Skip to content

Commit

Permalink
Merge pull request #70 from vxcontrol/user-action-logger
Browse files Browse the repository at this point in the history
rework user action logger
  • Loading branch information
asdek authored Jan 18, 2023
2 parents d671af7 + d50e2d3 commit bc11301
Show file tree
Hide file tree
Showing 31 changed files with 1,196 additions and 1,769 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ lint: $(GOLANGCI_BIN)
$(GOLANGCI_BIN) run ./...

.PHONY: test
test: generate-keys
test:
go test -v ./...

.PHONY: generate-all
Expand Down
26 changes: 11 additions & 15 deletions cmd/api/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"soldr/pkg/app/api/server"
srvevents "soldr/pkg/app/api/server/events"
"soldr/pkg/app/api/storage/mem"
useraction "soldr/pkg/app/api/user_action"
"soldr/pkg/app/api/utils/meter"
"soldr/pkg/app/api/worker"
"soldr/pkg/log"
Expand All @@ -34,14 +35,13 @@ import (
const serviceName = "vxapi"

type Config struct {
Debug bool `config:"debug"`
Develop bool `config:"is_develop"`
Log LogConfig
DB DBConfig
Tracing TracingConfig
PublicAPI PublicAPIConfig
EventWorker EventWorkerConfig
UserActionWorker UserActionWorkerConfig
Debug bool `config:"debug"`
Develop bool `config:"is_develop"`
Log LogConfig
DB DBConfig
Tracing TracingConfig
PublicAPI PublicAPIConfig
EventWorker EventWorkerConfig
}

type LogConfig struct {
Expand Down Expand Up @@ -75,10 +75,6 @@ type EventWorkerConfig struct {
PollInterval time.Duration `config:"event_worker_poll_interval"`
}

type UserActionWorkerConfig struct {
MaxMessages uint `config:"user_action_worker_max_messages"`
}

func defaultConfig() Config {
return Config{
Log: LogConfig{
Expand All @@ -96,9 +92,6 @@ func defaultConfig() Config {
EventWorker: EventWorkerConfig{
PollInterval: 30 * time.Second,
},
UserActionWorker: UserActionWorkerConfig{
MaxMessages: 100,
},
}
}

Expand Down Expand Up @@ -285,9 +278,12 @@ func main() {
// run worker to synchronize events retention policy to all instance DB
go worker.SyncRetentionEvents(ctx, dbWithORM)

userActionWriter := useraction.NewLogWriter(logger)

router := server.NewRouter(
dbWithORM,
exchanger,
userActionWriter,
dbConnectionStorage,
s3ConnectionStorage,
)
Expand Down
16 changes: 8 additions & 8 deletions pkg/app/api/server/middleware.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import (
"soldr/pkg/app/api/models"
"soldr/pkg/app/api/server/context"
"soldr/pkg/app/api/server/private"
srverrors "soldr/pkg/app/api/server/response"
"soldr/pkg/app/api/server/response"
"soldr/pkg/app/api/utils"
"soldr/pkg/app/api/utils/dbencryptor"
)
Expand Down Expand Up @@ -43,17 +43,17 @@ func authTokenProtoRequired() gin.HandlerFunc {
attrs := []interface{}{uid, rid, sid, tid, prm, exp, gtm, uname}
for _, attr := range attrs {
if attr == nil {
utils.HTTPError(c, srverrors.ErrNotPermitted, errors.New(msg))
response.Error(c, response.ErrNotPermitted, errors.New(msg))
return
}
}

