forked from TrueCloudLab/frostfs-node
288 lines
11 KiB
Go
288 lines
11 KiB
Go
|
package control
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
"sync/atomic"
|
||
|
|
||
|
"git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit"
|
||
|
ctl "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control"
|
||
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger"
|
||
|
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
|
||
|
)
|
||
|
|
||
|
var _ ctl.ControlServiceServer = (*auditService)(nil)
|
||
|
|
||
|
type auditService struct {
|
||
|
next ctl.ControlServiceServer
|
||
|
log *logger.Logger
|
||
|
enabled *atomic.Bool
|
||
|
}
|
||
|
|
||
|
func NewAuditService(next ctl.ControlServiceServer, log *logger.Logger, enabled *atomic.Bool) ctl.ControlServiceServer {
|
||
|
return &auditService{
|
||
|
next: next,
|
||
|
log: log,
|
||
|
enabled: enabled,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// AddChainLocalOverride implements control.ControlServiceServer.
|
||
|
func (a *auditService) AddChainLocalOverride(ctx context.Context, req *ctl.AddChainLocalOverrideRequest) (*ctl.AddChainLocalOverrideResponse, error) {
|
||
|
res, err := a.next.AddChainLocalOverride(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_AddChainLocalOverride_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(),
|
||
|
req.GetBody().GetTarget().GetName(),
|
||
|
res.GetBody().GetChainId()),
|
||
|
err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// DetachShards implements control.ControlServiceServer.
|
||
|
func (a *auditService) DetachShards(ctx context.Context, req *ctl.DetachShardsRequest) (*ctl.DetachShardsResponse, error) {
|
||
|
res, err := a.next.DetachShards(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_DetachShards_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// Doctor implements control.ControlServiceServer.
|
||
|
func (a *auditService) Doctor(ctx context.Context, req *ctl.DoctorRequest) (*ctl.DoctorResponse, error) {
|
||
|
res, err := a.next.Doctor(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_Doctor_FullMethodName, req.GetSignature().GetKey(), nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// DropObjects implements control.ControlServiceServer.
|
||
|
func (a *auditService) DropObjects(ctx context.Context, req *ctl.DropObjectsRequest) (*ctl.DropObjectsResponse, error) {
|
||
|
res, err := a.next.DropObjects(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
var list []string
|
||
|
for _, v := range req.GetBody().GetAddressList() {
|
||
|
if len(v) == 0 {
|
||
|
list = append(list, audit.Empty)
|
||
|
continue
|
||
|
}
|
||
|
var a oid.Address
|
||
|
if e := a.DecodeString(string(v)); e != nil {
|
||
|
list = append(list, audit.InvalidValue)
|
||
|
} else {
|
||
|
list = append(list, a.EncodeToString())
|
||
|
}
|
||
|
}
|
||
|
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_DropObjects_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromStringSlice(list), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// EvacuateShard implements control.ControlServiceServer.
|
||
|
func (a *auditService) EvacuateShard(ctx context.Context, req *ctl.EvacuateShardRequest) (*ctl.EvacuateShardResponse, error) {
|
||
|
res, err := a.next.EvacuateShard(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_EvacuateShard_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// FlushCache implements control.ControlServiceServer.
|
||
|
func (a *auditService) FlushCache(ctx context.Context, req *ctl.FlushCacheRequest) (*ctl.FlushCacheResponse, error) {
|
||
|
res, err := a.next.FlushCache(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_FlushCache_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// GetChainLocalOverride implements control.ControlServiceServer.
|
||
|
func (a *auditService) GetChainLocalOverride(ctx context.Context, req *ctl.GetChainLocalOverrideRequest) (*ctl.GetChainLocalOverrideResponse, error) {
|
||
|
res, err := a.next.GetChainLocalOverride(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_GetChainLocalOverride_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromChainID(
|
||
|
req.GetBody().GetTarget().GetType().String(),
|
||
|
req.GetBody().GetTarget().GetName(),
|
||
|
req.GetBody().GetChainId()),
|
||
|
err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// GetShardEvacuationStatus implements control.ControlServiceServer.
|
||
|
func (a *auditService) GetShardEvacuationStatus(ctx context.Context, req *ctl.GetShardEvacuationStatusRequest) (*ctl.GetShardEvacuationStatusResponse, error) {
|
||
|
res, err := a.next.GetShardEvacuationStatus(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_GetShardEvacuationStatus_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// HealthCheck implements control.ControlServiceServer.
|
||
|
func (a *auditService) HealthCheck(ctx context.Context, req *ctl.HealthCheckRequest) (*ctl.HealthCheckResponse, error) {
|
||
|
res, err := a.next.HealthCheck(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_HealthCheck_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// ListChainLocalOverrides implements control.ControlServiceServer.
