TrueCloudLab/frostfs-node
18
1
Fork 27
Code Issues 90 Pull requests 12 Projects Releases 1 Activity Actions
frostfs-node/pkg/services/control/ir/server/audit.go
Dmitrii Stepanov fd28461def
All checks were successful
Vulncheck / Vulncheck (pull_request) Successful in 3m14s
Details
DCO action / DCO (pull_request) Successful in 3m46s
Details
Build / Build Components (1.21) (pull_request) Successful in 4m20s
Details
Build / Build Components (1.22) (pull_request) Successful in 4m21s
Details
Tests and linters / gopls check (pull_request) Successful in 4m45s
Details
Tests and linters / Lint (pull_request) Successful in 5m16s
Details
Tests and linters / Staticcheck (pull_request) Successful in 6m24s
Details
Pre-commit hooks / Pre-commit (pull_request) Successful in 8m54s
Details
Tests and linters / Tests (1.21) (pull_request) Successful in 10m57s
Details
Tests and linters / Tests with -race (pull_request) Successful in 10m52s
Details
Tests and linters / Tests (1.22) (pull_request) Successful in 11m20s
Details
[#1184] ir: Add grpc middleware for control service 
Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
2024-06-19 16:05:53 +03:00

108 lines
3.3 KiB
Go
Raw Permalink Blame History

package control
import (
"context"
"encoding/hex"
"strings"
"sync/atomic"
"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
"git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit"
control "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control/ir"
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
)
var _ control.ControlServiceServer = (*auditService)(nil)
type auditService struct {
next *Server
log *logger.Logger
enabled *atomic.Bool
}
func NewAuditService(next *Server, log *logger.Logger, enabled *atomic.Bool) control.ControlServiceServer {
return &auditService{
next: next,
log: log,
enabled: enabled,
}
}
// HealthCheck implements control.ControlServiceServer.
func (a *auditService) HealthCheck(ctx context.Context, req *control.HealthCheckRequest) (*control.HealthCheckResponse, error) {
res, err := a.next.HealthCheck(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequestWithKey(a.log, control.ControlService_HealthCheck_FullMethodName, req.GetSignature().GetKey(), nil, err == nil)
return res, err
}
// RemoveContainer implements control.ControlServiceServer.
func (a *auditService) RemoveContainer(ctx context.Context, req *control.RemoveContainerRequest) (*control.RemoveContainerResponse, error) {
res, err := a.next.RemoveContainer(ctx, req)
if !a.enabled.Load() {
return res, err
}
sb := &strings.Builder{}
var withConatiner bool
if len(req.GetBody().GetContainerId()) > 0 {
withConatiner = true
sb.WriteString("containerID:")
var containerID cid.ID
if err := containerID.Decode(req.GetBody().GetContainerId()); err != nil {
sb.WriteString(audit.InvalidValue)
} else {
sb.WriteString(containerID.EncodeToString())
}
}
if len(req.GetBody().GetOwner()) > 0 {
if withConatiner {
sb.WriteString(";")
}
sb.WriteString("owner:")
var ownerID refs.OwnerID
if err := ownerID.Unmarshal(req.GetBody().GetOwner()); err != nil {
sb.WriteString(audit.InvalidValue)
} else {
var owner user.ID
if err := owner.ReadFromV2(ownerID); err != nil {
sb.WriteString(audit.InvalidValue)
} else {
sb.WriteString(owner.EncodeToString())
}
}
}
audit.LogRequestWithKey(a.log, control.ControlService_RemoveContainer_FullMethodName, req.GetSignature().GetKey(), sb, err == nil)
return res, err
}
// RemoveNode implements control.ControlServiceServer.
func (a *auditService) RemoveNode(ctx context.Context, req *control.RemoveNodeRequest) (*control.RemoveNodeResponse, error) {
res, err := a.next.RemoveNode(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequestWithKey(a.log, control.ControlService_RemoveNode_FullMethodName, req.GetSignature().GetKey(),
audit.TargetFromString(hex.EncodeToString(req.GetBody().GetKey())), err == nil)
return res, err
}
// TickEpoch implements control.ControlServiceServer.
func (a *auditService) TickEpoch(ctx context.Context, req *control.TickEpochRequest) (*control.TickEpochResponse, error) {
res, err := a.next.TickEpoch(ctx, req)
if !a.enabled.Load() {
return res, err
}
audit.LogRequestWithKey(a.log, control.ControlService_TickEpoch_FullMethodName, req.GetSignature().GetKey(),
nil, err == nil)
return res, err
}
Reference in a new issue View git blame Copy permalink