Esempio n. 1
0
    def test_get_instance(self):
        self.assertIsInstance(AuditLogger.get_instance(), AuditLogger)

        mocked_instance = MagicMock()
        AuditLogger.logger = mocked_instance

        self.assertEqual(mocked_instance, AuditLogger.get_instance())
Esempio n. 2
0
    def emit(self, record):
        """
        Format the data received from the audit log middleware to match the current temporay storage
        in the database. The source and destination of the message are extracted and the msg is split
        in separate request and response logs.

        Once the audit logs can be stored in Elastic, the handler can be changed.

        The middleware logs message in the following format:
        {
            'audit': {
                'http_request': ....,
                'http_response': ....,
                'user': ....,
                ...
            }
        }
        """
        try:
            msg = json.loads(self.format(record))
        except (json.JSONDecodeError, TypeError) as exception:
            on_audit_log_exception(exception, record)
            return

        request_uuid = request.headers.get(CORRELATION_ID_HEADER,
                                           str(uuid.uuid4()))
        # Get the source and destination from the middleware log message
        source = get_nested_item(msg, 'audit', 'http_request', 'url')
        destination = get_nested_item(msg, 'audit', 'user', 'ip')
        # Strip the response data from the msg to create request only data and vice versa
        request_data = {
            k: v
            for k, v in msg.get('audit', {}).items() if k != 'http_response'
        }
        response_data = {
            k: v
            for k, v in msg.get('audit', {}).items() if k != 'http_request'
        }

        request_data.update({
            CORRELATION_ID_HEADER:
            request.headers.get(CORRELATION_ID_HEADER),
            UNIQUE_ID_HEADER:
            request.headers.get(UNIQUE_ID_HEADER),
        })

        audit_logger = AuditLogger.get_instance()

        try:
            audit_logger.log_request(source=source,
                                     destination=destination,
                                     extra_data=request_data,
                                     request_uuid=request_uuid)

            audit_logger.log_response(source=source,
                                      destination=destination,
                                      extra_data=response_data,
                                      request_uuid=request_uuid)
        except Exception as exception:
            on_audit_log_exception(exception, msg)
Esempio n. 3
0
    def emit(self, record):
        """
        Format the data received from the audit log middleware to match the current temporay storage
        in the database. The source and destination of the message are extracted and the msg is split
        in separate request and response logs.

        Once the audit logs can be stored in Elastic, the handler can be changed.

        The middleware logs message in the following format:
        {
            'audit': {
                'http_request': ....,
                'http_response': ....,
                'user': ....,
                ...
            }
        }
        """
        audit_logger = AuditLogger.get_instance()

        request_uuid = str(uuid.uuid4())

        try:
            msg = json.loads(self.format(record))
        except (json.JSONDecodeError, TypeError):
            # Error transforming msg to json. Logging as str
            source = 'Could not get source from msg'
            destination = 'Could not get destination from msg'
            request_data = response_data = None
        else:
            # Get the source and destination from the middleware log message
            source = get_nested_item(msg, 'audit', 'http_request', 'url')
            destination = get_nested_item(msg, 'audit', 'user', 'ip')
            # Strip the response data from the msg to create request only data and vice versa
            request_data = {
                k: v
                for k, v in msg.get('audit', {}).items()
                if k != 'http_response'
            }
            response_data = {
                k: v
                for k, v in msg.get('audit', {}).items()
                if k != 'http_response'
            }

        audit_logger.log_request(source=source,
                                 destination=destination,
                                 extra_data=request_data,
                                 request_uuid=request_uuid)

        audit_logger.log_response(source=source,
                                  destination=destination,
                                  extra_data=response_data,
                                  request_uuid=request_uuid)
Esempio n. 4
0
    def test_log_response(self, mock_datetime):
        audit_logger = AuditLogger()
        audit_logger._uuid = lambda: 'generated uuid'
        mock_datetime.now.return_value = 'timestamp now'

        audit_logger.log_response('the source', 'the destination',
                                  {'extra': 'data'})
        audit_logger.publisher.publish_response.assert_called_with({
            'type':
            'response',
            'source':
            'the source',
            'destination':
            'the destination',
            'timestamp':
            'timestamp now',
            'data': {
                'extra': 'data'
            },
            'request_uuid':
            'generated uuid',
        })

        audit_logger.log_response('the source', 'the destination',
                                  {'extra': 'data'}, 'passed uuid')
        audit_logger.publisher.publish_response.assert_called_with({
            'type':
            'response',
            'source':
            'the source',
            'destination':
            'the destination',
            'timestamp':
            'timestamp now',
            'data': {
                'extra': 'data'
            },
            'request_uuid':
            'passed uuid',
        })
Esempio n. 5
0
def _stuf():
    """
    Handle StUF request

    :return: XML response
    """
    audit_logger = AuditLogger.get_instance()

    request = flask.request
    url = _routed_url(request.url)

    request_uuid = str(uuid.uuid4())

    request_log_data = {
        'soapaction': request.headers.get('Soapaction'),
        'original_url': request.url,
        'method': request.method,
    }
    audit_logger.log_request(request.remote_addr, url, request_log_data, request_uuid)

    response_log_data = {**request_log_data}

    try:
        response = _handle_stuf_request(request, url)
    except HTTPException as e:
        # If Exception occurs, log exception and re-raise
        response_log_data['exception'] = str(e)
        audit_logger.log_response(request.remote_addr, url, response_log_data, request_uuid)
        raise e

    # Successful
    response_log_data['remote_response_code'] = response.status_code
    audit_logger.log_response(request.remote_addr, url, response_log_data, request_uuid)
    text = _update_response(response.text)

    return Response(text, mimetype="text/xml")
Esempio n. 6
0
    def test_uuid(self, mock_uuid4):
        mock_uuid4.return_value = "some uuid"

        audit_logger = AuditLogger()
        self.assertEqual("some uuid", audit_logger._uuid())
Esempio n. 7
0
 def test_init(self, mock_audit_log_publisher):
     audit_logger = AuditLogger()
     self.assertEqual(mock_audit_log_publisher.return_value,
                      audit_logger.publisher)