def test_audit_trace_id_header(self): trace_id = "Root=1-67891233-abcdef012345678912345678" headers = {to_django_header(TRACE_HEADER): trace_id} request = make_request("/a/block/login", **headers) # HACK verify that the header was set correctly assert TRACE_HEADER in request.headers, request.headers with intercept_save(AccessAudit) as cfg, patch_trace_id_header(): AccessAudit.audit_login(request, None) event = cfg.obj self.assertEqual(event.trace_id, trace_id)
def test_audit_logout_should_set_properties(self): with intercept_save(AccessAudit) as cfg: AccessAudit.audit_logout(make_request("/accounts/logout"), make_user()) event = cfg.obj self.assertEqual(event.user, "*****@*****.**") self.assertEqual(event.path, "/accounts/logout") self.assertEqual(event.domain, None) self.assertEqual(event.ip_address, "127.0.0.1") self.assertEqual(event.http_accept, "html") self.assertEqual(event.user_agent, "Mozilla") self.assertEqual(event.access_type, mod.ACCESS_LOGOUT) self.assertEqual(event.session_key, "abc") self.assertEqual(event.description, "Logout: [email protected]")
def test_audit_login_failed_should_set_properties(self): request = make_request("/a/block/login", session_key=None) with intercept_save(AccessAudit) as cfg: AccessAudit.audit_login_failed(request, "*****@*****.**") event = cfg.obj self.assertEqual(event.user, "*****@*****.**") self.assertEqual(event.path, "/a/block/login") self.assertEqual(event.domain, "block") self.assertEqual(event.ip_address, "127.0.0.1") self.assertEqual(event.http_accept, "html") self.assertEqual(event.user_agent, "Mozilla") self.assertEqual(event.access_type, mod.ACCESS_FAILED) self.assertEqual(event.session_key, None) self.assertEqual(event.description, "Login failed: [email protected]")
def test_audit_logout_anonymous_should_set_properties(self): with intercept_save(AccessAudit) as cfg: AccessAudit.audit_logout(make_request("/accounts/logout"), None) event = cfg.obj self.assertEqual(event.user, None) self.assertEqual(event.description, "Logout: ")
def get_events_from_couch(batch_start_key, start_key, end_key, batch_size, start_doc_id=None): navigation_objects = [] access_objects = [] records_returned = 0 next_start_key = None nav_couch_ids = [] access_couch_ids = [] other_doc_type_count = 0 processed_doc_id = start_doc_id couch_docs = _get_couch_docs(start_key, end_key, batch_size, start_doc_id) for result in couch_docs: next_start_key = result['key'] records_returned += 1 doc = result["doc"] kwargs = _pick(doc, ["user", "domain", "ip_address", "session_key", "status_code", "user_agent"]) kwargs.update({ "event_date": force_to_datetime(doc.get("event_date")), "couch_id": doc["_id"], }) processed_doc_id = doc["_id"] if doc["doc_type"] == "NavigationEventAudit": nav_couch_ids.append(doc['_id']) kwargs.update(_pick(doc, ["headers", "status_code", "view", "view_kwargs"])) # Postgres does not play well with control characters in strings # Some crafted URLs can contain these charachters, so replacing them with '' in request_path # https://stackoverflow.com/a/14946355/3537212 request_path = re.sub( r'[\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff]', lambda match: repr(match.group(0)), doc.get("request_path", "") ) path, _, params = request_path.partition("?") kwargs.update({ "path": path, "params": params, }) navigation_objects.append(NavigationEventAudit(**kwargs)) elif doc["doc_type"] == "AccessAudit": access_couch_ids.append(doc['_id']) kwargs.update(_pick(doc, ["http_accept", "trace_id"])) access_type = doc.get('access_type') kwargs.update({ "access_type": ACCESS_LOOKUP.get(doc.get("access_type")), "path": doc.get("path_info"), }) if access_type == "logout": kwargs.update({"path": "accounts/logout"}) access_objects.append(AccessAudit(**kwargs)) else: assert doc["doc_type"] in IGNORED_DOC_TYPES, doc other_doc_type_count += 1 res_obj = get_unsaved_events( navigation_objects, access_objects, nav_couch_ids, access_couch_ids, batch_start_key, end_key ) res_obj.update({ "break_query": records_returned < batch_size or not next_start_key, "next_start_key": next_start_key, "last_doc_id": processed_doc_id, "other_doc_type_count": other_doc_type_count }) return res_obj