if prms, ok := prm.([]string); !ok {
utils.HTTPError(c, srverrors.ErrNotPermitted, nil)
response.Error(c, response.ErrNotPermitted, nil)
return
} else {
if !lookupPerm(prms, privInteractive) {
utils.HTTPError(c, srverrors.ErrNotPermitted, nil)
response.Error(c, response.ErrNotPermitted, nil)
return
}
c.Set("prm", prms)
Expand Down Expand Up @@ -124,13 +124,13 @@ func authRequired() gin.HandlerFunc {
attrs := []interface{}{uid, rid, sid, tid, prm, exp, gtm, uname, svc}
for _, attr := range attrs {
if attr == nil {
utils.HTTPError(c, srverrors.ErrAuthRequired, errors.New("token claim invalid"))
response.Error(c, response.ErrAuthRequired, errors.New("token claim invalid"))
return
}
}

if prms, ok := prm.([]string); !ok {
utils.HTTPError(c, srverrors.ErrAuthRequired, nil)
response.Error(c, response.ErrAuthRequired, nil)
return
} else {
c.Set("prm", prms)
Expand Down Expand Up @@ -159,7 +159,7 @@ func localUserRequired() gin.HandlerFunc {
rid := session.Get("rid")

if rid == nil || rid.(uint64) == models.RoleExternal {
utils.HTTPError(c, srverrors.ErrLocalUserRequired, nil)
response.Error(c, response.ErrLocalUserRequired, nil)
return
}

Expand Down Expand Up @@ -237,7 +237,7 @@ func setServiceInfo(db *gorm.DB) gin.HandlerFunc {

service, err := getService(c)
if err != nil {
utils.HTTPError(c, srverrors.ErrInternalServiceNotFound, nil)
response.Error(c, response.ErrInternalServiceNotFound, nil)
return
}

Expand Down
22 changes: 11 additions & 11 deletions pkg/app/api/server/permissions.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"github.com/gin-gonic/gin/binding"

"soldr/pkg/app/api/server/private"
srverrors "soldr/pkg/app/api/server/response"
"soldr/pkg/app/api/server/response"
"soldr/pkg/app/api/utils"
)

Expand All @@ -33,26 +33,26 @@ func privilegesRequiredByQueryTypeField(mprivs map[string][]string) gin.HandlerF

prms, err := getPrms(c)
if err != nil {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, err)
response.Error(c, response.ErrPrivilegesRequired, err)
return
}

var query utils.TableQuery
if err := c.ShouldBindQuery(&query); err != nil {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("error binding query: %w", err))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("error binding query: %w", err))
return
}
for _, filter := range query.Filters {
if value, ok := filter.Value.(string); filter.Field == "type" && ok {
if privs, ok := mprivs[value]; ok {
for _, priv := range privs {
if !lookupPerm(prms, priv) {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", priv))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", priv))
return
}
}
} else {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("'%s' is not specified", value))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("'%s' is not specified", value))
return
}
}
Expand All @@ -69,23 +69,23 @@ func privilegesRequiredPatchAgents() gin.HandlerFunc {

prms, err := getPrms(c)
if err != nil {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, err)
response.Error(c, response.ErrPrivilegesRequired, err)
return
}

var action private.AgentsAction
if err := c.ShouldBindBodyWith(&action, binding.JSON); err != nil {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("error binding query: %w", err))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("error binding query: %w", err))
return
}
if action.Action == "delete" {
if !lookupPerm(prms, "vxapi.agents.api.delete") {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", "vxapi.agents.api.delete"))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", "vxapi.agents.api.delete"))
return
}
} else {
if !lookupPerm(prms, "vxapi.agents.api.edit") {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", "vxapi.agents.api.edit"))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", "vxapi.agents.api.edit"))
return
}
}
Expand All @@ -102,13 +102,13 @@ func privilegesRequired(privs ...string) gin.HandlerFunc {

prms, err := getPrms(c)
if err != nil {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, err)
response.Error(c, response.ErrPrivilegesRequired, err)
return
}

for _, priv := range append([]string{}, privs...) {
if !lookupPerm(prms, priv) {
utils.HTTPError(c, srverrors.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", priv))
response.Error(c, response.ErrPrivilegesRequired, fmt.Errorf("'%s' is not set", priv))
return
}
}
Expand Down
Loading

0 comments on commit bc11301

Please sign in to comment.