def _send_audit_notification(action, initiator, outcome, target, event_type, **kwargs): """Send CADF notification to inform observers about the affected resource. This method logs an exception when sending the notification fails. :param action: CADF action being audited (e.g., 'authenticate') :param initiator: CADF resource representing the initiator :param outcome: The CADF outcome (taxonomy.OUTCOME_PENDING, taxonomy.OUTCOME_SUCCESS, taxonomy.OUTCOME_FAILURE) :param target: CADF resource representing the target :param event_type: An OpenStack-ism, typically this is the meter name that Ceilometer uses to poll events. :param kwargs: Any additional arguments passed in will be added as key-value pairs to the CADF event. """ if _check_notification_opt_out(event_type, outcome): return global _CATALOG_HELPER_OBJ if _CATALOG_HELPER_OBJ is None: _CATALOG_HELPER_OBJ = _CatalogHelperObj() service_list = _CATALOG_HELPER_OBJ.catalog_api.list_services() service_id = None for i in service_list: if i['type'] == SERVICE: service_id = i['id'] break event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=outcome, action=action, initiator=initiator, target=target, observer=resource.Resource(typeURI=taxonomy.SERVICE_SECURITY)) if service_id is not None: event.observer.id = service_id for key, value in kwargs.items(): setattr(event, key, value) context = {} payload = event.as_dict() notifier = _get_notifier() if notifier: try: notifier.info(context, event_type, payload) except Exception: # diaper defense: any exception that occurs while emitting the # notification should not interfere with the API request LOG.exception( _LE('Failed to send %(action)s %(event_type)s notification'), { 'action': action, 'event_type': event_type })
def notify_about_cluster_operation(context, action, outcome): """Send a notification about cluster operation. :param action: CADF action being audited :param outcome: CADF outcome """ notifier = rpc.get_notifier() event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=outcome, action=action, initiator=_get_request_audit_info(context), target=resource.Resource(typeURI='service/magnum/cluster'), observer=resource.Resource(typeURI='service/magnum/cluster')) service = 'magnum' event_type = '%(service)s.cluster.%(action)s' % { 'service': service, 'action': action} payload = event.as_dict() if outcome == taxonomy.OUTCOME_FAILURE: method = notifier.error else: method = notifier.info method(context, event_type, payload)
def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=req.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), name=req.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ.get('HTTP_X_AUTH_TOKEN', ''), identity_status=req.environ.get('HTTP_X_IDENTITY_STATUS', taxonomy.UNKNOWN)), project_id=req.environ.get('HTTP_X_PROJECT_ID', taxonomy.UNKNOWN)) target = self.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag(tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def _create_event(self, req): correlation_id = identifier.generate_uuid() action = self._cadf_audit.get_action(req) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=host.Host(address=req.client_addr, agent=req.user_agent), credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target = self._cadf_audit.get_target_resource(req) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) # cache model in request to allow tracking of transistive steps. req.environ['cadf_event'] = event return event
def _send_audit_notification(action, initiator, outcome, **kwargs): """Send CADF notification to inform observers about the affected resource. This method logs an exception when sending the notification fails. :param action: CADF action being audited (e.g., 'authenticate') :param initiator: CADF resource representing the initiator :param outcome: The CADF outcome (taxonomy.OUTCOME_PENDING, taxonomy.OUTCOME_SUCCESS, taxonomy.OUTCOME_FAILURE) """ event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=outcome, action=action, initiator=initiator, target=resource.Resource(typeURI=taxonomy.ACCOUNT_USER), observer=resource.Resource(typeURI=taxonomy.SERVICE_SECURITY)) for key, value in kwargs.items(): setattr(event, key, value) context = {} payload = event.as_dict() service = 'identity' event_type = '%(service)s.%(action)s' % { 'service': service, 'action': action } notifier = _get_notifier() if notifier: try: notifier.info(context, event_type, payload) except Exception: # diaper defense: any exception that occurs while emitting the # notification should not interfere with the API request LOG.exception( _LE('Failed to send %(action)s %(event_type)s notification'), { 'action': action, 'event_type': event_type })
def fake_audit(action, initiator, outcome, target, event_type, **kwargs): service_security = cadftaxonomy.SERVICE_SECURITY event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=outcome, action=action, initiator=initiator, target=target, observer=cadfresource.Resource(typeURI=service_security)) for key, value in kwargs.items(): setattr(event, key, value) audit = { 'payload': event.as_dict(), 'event_type': event_type, 'send_notification_called': True} self._audits.append(audit)
def fake_notify(action, initiator, outcome, target, event_type, **kwargs): service_security = cadftaxonomy.SERVICE_SECURITY event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=outcome, action=action, initiator=initiator, target=target, observer=cadfresource.Resource(typeURI=service_security)) for key, value in kwargs.items(): setattr(event, key, value) note = { 'action': action, 'initiator': initiator, 'event': event, 'send_notification_called': True } self._notifications.append(note)
