audit

package
v0.3.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func UnaryServerInterceptor 

func UnaryServerInterceptor(opts ...Option) grpc.UnaryServerInterceptor

UnaryServerInterceptor 审计事件 grpc unary 拦截器

Types

type EventData 

type EventData struct {
	// 唯一标识服务名称,如:netdev.v1.oneops.api.grpc-kit.com
	ServiceName string `json:"service_name"`

	// 审计级别,如:none / metadata / request / request_response
	Level Level `json:"level"`

	// 审计 ID,每个请求唯一,一般同为 request_id
	AuditID string `json:"audit_id"`

	// TODO;
	Stage Stage `json:"stage"`

	GRPCMethod  string `json:"grpc_method"`
	GRPCService string `json:"grpc_service"`

	// 当前请求用户
	User struct {
		UID      string              `json:"uid"`
		Username string              `json:"username"`
		Groups   []string            `json:"groups"`
		Extra    map[string][]string `json:"extra"`
	} `json:"user"`

	// 用户来源 ip 列表
	SourceIPs []string `json:"source_ips"`

	// UserAgent 用户代理
	UserAgent string `json:"user_agent"`

	// TODO; 执行完成后状态记录
	ResponseStatus Status `json:"response_status"`

	RequestObject  string `json:"request_object"`
	ResponseObject string `json:"response_object"`

	RequestReceivedTimestamp time.Time `json:"request_received_timestamp"`
	StageTimestamp           time.Time `json:"stage_timestamp"`
}

EventData 审计事件

type Level 

type Level string

Level 定义审计级别 

const (
	// LevelNone disables auditing
	LevelNone Level = "none"
	// LevelMetadata provides the basic level of auditing.
	LevelMetadata Level = "metadata"
	// LevelRequest provides Metadata level of auditing, and additionally
	// logs the request object (does not apply for non-resource requests).
	LevelRequest Level = "request"
	// LevelRequestResponse provides Request level of auditing, and additionally
	// logs the response object (does not apply for non-resource requests).
	LevelRequestResponse Level = "request_response"
)

Valid audit levels

type Option 

type Option func(o *interceptorOption)

Option is a functional option for audit.

func WithCloudEvent 

func WithCloudEvent(client client.Client) Option

WithCloudEvent 云事件客户端

func WithLevel 

func WithLevel(level Level) Option

WithLevel 审计事件等级

func WithLogger 

func WithLogger(logger *logrus.Entry) Option

WithLogger 调试日志组件

func WithMarshal 

func WithMarshal(marshal protojson.MarshalOptions) Option

WithMarshal 序列化组件

func WithMustSucceed 

func WithMustSucceed(success bool) Option

WithMustSucceed 发送的审计事件必须成功,否则本次请求失败

func WithServiceName 

func WithServiceName(serviceName string) Option

WithServiceName 审计事件的服务名称

type Stage 

type Stage string
const (
	// StageRequestReceived The stage for events generated as soon as the audit handler receives the request, and before it
	// is delegated down the handler chain.
	StageRequestReceived Stage = "request_received"
	// StageResponseComplete The stage for events generated once the response body has been completed, and no more bytes
	// will be sent.
	StageResponseComplete Stage = "response_complete"
)

Valid audit stages.

type Status 

type Status struct {
	Status string `json:"status"` // 范围:success, failure
	Reason string `json:"reason"` // 对应:errs.Status.Status
	Code   int    `json:"code"`   // 对应:errs.Status.HTTPCode
}

Status 响应状态

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.