def get_user_info(self, request): user_info = {} if not hasattr(request, "user"): return user_info try: user = request.user if hasattr(user, "is_authenticated"): if callable(user.is_authenticated): user_info["is_authenticated"] = user.is_authenticated() else: user_info["is_authenticated"] = bool(user.is_authenticated) if hasattr(user, "id"): user_info["id"] = encoding.keyword_field(user.id) if hasattr(user, "get_username"): user_info["username"] = encoding.keyword_field( encoding.force_text(user.get_username())) elif hasattr(user, "username"): user_info["username"] = encoding.keyword_field( encoding.force_text(user.username)) if hasattr(user, "email"): user_info["email"] = encoding.force_text(user.email) except DatabaseError: # If the connection is closed or similar, we'll just skip this return {} return user_info
def sanitize_http_request_cookies(client, event): """ Sanitizes http request cookies :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ # sanitize request.cookies dict try: cookies = event["context"]["request"]["cookies"] event["context"]["request"]["cookies"] = varmap( _sanitize, cookies, sanitize_field_names=client.config.sanitize_field_names) except (KeyError, TypeError): pass # sanitize request.header.cookie string try: cookie_string = force_text( event["context"]["request"]["headers"]["cookie"], errors="replace") event["context"]["request"]["headers"]["cookie"] = _sanitize_string( cookie_string, "; ", "=", sanitize_field_names=client.config.sanitize_field_names) except (KeyError, TypeError): pass return event
def sanitize_http_request_querystring(client, event): """ Sanitizes http request query string :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ try: query_string = force_text(event["context"]["request"]["url"]["search"], errors="replace") except (KeyError, TypeError): return event if "=" in query_string: sanitized_query_string = _sanitize_string( query_string, "&", "=", sanitize_field_names=client.config.sanitize_field_names) full_url = event["context"]["request"]["url"]["full"] # we need to pipe the sanitized string through encoding.keyword_field to ensure that the maximum # length of keyword fields is still ensured. event["context"]["request"]["url"]["search"] = keyword_field( sanitized_query_string) event["context"]["request"]["url"]["full"] = keyword_field( full_url.replace(query_string, sanitized_query_string)) return event
def sanitize_http_request_body(client, event): """ Sanitizes http request body. This only works if the request body is a query-encoded string. Other types (e.g. JSON) are not handled by this sanitizer. :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ try: body = force_text(event["context"]["request"]["body"], errors="replace") except (KeyError, TypeError): return event if "=" in body: sanitized_query_string = _sanitize_string(body, "&", "=") event["context"]["request"]["body"] = sanitized_query_string return event
def sanitize_http_request_querystring(client, event): """ Sanitizes http request query string :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ try: query_string = force_text(event["context"]["request"]["url"]["search"], errors="replace") except (KeyError, TypeError): return event if "=" in query_string: sanitized_query_string = _sanitize_string(query_string, "&", "=") full_url = event["context"]["request"]["url"]["full"] event["context"]["request"]["url"]["search"] = sanitized_query_string event["context"]["request"]["url"]["full"] = full_url.replace(query_string, sanitized_query_string) return event
def sanitize_http_request_querystring(client, event): """ Sanitizes http request query string :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ try: query_string = force_text(event['context']['request']['url']['search'], errors='replace') except (KeyError, TypeError): return event if '=' in query_string: sanitized_query_string = _sanitize_string(query_string, '&', '=') raw = event['context']['request']['url']['raw'] event['context']['request']['url']['search'] = sanitized_query_string event['context']['request']['url']['raw'] = raw.replace( query_string, sanitized_query_string) return event
def sanitize_http_response_cookies(client, event): """ Sanitizes the set-cookie header of the response :param client: an ElasticAPM client :param event: a transaction or error event :return: The modified event """ try: cookie_string = force_text( event["context"]["response"]["headers"]["set-cookie"], errors="replace") event["context"]["response"]["headers"][ "set-cookie"] = _sanitize_string( cookie_string, ";", "=", sanitize_field_names=client.config.sanitize_field_names) except (KeyError, TypeError): pass return event
def extract_signature(sql): """ Extracts a minimal signature from a given SQL query :param sql: the SQL statement :return: a string representing the signature """ sql = force_text(sql) sql = sql.strip() first_space = sql.find(" ") if first_space < 0: return sql second_space = sql.find(" ", first_space + 1) sql_type = sql[0:first_space].upper() if sql_type in ["INSERT", "DELETE"]: keyword = "INTO" if sql_type == "INSERT" else "FROM" sql_type = sql_type + " " + keyword table_name = look_for_table(sql, keyword) elif sql_type in ["CREATE", "DROP"]: # 2nd word is part of SQL type sql_type = sql_type + sql[first_space:second_space] table_name = "" elif sql_type == "UPDATE": table_name = look_for_table(sql, "UPDATE") elif sql_type == "SELECT": # Name is first table try: sql_type = "SELECT FROM" table_name = look_for_table(sql, "FROM") except Exception: table_name = "" else: # No name table_name = "" signature = " ".join(filter(bool, [sql_type, table_name])) return signature