def create_event(self, req, correlation_id): action = self._get_action(req) initiator_host = host.Host(address=req.client_addr, agent=req.user_agent) catalog = ast.literal_eval(req.environ['HTTP_X_SERVICE_CATALOG']) service_info = self.Service(type=taxonomy.UNKNOWN, name=taxonomy.UNKNOWN, id=taxonomy.UNKNOWN, admin_endp=None, private_endp=None, public_endp=None) default_endpoint = None for endp in catalog: admin_urlparse = urlparse.urlparse( endp['endpoints'][0]['adminURL']) public_urlparse = urlparse.urlparse( endp['endpoints'][0]['publicURL']) req_url = urlparse.urlparse(req.host_url) if (req_url.netloc == admin_urlparse.netloc or req_url.netloc == public_urlparse.netloc): service_info = self._get_service_info(endp) break elif (self._MAP.default_target_endpoint_type and endp['type'] == self._MAP.default_target_endpoint_type): default_endpoint = endp else: if default_endpoint: service_info = self._get_service_info(default_endpoint) initiator = ClientResource( typeURI=taxonomy.ACCOUNT_USER, id=identifier.norm_ns(str(req.environ['HTTP_X_USER_ID'])), name=req.environ['HTTP_X_USER_NAME'], host=initiator_host, credential=KeystoneCredential( token=req.environ['HTTP_X_AUTH_TOKEN'], identity_status=req.environ['HTTP_X_IDENTITY_STATUS']), project_id=identifier.norm_ns(req.environ['HTTP_X_PROJECT_ID'])) target_typeURI = (self._build_typeURI(req, service_info.type) if service_info.type != taxonomy.UNKNOWN else service_info.type) target = resource.Resource(typeURI=target_typeURI, id=service_info.id, name=service_info.name) if service_info.admin_endp: target.add_address(service_info.admin_endp) if service_info.private_endp: target.add_address(service_info.private_endp) if service_info.public_endp: target.add_address(service_info.public_endp) event = factory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=taxonomy.OUTCOME_PENDING, action=action, initiator=initiator, target=target, observer=resource.Resource(id='target')) event.requestPath = req.path_qs event.add_tag( tag.generate_name_value_tag('correlation_id', correlation_id)) return event
def _create_cadf_event(self, project, res_spec, res_id, res_parent_id, request, response, suffix): action, key = self._get_action_and_key(res_spec, res_id, request, suffix) if not action: return None project_id = request.environ.get('HTTP_X_PROJECT_ID') domain_id = request.environ.get('HTTP_X_DOMAIN_ID') initiator = OpenStackResource( project_id=project_id, domain_id=domain_id, typeURI=taxonomy.ACCOUNT_USER, id=request.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), name=request.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), domain=request.environ.get('HTTP_X_USER_DOMAIN_NAME', taxonomy.UNKNOWN), host=host.Host(address=request.client_addr, agent=request.user_agent)) action_result = None event_reason = None if response: if 200 <= response.status_int < 400: action_result = taxonomy.OUTCOME_SUCCESS else: action_result = taxonomy.OUTCOME_FAILURE event_reason = reason.Reason(reasonType='HTTP', reasonCode=str(response.status_int)) else: action_result = taxonomy.UNKNOWN target = None if res_id or res_parent_id: target = self._create_target_resource(project, res_spec, res_id, res_parent_id, key=key) else: target = self._create_target_resource(project, res_spec, None, self._service_id, key=key) target.name = self._service_name observer = self._create_observer_resource() event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=action_result, action=action, initiator=initiator, observer=observer, reason=event_reason, target=target) event.requestPath = request.path_qs # add reporter step again? # event.add_reporterstep( # reporterstep.Reporterstep( # role=cadftype.REPORTER_ROLE_MODIFIER, # reporter=resource.Resource(id='observer'), # reporterTime=timestamp.get_utc_now())) return event
def _create_cadf_event(self, project, res_spec, res_id, res_parent_id, request, response, suffix): action = self._get_action(res_spec, res_id, request, suffix) key = None if not action: # ignored unknown actions if suffix == 'action': return None # suffix must be a key key = suffix # determine action from method (never None) action = self._get_action(res_spec, res_id, request, None) action += action_suffix_map[action] project_id = request.environ.get('HTTP_X_PROJECT_ID') domain_id = request.environ.get('HTTP_X_DOMAIN_ID') initiator = OpenStackResource( project_id=project_id, domain_id=domain_id, typeURI=taxonomy.ACCOUNT_USER, id=request.environ.get('HTTP_X_USER_ID', taxonomy.UNKNOWN), name=request.environ.get('HTTP_X_USER_NAME', taxonomy.UNKNOWN), domain=request.environ.get('HTTP_X_USER_DOMAIN_NAME', taxonomy.UNKNOWN), host=host.Host(address=request.client_addr, agent=request.user_agent)) action_result = None event_reason = None if response: if 200 <= response.status_int < 400: action_result = taxonomy.OUTCOME_SUCCESS else: action_result = taxonomy.OUTCOME_FAILURE event_reason = reason.Reason(reasonType='HTTP', reasonCode=str(response.status_int)) else: action_result = taxonomy.UNKNOWN target = None if res_id or res_parent_id: target = self._create_target_resource(project, res_spec, res_id, res_parent_id, key=key) else: target = self._create_target_resource(project, res_spec, None, self._service_id, key=key) target.name = self._service_name observer = self._create_observer_resource(request) event = eventfactory.EventFactory().new_event( eventType=cadftype.EVENTTYPE_ACTIVITY, outcome=action_result, action=action, initiator=initiator, observer=observer, reason=event_reason, target=target) event.requestPath = request.path_qs # if key and request.method[0] == 'P' and self._payloads_enabled and \ res_spec.payloads['enabled']: req_pl = request.json # remove possible wrapper elements req_pl = req_pl.get(res_spec.el_type_name, req_pl) self._attach_payload(event, req_pl, res_spec) # TODO add reporter step again? # event.add_reporterstep( # reporterstep.Reporterstep( # role=cadftype.REPORTER_ROLE_MODIFIER, # reporter=resource.Resource(id='observer'), # reporterTime=timestamp.get_utc_now())) return event