on response.
If no event exists, a new event is created.
"""
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
else:
result = taxonomy.UNKNOWN
if hasattr(req, 'cadf_model'):
req.cadf_model.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter='target',
reporterTime=timestamp.get_utc_now()))
else:
self.append_audit_event(req)
req.cadf_model.outcome = result
if response:
req.cadf_model.reason = \
reason.Reason(reasonType='HTTP',
reasonCode=str(response.status_int))
req.environ['CADF_EVENT'] = req.cadf_model.as_dict()
def mod_audit_event(self, req, response):
"""Modifies CADF event in request based on response.
If no event exists, a new event is created.
"""
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
else:
result = taxonomy.UNKNOWN
if hasattr(req, 'cadf_model'):
req.cadf_model.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter=resource.Resource(id='target'),
reporterTime=timestamp.get_utc_now()))
else:
self.append_audit_event(req)
req.cadf_model.outcome = result
if response:
req.cadf_model.reason = \
reason.Reason(reasonType='HTTP',
reasonCode=str(response.status_int))
req.environ['CADF_EVENT'] = req.cadf_model.as_dict()
def test_event(self):
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
initiatorId=identifier.generate_uuid(),
action='read',
target=resource.Resource(typeURI='storage'),
targetId=identifier.generate_uuid(),
observer='target',
outcome='success',
reason=reason.Reason(reasonType='HTTP',
reasonCode='200'),
severity='high')
ev.add_measurement(measurement.Measurement(result='100'))
ev.add_tag(tag.generate_name_value_tag('name', 'val'))
ev.add_attachment(attachment.Attachment(typeURI='attachURI',
content='content',
name='attachment_name'))
ev.observer = resource.Resource(typeURI='service/security')
ev.add_reporterstep(reporterstep.Reporterstep(
role='observer',
reporter=resource.Resource(typeURI='service/security')))
ev.add_reporterstep(reporterstep.Reporterstep(
reporterId=identifier.generate_uuid()))
dict_ev = ev.as_dict()
for key in event.EVENT_KEYNAMES:
self.assertIn(key, dict_ev)
def _process_response(self, request, response=None):
# NOTE(gordc): handle case where error processing request
if 'cadf_event' not in request.environ:
self._create_event(request)
event = request.environ['cadf_event']
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
event.reason = reason.Reason(
reasonType='HTTP', reasonCode=str(response.status_int))
else:
result = taxonomy.UNKNOWN
event.outcome = result
event.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter=resource.Resource(id='target'),
reporterTime=timestamp.get_utc_now()))
self._notifier.notify(request.context,
'audit.http.response',
event.as_dict())
def test_reporterstep(self):
step = reporterstep.Reporterstep(
role='modifier',
reporter=resource.Resource(typeURI='storage'),
reporterId=identifier.generate_uuid(),
reporterTime=timestamp.get_utc_now())
dict_step = step.as_dict()
for key in reporterstep.REPORTERSTEP_KEYNAMES:
self.assertIn(key, dict_step)
def __init__(self, eventType=cadftype.EVENTTYPE_ACTIVITY,
id=None, eventTime=None,
action=cadftaxonomy.UNKNOWN, outcome=cadftaxonomy.UNKNOWN,
initiator=None, initiatorId=None, target=None, targetId=None,
severity=None, reason=None, observer=None, observerId=None):
# Establish typeURI for the CADF Event data type
# TODO(mrutkows): support extended typeURIs for Event subtypes
setattr(self, EVENT_KEYNAME_TYPEURI, TYPE_URI_EVENT)
# Event.eventType (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTYPE, eventType)
# Event.id (Mandatory)
setattr(self, EVENT_KEYNAME_ID, id or identifier.generate_uuid())
# Event.eventTime (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTIME,
eventTime or timestamp.get_utc_now())
# Event.action (Mandatory)
setattr(self, EVENT_KEYNAME_ACTION, action)
# Event.outcome (Mandatory)
setattr(self, EVENT_KEYNAME_OUTCOME, outcome)
# Event.observer (Mandatory if no observerId)
if observer is not None:
setattr(self, EVENT_KEYNAME_OBSERVER, observer)
# Event.observerId (Dependent)
if observerId is not None:
setattr(self, EVENT_KEYNAME_OBSERVERID, observerId)
# Event.initiator (Mandatory if no initiatorId)
if initiator is not None:
setattr(self, EVENT_KEYNAME_INITIATOR, initiator)
# Event.initiatorId (Dependent)
if initiatorId is not None:
setattr(self, EVENT_KEYNAME_INITIATORID, initiatorId)
# Event.target (Mandatory if no targetId)
if target is not None:
setattr(self, EVENT_KEYNAME_TARGET, target)
# Event.targetId (Dependent)
if targetId is not None:
setattr(self, EVENT_KEYNAME_TARGETID, targetId)
# Event.severity (Optional)
if severity is not None:
setattr(self, EVENT_KEYNAME_SEVERITY, severity)
# Event.reason (Optional)
if reason is not None:
setattr(self, EVENT_KEYNAME_REASON, reason)
def test_reporterstep(self):
step = reporterstep.Reporterstep(
role='modifier',
reporter=resource.Resource(typeURI='storage'),
reporterId=identifier.generate_uuid(),
reporterTime=timestamp.get_utc_now())
self.assertEqual(False, step.is_valid())
dict_step = step.as_dict()
for key in reporterstep.REPORTERSTEP_KEYNAMES:
self.assertIn(key, dict_step)
step = reporterstep.Reporterstep(
role='modifier',
reporter=resource.Resource(typeURI='storage'),
reporterTime=timestamp.get_utc_now())
self.assertEqual(True, step.is_valid())
step = reporterstep.Reporterstep(role='modifier',
reporterId=identifier.generate_uuid(),
reporterTime=timestamp.get_utc_now())
self.assertEqual(True, step.is_valid())
def __init__(self,
eventType=cadftype.EVENTTYPE_ACTIVITY,
id=None,
eventTime=None,
action=cadftaxonomy.UNKNOWN,
outcome=cadftaxonomy.UNKNOWN,
initiator=None,
initiatorId=None,
target=None,
targetId=None,
severity=None,
reason=None,
observer=None,
observerId=None):
"""Create an Event
:param eventType: eventType of Event. Defaults to 'activity' type
:param id: id of event. will generate uuid if None
:param eventTime: time of event. will take current utc if None
:param action: event's action (see Action taxonomy)
:param outcome: Event's outcome (see Outcome taxonomy)
:param initiator: Event's Initiator Resource
:param initiatorId: Event's Initiator Resource id
:param target: Event's Target Resource
:param targetId: Event's Target Resource id
:param severity: domain-relative severity of Event
:param reason: domain-specific Reason type
:param observer: Event's Observer Resource
:param observerId: Event's Observer Resource id
"""
# Establish typeURI for the CADF Event data type
# TODO(mrutkows): support extended typeURIs for Event subtypes
setattr(self, EVENT_KEYNAME_TYPEURI, TYPE_URI_EVENT)
# Event.eventType (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTYPE, eventType)
# Event.id (Mandatory)
setattr(self, EVENT_KEYNAME_ID, id or identifier.generate_uuid())
# Event.eventTime (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTIME, eventTime
or timestamp.get_utc_now())
# Event.action (Mandatory)
setattr(self, EVENT_KEYNAME_ACTION, action)
# Event.outcome (Mandatory)
setattr(self, EVENT_KEYNAME_OUTCOME, outcome)
# Event.observer (Mandatory if no observerId)
if observer is not None:
setattr(self, EVENT_KEYNAME_OBSERVER, observer)
# Event.observerId (Dependent)
if observerId is not None:
setattr(self, EVENT_KEYNAME_OBSERVERID, observerId)
# Event.initiator (Mandatory if no initiatorId)
if initiator is not None:
setattr(self, EVENT_KEYNAME_INITIATOR, initiator)
# Event.initiatorId (Dependent)
if initiatorId is not None:
setattr(self, EVENT_KEYNAME_INITIATORID, initiatorId)
# Event.target (Mandatory if no targetId)
if target is not None:
setattr(self, EVENT_KEYNAME_TARGET, target)
# Event.targetId (Dependent)
if targetId is not None:
setattr(self, EVENT_KEYNAME_TARGETID, targetId)
# Event.severity (Optional)
if severity is not None:
setattr(self, EVENT_KEYNAME_SEVERITY, severity)
# Event.reason (Optional)
if reason is not None:
setattr(self, EVENT_KEYNAME_REASON, reason)
def __init__(self, eventType=cadftype.EVENTTYPE_ACTIVITY,
id=None, eventTime=None,
action=cadftaxonomy.UNKNOWN, outcome=cadftaxonomy.UNKNOWN,
initiator=None, initiatorId=None, target=None, targetId=None,
