frostfs-node/pkg/services/container/audit.go

87 lines
2.7 KiB
Go
Raw Normal View History

package container
import (
"context"
"sync/atomic"
"git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit"
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
container_grpc "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container/grpc"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
)
var _ Server = (*auditService)(nil)
type auditService struct {
next Server
log *logger.Logger
enabled *atomic.Bool
}
func NewAuditService(next Server, log *logger.Logger, enabled *atomic.Bool) Server {
return &auditService{
next: next,
log: log,
enabled: enabled,
}
}
// Delete implements Server.
func (a *auditService) Delete(ctx context.Context, req *container.DeleteRequest) (*container.DeleteResponse, error) {
res, err := a.next.Delete(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequest(ctx, a.log, container_grpc.ContainerService_Delete_FullMethodName, req,
audit.TargetFromRef(req.GetBody().GetContainerID(), &cid.ID{}), err == nil)
return res, err
}
// Get implements Server.
func (a *auditService) Get(ctx context.Context, req *container.GetRequest) (*container.GetResponse, error) {
res, err := a.next.Get(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequest(ctx, a.log, container_grpc.ContainerService_Get_FullMethodName, req,
audit.TargetFromRef(req.GetBody().GetContainerID(), &cid.ID{}), err == nil)
return res, err
}
// List implements Server.
func (a *auditService) List(ctx context.Context, req *container.ListRequest) (*container.ListResponse, error) {
res, err := a.next.List(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequest(ctx, a.log, container_grpc.ContainerService_List_FullMethodName, req,
audit.TargetFromRef(req.GetBody().GetOwnerID(), &user.ID{}), err == nil)
return res, err
}
// ListStream implements Server.
func (a *auditService) ListStream(req *container.ListStreamRequest, stream ListStream) error {
err := a.next.ListStream(req, stream)
if !a.enabled.Load() {
return err
}
audit.LogRequest(stream.Context(), a.log, container_grpc.ContainerService_ListStream_FullMethodName, req,
audit.TargetFromRef(req.GetBody().GetOwnerID(), &user.ID{}), err == nil)
return err
}
// Put implements Server.
func (a *auditService) Put(ctx context.Context, req *container.PutRequest) (*container.PutResponse, error) {
res, err := a.next.Put(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequest(ctx, a.log, container_grpc.ContainerService_Put_FullMethodName, req,
audit.TargetFromRef(res.GetBody().GetContainerID(), &cid.ID{}), err == nil)
return res, err
}