From 4f7d76c9eff284cb8f3aa432999a808e515f8011 Mon Sep 17 00:00:00 2001 From: Dmitrii Stepanov Date: Wed, 26 Jun 2024 12:37:20 +0300 Subject: [PATCH] [#1206] audit: Drop not required events Signed-off-by: Dmitrii Stepanov --- cmd/frostfs-node/accounting.go | 15 +- cmd/frostfs-node/control.go | 5 +- cmd/frostfs-node/netmap.go | 28 +-- cmd/frostfs-node/session.go | 5 +- cmd/frostfs-node/tree.go | 2 +- internal/audit/target.go | 56 ----- pkg/services/accounting/audit.go | 42 ---- pkg/services/control/server/audit.go | 298 --------------------------- pkg/services/netmap/audit.go | 60 ------ pkg/services/session/audit.go | 39 ---- pkg/services/tree/audit.go | 135 ------------ 11 files changed, 26 insertions(+), 659 deletions(-) delete mode 100644 pkg/services/accounting/audit.go delete mode 100644 pkg/services/control/server/audit.go delete mode 100644 pkg/services/netmap/audit.go delete mode 100644 pkg/services/session/audit.go delete mode 100644 pkg/services/tree/audit.go diff --git a/cmd/frostfs-node/accounting.go b/cmd/frostfs-node/accounting.go index f0e2abf3..ec737f8a 100644 --- a/cmd/frostfs-node/accounting.go +++ b/cmd/frostfs-node/accounting.go @@ -20,16 +20,15 @@ func initAccountingService(ctx context.Context, c *cfg) { balanceMorphWrapper, err := balance.NewFromMorph(c.cfgMorph.client, c.cfgAccounting.scriptHash, 0) fatalOnErr(err) - service := accountingService.NewSignService( - &c.key.PrivateKey, - accountingService.NewExecutionService( - accounting.NewExecutor(balanceMorphWrapper), - c.respSvc, + server := accountingTransportGRPC.New( + accountingService.NewSignService( + &c.key.PrivateKey, + accountingService.NewExecutionService( + accounting.NewExecutor(balanceMorphWrapper), + c.respSvc, + ), ), ) - service = accountingService.NewAuditService(service, c.log, c.audit) - - server := accountingTransportGRPC.New(service) c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) { accountingGRPC.RegisterAccountingServiceServer(s, server) diff --git a/cmd/frostfs-node/control.go b/cmd/frostfs-node/control.go index 8ee1ab69..e1e6e3ac 100644 --- a/cmd/frostfs-node/control.go +++ b/cmd/frostfs-node/control.go @@ -30,8 +30,8 @@ func initControlService(c *cfg) { for i := range pubs { rawPubs = append(rawPubs, pubs[i].Bytes()) } - var ctlSvc control.ControlServiceServer - ctlSvc = controlSvc.New( + + ctlSvc := controlSvc.New( controlSvc.WithKey(&c.key.PrivateKey), controlSvc.WithAuthorizedKeys(rawPubs), controlSvc.WithHealthChecker(c), @@ -43,7 +43,6 @@ func initControlService(c *cfg) { controlSvc.WithTreeService(c.treeService), controlSvc.WithLocalOverrideStorage(c.cfgObject.cfgAccessPolicyEngine.accessPolicyEngine), ) - ctlSvc = controlSvc.NewAuditService(ctlSvc, c.log, c.audit) lis, err := net.Listen("tcp", endpoint) if err != nil { diff --git a/cmd/frostfs-node/netmap.go b/cmd/frostfs-node/netmap.go index d2c0af52..128cc300 100644 --- a/cmd/frostfs-node/netmap.go +++ b/cmd/frostfs-node/netmap.go @@ -147,22 +147,22 @@ func initNetmapService(ctx context.Context, c *cfg) { initNetmapState(c) - svc := netmapService.NewSignService( - &c.key.PrivateKey, - netmapService.NewExecutionService( - c, - c.apiVersion, - &netInfo{ - netState: c.cfgNetmap.state, - magic: c.cfgMorph.client, - morphClientNetMap: c.cfgNetmap.wrapper, - msPerBlockRdr: c.cfgMorph.client.MsPerBlock, - }, - c.respSvc, + server := netmapTransportGRPC.New( + netmapService.NewSignService( + &c.key.PrivateKey, + netmapService.NewExecutionService( + c, + c.apiVersion, + &netInfo{ + netState: c.cfgNetmap.state, + magic: c.cfgMorph.client, + morphClientNetMap: c.cfgNetmap.wrapper, + msPerBlockRdr: c.cfgMorph.client.MsPerBlock, + }, + c.respSvc, + ), ), ) - svc = netmapService.NewAuditService(svc, c.log, c.audit) - server := netmapTransportGRPC.New(svc) c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) { netmapGRPC.RegisterNetmapServiceServer(s, server) diff --git a/cmd/frostfs-node/session.go b/cmd/frostfs-node/session.go index d286fc63..ee21ec23 100644 --- a/cmd/frostfs-node/session.go +++ b/cmd/frostfs-node/session.go @@ -52,13 +52,12 @@ func initSessionService(c *cfg) { c.privateTokenStore.RemoveOld(ev.