|
||
|
func (a *auditService) ListChainLocalOverrides(ctx context.Context, req *ctl.ListChainLocalOverridesRequest) (*ctl.ListChainLocalOverridesResponse, error) {
|
||
|
res, err := a.next.ListChainLocalOverrides(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_ListChainLocalOverrides_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(),
|
||
|
req.GetBody().GetTarget().GetName(),
|
||
|
nil),
|
||
|
err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// ListShards implements control.ControlServiceServer.
|
||
|
func (a *auditService) ListShards(ctx context.Context, req *ctl.ListShardsRequest) (*ctl.ListShardsResponse, error) {
|
||
|
res, err := a.next.ListShards(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_ListShards_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// ListTargetsLocalOverrides implements control.ControlServiceServer.
|
||
|
func (a *auditService) ListTargetsLocalOverrides(ctx context.Context, req *ctl.ListTargetsLocalOverridesRequest) (*ctl.ListTargetsLocalOverridesResponse, error) {
|
||
|
res, err := a.next.ListTargetsLocalOverrides(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_ListTargetsLocalOverrides_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromString(req.GetBody().GetChainName()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// RemoveChainLocalOverride implements control.ControlServiceServer.
|
||
|
func (a *auditService) RemoveChainLocalOverride(ctx context.Context, req *ctl.RemoveChainLocalOverrideRequest) (*ctl.RemoveChainLocalOverrideResponse, error) {
|
||
|
res, err := a.next.RemoveChainLocalOverride(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_RemoveChainLocalOverride_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(),
|
||
|
req.GetBody().GetTarget().GetName(),
|
||
|
req.GetBody().GetChainId()),
|
||
|
err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// RemoveChainLocalOverridesByTarget implements control.ControlServiceServer.
|
||
|
func (a *auditService) RemoveChainLocalOverridesByTarget(ctx context.Context, req *ctl.RemoveChainLocalOverridesByTargetRequest) (*ctl.RemoveChainLocalOverridesByTargetResponse, error) {
|
||
|
res, err := a.next.RemoveChainLocalOverridesByTarget(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_RemoveChainLocalOverridesByTarget_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(),
|
||
|
req.GetBody().GetTarget().GetName(),
|
||
|
nil),
|
||
|
err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// ResetShardEvacuationStatus implements control.ControlServiceServer.
|
||
|
func (a *auditService) ResetShardEvacuationStatus(ctx context.Context, req *ctl.ResetShardEvacuationStatusRequest) (*ctl.ResetShardEvacuationStatusResponse, error) {
|
||
|
res, err := a.next.ResetShardEvacuationStatus(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_ResetShardEvacuationStatus_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// SealWriteCache implements control.ControlServiceServer.
|
||
|
func (a *auditService) SealWriteCache(ctx context.Context, req *ctl.SealWriteCacheRequest) (*ctl.SealWriteCacheResponse, error) {
|
||
|
res, err := a.next.SealWriteCache(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_SealWriteCache_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// SetNetmapStatus implements control.ControlServiceServer.
|
||
|
func (a *auditService) SetNetmapStatus(ctx context.Context, req *ctl.SetNetmapStatusRequest) (*ctl.SetNetmapStatusResponse, error) {
|
||
|
res, err := a.next.SetNetmapStatus(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_SetNetmapStatus_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// SetShardMode implements control.ControlServiceServer.
|
||
|
func (a *auditService) SetShardMode(ctx context.Context, req *ctl.SetShardModeRequest) (*ctl.SetShardModeResponse, error) {
|
||
|
res, err := a.next.SetShardMode(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_SetShardMode_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// StartShardEvacuation implements control.ControlServiceServer.
|
||
|
func (a *auditService) StartShardEvacuation(ctx context.Context, req *ctl.StartShardEvacuationRequest) (*ctl.StartShardEvacuationResponse, error) {
|
||
|
res, err := a.next.StartShardEvacuation(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_StartShardEvacuation_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// StopShardEvacuation implements control.ControlServiceServer.
|
||
|
func (a *auditService) StopShardEvacuation(ctx context.Context, req *ctl.StopShardEvacuationRequest) (*ctl.StopShardEvacuationResponse, error) {
|
||
|
res, err := a.next.StopShardEvacuation(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_StopShardEvacuation_FullMethodName, req.GetSignature().GetKey(),
|
||
|
nil, err == nil)
|
||
|
return res, err
|
||
|
}
|
||
|
|
||
|
// SynchronizeTree implements control.ControlServiceServer.
|
||
|
func (a *auditService) SynchronizeTree(ctx context.Context, req *ctl.SynchronizeTreeRequest) (*ctl.SynchronizeTreeResponse, error) {
|
||
|
res, err := a.next.SynchronizeTree(ctx, req)
|
||
|
if !a.enabled.Load() {
|
||
|
return res, err
|
||
|
}
|
||
|
audit.LogRequestWithKey(a.log, ctl.ControlService_SynchronizeTree_FullMethodName, req.GetSignature().GetKey(),
|
||
|
audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil)
|
||
|
return res, err
|
||
|
}
|