Evgenii Stratonikov
32ec421ac7
All checks were successful
DCO action / DCO (pull_request) Successful in 1m24s
Vulncheck / Vulncheck (pull_request) Successful in 1m26s
Build / Build Components (1.21) (pull_request) Successful in 2m17s
Build / Build Components (1.22) (pull_request) Successful in 2m9s
Tests and linters / Staticcheck (pull_request) Successful in 3m1s
Tests and linters / gopls check (pull_request) Successful in 3m29s
Tests and linters / Lint (pull_request) Successful in 4m16s
Pre-commit hooks / Pre-commit (pull_request) Successful in 5m27s
Tests and linters / Tests with -race (pull_request) Successful in 7m5s
Tests and linters / Tests (1.21) (pull_request) Successful in 8m1s
Tests and linters / Tests (1.22) (pull_request) Successful in 8m2s
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
86 lines
2.7 KiB
Go
86 lines
2.7 KiB
Go
package container
|
|
|
|
import (
|
|
"context"
|
|
"sync/atomic"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
|
|
container_grpc "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container/grpc"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
|
|
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
|
)
|
|
|
|
var _ Server = (*auditService)(nil)
|
|
|
|
type auditService struct {
|
|
next Server
|
|
log *logger.Logger
|
|
enabled *atomic.Bool
|
|
}
|
|
|
|
func NewAuditService(next Server, log *logger.Logger, enabled *atomic.Bool) Server {
|
|
return &auditService{
|
|
next: next,
|
|
log: log,
|
|
enabled: enabled,
|
|
}
|
|
}
|
|
|
|
// Delete implements Server.
|
|
func (a *auditService) Delete(ctx context.Context, req *container.DeleteRequest) (*container.DeleteResponse, error) {
|
|
res, err := a.next.Delete(ctx, req)
|
|
if !a.enabled.Load() {
|
|
return res, err
|
|
}
|
|
|
|
audit.LogRequest(a.log, container_grpc.ContainerService_Delete_FullMethodName, req,
|
|
audit.TargetFromRef(req.GetBody().GetContainerID(), &cid.ID{}), err == nil)
|
|
|
|
return res, err
|
|
}
|
|
|
|
// Get implements Server.
|
|
func (a *auditService) Get(ctx context.Context, req *container.GetRequest) (*container.GetResponse, error) {
|
|
res, err := a.next.Get(ctx, req)
|
|
if !a.enabled.Load() {
|
|
return res, err
|
|
}
|
|
audit.LogRequest(a.log, container_grpc.ContainerService_Get_FullMethodName, req,
|
|
audit.TargetFromRef(req.GetBody().GetContainerID(), &cid.ID{}), err == nil)
|
|
return res, err
|
|
}
|
|
|
|
// GetExtendedACL implements Server.
|
|
func (a *auditService) GetExtendedACL(ctx context.Context, req *container.GetExtendedACLRequest) (*container.GetExtendedACLResponse, error) {
|
|
res, err := a.next.GetExtendedACL(ctx, req)
|
|
if !a.enabled.Load() {
|
|
return res, err
|
|
}
|
|
audit.LogRequest(a.log, container_grpc.ContainerService_GetExtendedACL_FullMethodName, req,
|
|
audit.TargetFromRef(req.GetBody().GetContainerID(), &cid.ID{}), err == nil)
|
|
return res, err
|
|
}
|
|
|
|
// List implements Server.
|
|
func (a *auditService) List(ctx context.Context, req *container.ListRequest) (*container.ListResponse, error) {
|
|
res, err := a.next.List(ctx, req)
|
|
if !a.enabled.Load() {
|
|
return res, err
|
|
}
|
|
audit.LogRequest(a.log, container_grpc.ContainerService_List_FullMethodName, req,
|
|
audit.TargetFromRef(req.GetBody().GetOwnerID(), &user.ID{}), err == nil)
|
|
return res, err
|
|
}
|
|
|
|
// Put implements Server.
|
|
func (a *auditService) Put(ctx context.Context, req *container.PutRequest) (*container.PutResponse, error) {
|
|
res, err := a.next.Put(ctx, req)
|
|
if !a.enabled.Load() {
|
|
return res, err
|
|
}
|
|
audit.LogRequest(a.log, container_grpc.ContainerService_Put_FullMethodName, req,
|
|
audit.TargetFromRef(res.GetBody().GetContainerID(), &cid.ID{}), err == nil)
|
|
return res, err
|
|
}
|