(netmap.NewEpoch).EpochNumber()) }) - svc := sessionSvc.NewAuditService( + server := sessionTransportGRPC.New( sessionSvc.NewSignService( &c.key.PrivateKey, sessionSvc.NewExecutionService(c.privateTokenStore, c.respSvc, c.log), ), - c.log, c.audit) - server := sessionTransportGRPC.New(svc) + ) c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) { sessionGRPC.RegisterSessionServiceServer(s, server) diff --git a/cmd/frostfs-node/tree.go b/cmd/frostfs-node/tree.go index 9f5c89ef..daaaa64a 100644 --- a/cmd/frostfs-node/tree.go +++ b/cmd/frostfs-node/tree.go @@ -70,7 +70,7 @@ func initTreeService(c *cfg) { ) c.cfgGRPC.performAndSave(func(_ string, _ net.Listener, s *grpc.Server) { - tree.RegisterTreeServiceServer(s, tree.NewAuditService(c.treeService, c.log, c.audit)) + tree.RegisterTreeServiceServer(s, c.treeService) }) c.workers = append(c.workers, newWorkerFromFunc(func(ctx context.Context) { diff --git a/internal/audit/target.go b/internal/audit/target.go index 1d760eca..8bc87ee8 100644 --- a/internal/audit/target.go +++ b/internal/audit/target.go @@ -6,7 +6,6 @@ import ( "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs" cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id" oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" - "github.com/mr-tron/base58" ) type ModelType[T any] interface { @@ -61,24 +60,6 @@ func TargetFromString(s string) Target { return stringTarget{s: s} } -func TargetFromStringSlice(s []string) Target { - if len(s) == 0 { - return stringTarget{s: NotDefined} - } - sb := &strings.Builder{} - for i, v := range s { - if i > 0 { - sb.WriteString(";") - } - if len(v) == 0 { - sb.WriteString(Empty) - } else { - sb.WriteString(v) - } - } - return sb -} - func TargetFromChainID(chainTargetType, chainTargetName string, chainID []byte) Target { if len(chainTargetType) == 0 && len(chainTargetName) == 0 && len(chainID) == 0 { return stringTarget{s: NotDefined} @@ -96,43 +77,6 @@ func TargetFromChainID(chainTargetType, chainTargetName string, chainID []byte) return stringTarget{s: t + ":" + n + ":" + c} } -func TargetFromShardIDs(v [][]byte) Target { - if len(v) == 0 { - return stringTarget{s: NotDefined} - } - sb := &strings.Builder{} - for i, s := range v { - if i > 0 { - sb.WriteString(";") - } - if len(s) == 0 { - sb.WriteString(Empty) - } else { - sb.WriteString(base58.Encode(s)) - } - } - return sb -} - -func TargetFromTreeID(containerID []byte, treeID string) Target { - if len(containerID) == 0 && len(treeID) == 0 { - return stringTarget{s: NotDefined} - } - c, t := Empty, Empty - if len(containerID) > 0 { - var cnr cid.ID - if err := cnr.Decode(containerID); err != nil { - c = InvalidValue - } else { - c = cnr.EncodeToString() - } - } - if len(treeID) > 0 { - t = treeID - } - return stringTarget{s: c + ":" + t} -} - func TargetFromContainerIDObjectID(containerID *refs.ContainerID, objectID *refs.ObjectID) Target { if containerID == nil && objectID == nil { return stringTarget{s: NotDefined} diff --git a/pkg/services/accounting/audit.go b/pkg/services/accounting/audit.go deleted file mode 100644 index 1d8f8836..00000000 --- a/pkg/services/accounting/audit.go +++ /dev/null @@ -1,42 +0,0 @@ -package accounting - -import ( - "context" - "sync/atomic" - - "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/accounting" - acc_grpc "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/accounting/grpc" - "git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit" - "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger" - "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" -) - -var _ Server = (*auditService)(nil) - -type auditService struct { - next Server - log *logger.Logger - enabled *atomic.Bool -} - -func NewAuditService(next Server, log *logger.Logger, enabled *atomic.Bool) Server { - return &auditService{ - next: next, - log: log, - enabled: enabled, - } -} - -// Balance implements Server. -func (l *auditService) Balance(ctx context.Context, req *accounting.BalanceRequest) (*accounting.BalanceResponse, error) { - res, err := l.next.Balance(ctx, req) - - if !l.enabled.Load() { - return res, err - } - - audit.LogRequest(l.log, acc_grpc.AccountingService_Balance_FullMethodName, req, - audit.TargetFromRef(req.GetBody().GetOwnerID(), &user.ID{}), err == nil) - - return res, err -} diff --git a/pkg/services/control/server/audit.go b/pkg/services/control/server/audit.go deleted file mode 100644 index 6443ea37..00000000 --- a/pkg/services/control/server/audit.go +++ /dev/null @@ -1,298 +0,0 @@ -package control - -import ( - "context" - "sync/atomic" - - "git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit" - ctl "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/control" - "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger" - oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id" -) - -var _ ctl.ControlServiceServer = (*auditService)(nil) - -type auditService struct { - next ctl.ControlServiceServer - log *logger.Logger - enabled *atomic.Bool -} - -func NewAuditService(next ctl.ControlServiceServer, log *logger.Logger, enabled *atomic.Bool) ctl.ControlServiceServer { - return &auditService{ - next: next, - log: log, - enabled: enabled, - } -} - -// AddChainLocalOverride implements control.ControlServiceServer. -func (a *auditService) AddChainLocalOverride(ctx context.Context, req *ctl.AddChainLocalOverrideRequest) (*ctl.AddChainLocalOverrideResponse, error) { - res, err := a.next.AddChainLocalOverride(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_AddChainLocalOverride_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(), - req.GetBody().GetTarget().GetName(), - res.GetBody().GetChainId()), - err == nil) - return res, err -} - -// DetachShards implements control.ControlServiceServer. -func (a *auditService) DetachShards(ctx context.Context, req *ctl.DetachShardsRequest) (*ctl.DetachShardsResponse, error) { - res, err := a.next.DetachShards(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_DetachShards_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// Doctor implements control.ControlServiceServer. -func (a *auditService) Doctor(ctx context.Context, req *ctl.DoctorRequest) (*ctl.DoctorResponse, error) { - res, err := a.next.Doctor(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_Doctor_FullMethodName, req.GetSignature().GetKey(), nil, err == nil) - return res, err -} - -// DropObjects implements control.ControlServiceServer. -func (a *auditService) DropObjects(ctx context.Context, req *ctl.DropObjectsRequest) (*ctl.DropObjectsResponse, error) { - res, err := a.next.DropObjects(ctx, req) - if !a.enabled.Load() { - return res, err - } - var list []string - for _, v := range req.GetBody().GetAddressList() { - if len(v) == 0 { - list = append(list, audit.Empty) - continue - } - var a oid.Address - if e := a.DecodeString(string(v)); e != nil { - list = append(list, audit.InvalidValue) - } else { - list = append(list, a.EncodeToString()) - } - } - - audit.LogRequestWithKey(a.log, ctl.ControlService_DropObjects_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromStringSlice(list), err == nil) - return res, err -} - -// EvacuateShard implements control.ControlServiceServer. -func (a *auditService) EvacuateShard(ctx context.Context, req *ctl.EvacuateShardRequest) (*ctl.EvacuateShardResponse, error) { - res, err := a.next.EvacuateShard(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_EvacuateShard_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// FlushCache implements control.ControlServiceServer. -func (a *auditService) FlushCache(ctx context.Context, req *ctl.FlushCacheRequest) (*ctl.FlushCacheResponse, error) { - res, err := a.next.FlushCache(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_FlushCache_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// GetChainLocalOverride implements control.ControlServiceServer. -func (a *auditService) GetChainLocalOverride(ctx context.Context, req *ctl.GetChainLocalOverrideRequest) (*ctl.GetChainLocalOverrideResponse, error) { - res, err := a.next.GetChainLocalOverride(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_GetChainLocalOverride_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromChainID( - req.GetBody().GetTarget().GetType().String(), - req.GetBody().GetTarget().GetName(), - req.GetBody().GetChainId()), - err == nil) - return res, err -} - -// GetShardEvacuationStatus implements control.ControlServiceServer. -func (a *auditService) GetShardEvacuationStatus(ctx context.Context, req *ctl.GetShardEvacuationStatusRequest) (*ctl.GetShardEvacuationStatusResponse, error) { - res, err := a.next.GetShardEvacuationStatus(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_GetShardEvacuationStatus_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// HealthCheck