def test_15_container_audit_check_audit(self):
import os
basedir = os.path.abspath(
os.path.join(os.path.dirname(__file__), os.path.pardir))
a = ContainerAudit({
"PI_AUDIT_CONTAINER_WRITE": [
"privacyidea.lib.auditmodules.loggeraudit",
"privacyidea.lib.auditmodules.sqlaudit"
],
"PI_AUDIT_CONTAINER_READ":
"privacyidea.lib.auditmodules.sqlaudit",
"PI_AUDIT_NO_SIGN":
True,
"PI_AUDIT_SQL_URI":
'sqlite:///' + os.path.join(basedir, 'data-test.sqlite')
})
a.log({"action": "something_test_35"})
a.add_to_log({'action_detail': 'some detail'})
a.add_policy('some policy')
a.finalize_log()
r = a.search({"action": "*something_test_35*"})
# The search should go to the sql audit
self.assertEqual(r.total, 1)
self.assertEqual(r.auditdata[0].get("action"), u"something_test_35")
self.assertEqual(r.auditdata[0].get("action_detail"), u"some detail")
self.assertEqual(r.auditdata[0].get("policies"), u"some policy")
# now check the log file
with open("audit.log") as file:
c = file.readlines()
self.assertIn("something_test_35", c[-1])
self.assertIn("some detail", c[-1])
self.assertIn("some policy", c[-1])
os.unlink('audit.log')
def test_10_container_audit(self):
import os
basedir = os.path.abspath(
os.path.join(os.path.dirname(__file__), os.path.pardir))
a = ContainerAudit({
"PI_AUDIT_CONTAINER_WRITE": [
"privacyidea.lib.auditmodules.loggeraudit",
"privacyidea.lib.auditmodules.sqlaudit"
],
"PI_AUDIT_CONTAINER_READ":
"privacyidea.lib.auditmodules.sqlaudit",
"PI_AUDIT_NO_SIGN":
True,
"PI_AUDIT_SQL_URI":
'sqlite:///' + os.path.join(basedir, 'data-test.sqlite')
})
self.assertFalse(a.has_data)
a.log({"action": "something_test_30"})
self.assertTrue(a.has_data)
a.finalize_log()
self.assertFalse(a.has_data)
c = a.get_count({})
self.assertEqual(c, 1)
t = a.get_total({})
self.assertEqual(t, 1)
r = a.search({"action": "*something*"})
# The search should go to the sql audit
self.assertEqual(r.total, 1)
self.assertEqual(r.auditdata[0].get("action"), u"something_test_30")
# Non readable read module!
a = ContainerAudit({
"PI_AUDIT_CONTAINER_WRITE":
["privacyidea.lib.auditmodules.loggeraudit"],
"PI_AUDIT_CONTAINER_READ":
"privacyidea.lib.auditmodules.loggeraudit"
})
a.log({"action": "logger_30"})
a.finalize_log()
r = a.search({"action": "*logger*"})
# The search should go to the sql audit
self.assertEqual(r.total, 0)
self.assertEqual(r.auditdata, [])
def test_15_container_audit_check_audit(self):
import os
basedir = os.path.abspath(
os.path.join(os.path.dirname(__file__), os.path.pardir))
a = ContainerAudit({
"PI_AUDIT_CONTAINER_WRITE": [
"privacyidea.lib.auditmodules.loggeraudit",
"privacyidea.lib.auditmodules.sqlaudit"
],
"PI_AUDIT_CONTAINER_READ":
"privacyidea.lib.auditmodules.sqlaudit",
"PI_AUDIT_NO_SIGN":
True,
"PI_AUDIT_SQL_URI":
self.app.config['SQLALCHEMY_DATABASE_URI']
})
a.log({"action": "something_test_35"})
a.add_to_log({'action_detail': 'some detail'})
a.add_policy('some policy')
a.finalize_log()
r = a.search({"action": "*something_test_35*"})
# The search should go to the sql audit
self.assertEqual(r.total, 1)
self.assertEqual(r.auditdata[0].get("action"), u"something_test_35")
self.assertEqual(r.auditdata[0].get("action_detail"), u"some detail")
self.assertEqual(r.auditdata[0].get("policies"), u"some policy")
# now check the log file
with open("audit.log") as file:
c = file.readlines()
self.assertIn("something_test_35", c[-1])
self.assertIn("some detail", c[-1])
self.assertIn("some policy", c[-1])
os.unlink('audit.log')
# check the CSV output
csv = a.csv_generator()
self.assertIsInstance(csv, types.GeneratorType)
csv_list = [c for c in csv]
self.assertGreater(len(csv_list), 0, csv_list)
self.assertTrue(any(['something_test_35' in l for l in csv_list]))