severity=None, reason=None, observer=None, observerId=None):
"""Create an Event
:param eventType: eventType of Event. Defaults to 'activity' type
:param id: id of event. will generate uuid if None
:param eventTime: time of event. will take current utc if None
:param action: event's action (see Action taxonomy)
:param outcome: Event's outcome (see Outcome taxonomy)
:param initiator: Event's Initiator Resource
:param initiatorId: Event's Initiator Resource id
:param target: Event's Target Resource
:param targetId: Event's Target Resource id
:param severity: domain-relative severity of Event
:param reason: domain-specific Reason type
:param observer: Event's Observer Resource
:param observerId: Event's Observer Resource id
"""
# Establish typeURI for the CADF Event data type
# TODO(mrutkows): support extended typeURIs for Event subtypes
setattr(self, EVENT_KEYNAME_TYPEURI, TYPE_URI_EVENT)
# Event.eventType (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTYPE, eventType)
# Event.id (Mandatory)
setattr(self, EVENT_KEYNAME_ID, id or identifier.generate_uuid())
# Event.eventTime (Mandatory)
setattr(self, EVENT_KEYNAME_EVENTTIME,
eventTime or timestamp.get_utc_now())
# Event.action (Mandatory)
setattr(self, EVENT_KEYNAME_ACTION, action)
# Event.outcome (Mandatory)
setattr(self, EVENT_KEYNAME_OUTCOME, outcome)
# Event.observer (Mandatory if no observerId)
if observer is not None:
setattr(self, EVENT_KEYNAME_OBSERVER, observer)
# Event.observerId (Dependent)
if observerId is not None:
setattr(self, EVENT_KEYNAME_OBSERVERID, observerId)
# Event.initiator (Mandatory if no initiatorId)
if initiator is not None:
setattr(self, EVENT_KEYNAME_INITIATOR, initiator)
# Event.initiatorId (Dependent)
if initiatorId is not None:
setattr(self, EVENT_KEYNAME_INITIATORID, initiatorId)
# Event.target (Mandatory if no targetId)
if target is not None:
setattr(self, EVENT_KEYNAME_TARGET, target)
# Event.targetId (Dependent)
if targetId is not None:
setattr(self, EVENT_KEYNAME_TARGETID, targetId)
# Event.severity (Optional)
if severity is not None:
setattr(self, EVENT_KEYNAME_SEVERITY, severity)
# Event.reason (Optional)
if reason is not None:
setattr(self, EVENT_KEYNAME_REASON, reason)
def test_event(self):
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
initiatorId=identifier.generate_uuid(),
action='read',
target=resource.Resource(typeURI='storage'),
targetId=identifier.generate_uuid(),
observer=resource.Resource(id='target'),
observerId=identifier.generate_uuid(),
outcome='success',
reason=reason.Reason(reasonType='HTTP',
reasonCode='200'),
severity='high')
ev.add_measurement(
measurement.Measurement(result='100',
metricId=identifier.generate_uuid())),
ev.add_tag(tag.generate_name_value_tag('name', 'val'))
ev.add_attachment(attachment.Attachment(typeURI='attachURI',
content='content',
name='attachment_name'))
ev.observer = resource.Resource(typeURI='service/security')
ev.add_reporterstep(reporterstep.Reporterstep(
role='observer',
reporter=resource.Resource(typeURI='service/security')))
ev.add_reporterstep(reporterstep.Reporterstep(
reporterId=identifier.generate_uuid()))
self.assertEqual(ev.is_valid(), False)
dict_ev = ev.as_dict()
for key in event.EVENT_KEYNAMES:
self.assertIn(key, dict_ev)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
action='read',
target=resource.Resource(typeURI='storage'),
observer=resource.Resource(id='target'),
outcome='success')
self.assertEqual(ev.is_valid(), True)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiatorId=identifier.generate_uuid(),
action='read',
targetId=identifier.generate_uuid(),
observerId=identifier.generate_uuid(),
outcome='success')
self.assertEqual(ev.is_valid(), True)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
action='read',
targetId=identifier.generate_uuid(),
observer=resource.Resource(id='target'),
outcome='success')
self.assertEqual(ev.is_valid(), True)
def generate_uuid():
uuid_temp = uuid.uuid5(uuid.NAMESPACE_DNS,
cadftype.CADF_VERSION_1_0_0
+ timestamp.get_utc_now())
return str(uuid_temp)