implements control.ControlServiceServer. -func (a *auditService) HealthCheck(ctx context.Context, req *ctl.HealthCheckRequest) (*ctl.HealthCheckResponse, error) { - res, err := a.next.HealthCheck(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_HealthCheck_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// ListChainLocalOverrides implements control.ControlServiceServer. -func (a *auditService) ListChainLocalOverrides(ctx context.Context, req *ctl.ListChainLocalOverridesRequest) (*ctl.ListChainLocalOverridesResponse, error) { - res, err := a.next.ListChainLocalOverrides(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_ListChainLocalOverrides_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(), - req.GetBody().GetTarget().GetName(), - nil), - err == nil) - return res, err -} - -// ListShards implements control.ControlServiceServer. -func (a *auditService) ListShards(ctx context.Context, req *ctl.ListShardsRequest) (*ctl.ListShardsResponse, error) { - res, err := a.next.ListShards(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_ListShards_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// ListTargetsLocalOverrides implements control.ControlServiceServer. -func (a *auditService) ListTargetsLocalOverrides(ctx context.Context, req *ctl.ListTargetsLocalOverridesRequest) (*ctl.ListTargetsLocalOverridesResponse, error) { - res, err := a.next.ListTargetsLocalOverrides(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_ListTargetsLocalOverrides_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromString(req.GetBody().GetChainName()), err == nil) - return res, err -} - -// RemoveChainLocalOverride implements control.ControlServiceServer. -func (a *auditService) RemoveChainLocalOverride(ctx context.Context, req *ctl.RemoveChainLocalOverrideRequest) (*ctl.RemoveChainLocalOverrideResponse, error) { - res, err := a.next.RemoveChainLocalOverride(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_RemoveChainLocalOverride_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(), - req.GetBody().GetTarget().GetName(), - req.GetBody().GetChainId()), - err == nil) - return res, err -} - -// RemoveChainLocalOverridesByTarget implements control.ControlServiceServer. -func (a *auditService) RemoveChainLocalOverridesByTarget(ctx context.Context, req *ctl.RemoveChainLocalOverridesByTargetRequest) (*ctl.RemoveChainLocalOverridesByTargetResponse, error) { - res, err := a.next.RemoveChainLocalOverridesByTarget(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_RemoveChainLocalOverridesByTarget_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromChainID(req.GetBody().GetTarget().GetType().String(), - req.GetBody().GetTarget().GetName(), - nil), - err == nil) - return res, err -} - -// ResetShardEvacuationStatus implements control.ControlServiceServer. -func (a *auditService) ResetShardEvacuationStatus(ctx context.Context, req *ctl.ResetShardEvacuationStatusRequest) (*ctl.ResetShardEvacuationStatusResponse, error) { - res, err := a.next.ResetShardEvacuationStatus(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_ResetShardEvacuationStatus_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// SealWriteCache implements control.ControlServiceServer. -func (a *auditService) SealWriteCache(ctx context.Context, req *ctl.SealWriteCacheRequest) (*ctl.SealWriteCacheResponse, error) { - res, err := a.next.SealWriteCache(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_SealWriteCache_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// SetNetmapStatus implements control.ControlServiceServer. -func (a *auditService) SetNetmapStatus(ctx context.Context, req *ctl.SetNetmapStatusRequest) (*ctl.SetNetmapStatusResponse, error) { - res, err := a.next.SetNetmapStatus(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_SetNetmapStatus_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// GetNetmapStatus implements control.ControlServiceServer. -func (a *auditService) GetNetmapStatus(ctx context.Context, req *ctl.GetNetmapStatusRequest) (*ctl.GetNetmapStatusResponse, error) { - res, err := a.next.GetNetmapStatus(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_GetNetmapStatus_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// SetShardMode implements control.ControlServiceServer. -func (a *auditService) SetShardMode(ctx context.Context, req *ctl.SetShardModeRequest) (*ctl.SetShardModeResponse, error) { - res, err := a.next.SetShardMode(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_SetShardMode_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// StartShardEvacuation implements control.ControlServiceServer. -func (a *auditService) StartShardEvacuation(ctx context.Context, req *ctl.StartShardEvacuationRequest) (*ctl.StartShardEvacuationResponse, error) { - res, err := a.next.StartShardEvacuation(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_StartShardEvacuation_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromShardIDs(req.GetBody().GetShard_ID()), err == nil) - return res, err -} - -// StopShardEvacuation implements control.ControlServiceServer. -func (a *auditService) StopShardEvacuation(ctx context.Context, req *ctl.StopShardEvacuationRequest) (*ctl.StopShardEvacuationResponse, error) { - res, err := a.next.StopShardEvacuation(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_StopShardEvacuation_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// SynchronizeTree implements control.ControlServiceServer. -func (a *auditService) SynchronizeTree(ctx context.Context, req *ctl.SynchronizeTreeRequest) (*ctl.SynchronizeTreeResponse, error) { - res, err := a.next.SynchronizeTree(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, ctl.ControlService_SynchronizeTree_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} diff --git a/pkg/services/netmap/audit.go b/pkg/services/netmap/audit.go deleted file mode 100644 index 906fd398..00000000 --- a/pkg/services/netmap/audit.go +++ /dev/null @@ -1,60 +0,0 @@ -package netmap - -import ( - "context" - "sync/atomic" - - "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/netmap" - netmapGRPC "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/netmap/grpc" - "git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit" - "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger" -) - -var _ Server = (*auditService)(nil) - -type auditService struct { - next Server - log *logger.Logger - enabled *atomic.Bool -} - -func NewAuditService(next Server, log *logger.Logger, enabled *atomic.Bool) Server { - return &auditService{ - next: next, - log: log, - enabled: enabled, - } -} - -// LocalNodeInfo implements Server. -func (a *auditService) LocalNodeInfo(ctx context.Context, req *netmap.LocalNodeInfoRequest) (*netmap.LocalNodeInfoResponse, error) { - res, err := a.next.LocalNodeInfo(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequest(a.log, netmapGRPC.NetmapService_LocalNodeInfo_FullMethodName, req, - nil, err == nil) - return res, err -} - -// NetworkInfo implements Server. -func (a *auditService) NetworkInfo(ctx context.Context, req *netmap.NetworkInfoRequest) (*netmap.NetworkInfoResponse, error) { - res, err := a.next.NetworkInfo(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequest(a.log, netmapGRPC.NetmapService_NetworkInfo_FullMethodName, req, - nil, err == nil) - return res, err -} - -// Snapshot implements Server. -func (a *auditService) Snapshot(ctx context.Context, req *netmap.SnapshotRequest) (*netmap.SnapshotResponse, error) { - res, err := a.next.Snapshot(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequest(a.log, netmapGRPC.NetmapService_NetmapSnapshot_FullMethodName, req, - nil, err == nil) - return res, err -} diff --git a/pkg/services/session/audit.go b/pkg/services/session/audit.go deleted file mode 100644 index 19d3383d..00000000 --- a/pkg/services/session/audit.go +++ /dev/null @@ -1,39 +0,0 @@ -package session - -import ( - "context" - "sync/atomic" - - "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session" - sessionGRPC "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session/grpc" - "git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit" - "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger" - "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user" -) - -var _ Server = (*auditService)(nil) - -type auditService struct { - next Server - log *logger.Logger - enabled *atomic.Bool -} - -func NewAuditService(next Server, log *logger.Logger, enabled *atomic.Bool) Server { - return &auditService{ - next: next, - log: log, - enabled: enabled, - } -} - -// Create implements Server. -func (a *auditService) Create(ctx context.Context, req *session.CreateRequest) (*session.CreateResponse, error) { - res, err := a.next.Create(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequest(a.log, sessionGRPC.SessionService_Create_FullMethodName, req, - audit.TargetFromRef(req.GetBody().GetOwnerID(), &user.ID{}), err == nil) - return res, err -} diff --git a/pkg/services/tree/audit.go b/pkg/services/tree/audit.go deleted file mode 100644 index bec71f5d..00000000 --- a/pkg/services/tree/audit.go +++ /dev/null @@ -1,135 +0,0 @@ -package tree - -import ( - "context" - "sync/atomic" - - "git.frostfs.info/TrueCloudLab/frostfs-node/internal/audit" - "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/util/logger" -) - -var _ TreeServiceServer = (*auditService)(nil) - -type auditService struct { - next TreeServiceServer - log *logger.Logger - enabled *atomic.Bool -} - -func NewAuditService(next TreeServiceServer, log *logger.Logger, enabled *atomic.Bool) TreeServiceServer { - return &auditService{ - next: next, - log: log, - enabled: enabled, - } -} - -// Add implements TreeServiceServer. -func (a *auditService) Add(ctx context.Context, req *AddRequest) (*AddResponse, error) { - res, err := a.next.Add(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_Add_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// AddByPath implements TreeServiceServer. -func (a *auditService) AddByPath(ctx context.Context, req *AddByPathRequest) (*AddByPathResponse, error) { - res, err := a.next.AddByPath(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_AddByPath_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// Apply implements TreeServiceServer. -func (a *auditService) Apply(ctx context.Context, req *ApplyRequest) (*ApplyResponse, error) { - res, err := a.next.Apply(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_Apply_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// GetNodeByPath implements TreeServiceServer. -func (a *auditService) GetNodeByPath(ctx context.Context, req *GetNodeByPathRequest) (*GetNodeByPathResponse, error) { - res, err := a.next.GetNodeByPath(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_GetNodeByPath_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// GetOpLog implements TreeServiceServer. -func (a *auditService) GetOpLog(req *GetOpLogRequest, srv TreeService_GetOpLogServer) error { - err := a.next.GetOpLog(req, srv) - if !a.enabled.Load() { - return err - } - audit.LogRequestWithKey(a.log, TreeService_GetOpLog_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return err -} - -// GetSubTree implements TreeServiceServer. -func (a *auditService) GetSubTree(req *GetSubTreeRequest, srv TreeService_GetSubTreeServer) error { - err := a.next.GetSubTree(req, srv) - if !a.enabled.Load() { - return err - } - audit.LogRequestWithKey(a.log, TreeService_GetSubTree_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return err -} - -// Healthcheck implements TreeServiceServer. -func (a *auditService) Healthcheck(ctx context.Context, req *HealthcheckRequest) (*HealthcheckResponse, error) { - res, err := a.next.Healthcheck(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_Healthcheck_FullMethodName, req.GetSignature().GetKey(), - nil, err == nil) - return res, err -} - -// Move implements TreeServiceServer. -func (a *auditService) Move(ctx context.Context, req *MoveRequest) (*MoveResponse, error) { - res, err := a.next.Move(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_Move_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// Remove implements TreeServiceServer. -func (a *auditService) Remove(ctx context.Context, req *RemoveRequest) (*RemoveResponse, error) { - res, err := a.next.Remove(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_Remove_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), req.GetBody().GetTreeId()), err == nil) - return res, err -} - -// TreeList implements TreeServiceServer. -func (a *auditService) TreeList(ctx context.Context, req *TreeListRequest) (*TreeListResponse, error) { - res, err := a.next.TreeList(ctx, req) - if !a.enabled.Load() { - return res, err - } - audit.LogRequestWithKey(a.log, TreeService_TreeList_FullMethodName, req.GetSignature().GetKey(), - audit.TargetFromTreeID(req.GetBody().GetContainerId(), ""), err == nil) - return res, err -}