def mod_audit_event(self, req, response):
"""Modifies CADF event in request based on response.
If no event exists, a new event is created.
"""
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
else:
result = taxonomy.UNKNOWN
if hasattr(req, 'cadf_model'):
req.cadf_model.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter=resource.Resource(id='target'),
reporterTime=timestamp.get_utc_now()))
else:
self.append_audit_event(req)
req.cadf_model.outcome = result
if response:
req.cadf_model.reason = \
reason.Reason(reasonType='HTTP',
reasonCode=str(response.status_int))
req.environ['CADF_EVENT'] = req.cadf_model.as_dict()
def _process_response(self, request, response=None):
# NOTE(gordc): handle case where error processing request
if 'cadf_event' not in request.environ:
self._create_event(request)
event = request.environ['cadf_event']
if response:
if response.status_int >= 200 and response.status_int < 400:
result = taxonomy.OUTCOME_SUCCESS
else:
result = taxonomy.OUTCOME_FAILURE
event.reason = reason.Reason(
reasonType='HTTP', reasonCode=str(response.status_int))
else:
result = taxonomy.UNKNOWN
event.outcome = result
event.add_reporterstep(
reporterstep.Reporterstep(
role=cadftype.REPORTER_ROLE_MODIFIER,
reporter=resource.Resource(id='target'),
reporterTime=timestamp.get_utc_now()))
self._notifier.notify(request.context,
'audit.http.response',
event.as_dict())
def test_reporterstep(self):
step = reporterstep.Reporterstep(
role='modifier',
reporter=resource.Resource(typeURI='storage'),
reporterId=identifier.generate_uuid(),
reporterTime=timestamp.get_utc_now())
self.assertEqual(False, step.is_valid())
dict_step = step.as_dict()
for key in reporterstep.REPORTERSTEP_KEYNAMES:
self.assertIn(key, dict_step)
step = reporterstep.Reporterstep(
role='modifier',
reporter=resource.Resource(typeURI='storage'),
reporterTime=timestamp.get_utc_now())
self.assertEqual(True, step.is_valid())
step = reporterstep.Reporterstep(role='modifier',
reporterId=identifier.generate_uuid(),
reporterTime=timestamp.get_utc_now())
self.assertEqual(True, step.is_valid())
def test_event(self):
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
initiatorId=identifier.generate_uuid(),
action='read',
target=resource.Resource(typeURI='storage'),
targetId=identifier.generate_uuid(),
observer=resource.Resource(id='target'),
observerId=identifier.generate_uuid(),
outcome='success',
reason=reason.Reason(reasonType='HTTP',
reasonCode='200'),
severity='high')
ev.add_measurement(
measurement.Measurement(result='100',
metricId=identifier.generate_uuid())),
ev.add_tag(tag.generate_name_value_tag('name', 'val'))
ev.add_attachment(attachment.Attachment(typeURI='attachURI',
content='content',
name='attachment_name'))
ev.observer = resource.Resource(typeURI='service/security')
ev.add_reporterstep(reporterstep.Reporterstep(
role='observer',
reporter=resource.Resource(typeURI='service/security')))
ev.add_reporterstep(reporterstep.Reporterstep(
reporterId=identifier.generate_uuid()))
self.assertEqual(ev.is_valid(), False)
dict_ev = ev.as_dict()
for key in event.EVENT_KEYNAMES:
self.assertIn(key, dict_ev)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
action='read',
target=resource.Resource(typeURI='storage'),
observer=resource.Resource(id='target'),
outcome='success')
self.assertEqual(ev.is_valid(), True)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiatorId=identifier.generate_uuid(),
action='read',
targetId=identifier.generate_uuid(),
observerId=identifier.generate_uuid(),
outcome='success')
self.assertEqual(ev.is_valid(), True)
ev = event.Event(eventType='activity',
id=identifier.generate_uuid(),
eventTime=timestamp.get_utc_now(),
initiator=resource.Resource(typeURI='storage'),
action='read',
targetId=identifier.generate_uuid(),
observer=resource.Resource(id='target'),
outcome='success')
self.assertEqual(ev.is_valid(), True)