예제 #1
0
def test_get_multi_by_instance_index(
        db, redis_client, redis_flushall, faker, user, application):
    cluster_name = 'bar'
    key = 'test'
    action_type = action_types.UPDATE_CONFIG
    _, data_type = action_types[action_type].split('_', 1)
    data_type = data_type.lower()
    audit_num = 3

    for _ in range(audit_num):
        extra = {
            'application_name': application.application_name,
            'cluster_name': 'bar',
            'key': 'test',
            'old_data': 'old',
            'new_data': 'new'
        }
        action = action_creator.make_action(
            action_types.UPDATE_CONFIG, **extra)
        AuditLog.create(user.id, faker.ipv4(), action)

    audit_logs = AuditLog.get_multi_by_instance_index(
        AuditLog.TYPE_CONFIG, application.id, cluster_name, key)
    assert len(audit_logs[:]) == audit_num

    with DBSession().close_on_exit(False):
        DBSession.delete(user)
    User._db_session.close()
    redis_flushall(redis_client)
    audit_logs = AuditLog.get_multi_by_instance_index(
        AuditLog.TYPE_CONFIG, application.id, cluster_name, key)
    assert not any(getattr(x, 'user') for x in audit_logs)
예제 #2
0
파일: audit.py 프로젝트: zhoudaqing/huskar 
    def get(self, application_name, cluster_name, key):
        """Get the audit logs of specified instance key.

        :param application_name: The name of application.
        :param cluster_name: The name of clsuter.
        :param key: The key of instance.
        :query date: The date specified to search, default is today.
        :query start: The offset of pagination. Default is ``0``.
        :>header Authorization: Huskar Token (See :ref:`token`)
        :status 403: You don't have required authority.
        :status 501: The server is in minimal mode.
        :status 200: The result is in the response.
                     (See :ref:`Audit Log Schema <audit_schema>`)
        """
        check_application(application_name)
        check_cluster_name(cluster_name, application_name)

        start = request.args.get('start', type=int, default=0)
        application = Application.get_by_name(application_name)
        can_view_sensitive_data = AuditLog.can_view_sensitive_data(
            g.auth.id, self.instance_type, application.id)
        items = AuditLog.get_multi_by_instance_index(self.instance_type,
                                                     application.id,
                                                     cluster_name, key)
        items = items[start:start + 20]
        if not can_view_sensitive_data:
            items = [item.desensitize() for item in items]
        return api_response(audit_log_schema.dump(items, many=True).data)