Skip to content

Commit

Permalink
RavenDB-22362 address PR comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@karmeli87
karmeli87 committed May 15, 2024
1 parent efc2066 commit c0581c6
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 47 deletions.
4 changes: 2 additions & 2 deletions src/Raven.Server/Documents/Handlers/Admin/AdminAnalyzersHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ public async Task Put()

if (LoggingSource.AuditLog.IsInfoEnabled)
{
LogAuditFor(Database.Name, $"Analyzer {analyzerDefinition.Name} PUT with definition: {analyzerToAdd}");
LogAuditFor(Database.Name, $"Analyzer '{analyzerDefinition.Name}' PUT with definition: {analyzerToAdd}");
}

analyzerDefinition.Validate();
Expand All @@ -55,7 +55,7 @@ public async Task Delete()

if (LoggingSource.AuditLog.IsInfoEnabled)
{
LogAuditFor(Database.Name, $"Analyzer {name} DELETE");
LogAuditFor(Database.Name, $"Analyzer '{name}' DELETE");
}

var command = new DeleteAnalyzerCommand(name, Database.Name, GetRaftRequestIdFromQuery());
Expand Down
2 changes: 1 addition & 1 deletion src/Raven.Server/Web/Authentication/AdminCertificatesHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ public async Task Put()
: string.Empty;

LogAuditFor("Certificates",
$"Add new certificate '{certificate?.Thumbprint}'. Security Clearance: {certificate?.SecurityClearance}. Permissions:{permissions}.");
$"Add new certificate {certificate?.Name} ['{certificate?.Thumbprint}']. Security Clearance: {certificate?.SecurityClearance}. Permissions:{permissions}.");
}

try
Expand Down
4 changes: 2 additions & 2 deletions src/Raven.Server/Web/Authentication/TwoFactorAuthenticationHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public async Task ValidateTotp()

if (LoggingSource.AuditLog.IsInfoEnabled)
{
LogAuditFor(nameof(TwoFactorAuthenticationHandler), $"successfully authenticated with two factor auth for {period}. Has limits: {hasLimits}");
LogAuditFor(nameof(TwoFactorAuthenticationHandler), $"successfully authenticated with two factor auth for {period} (until: {DateTime.UtcNow.Add(period)}). Has limits: {hasLimits}");
}

string expectedCookieValue = null;
Expand Down Expand Up @@ -139,7 +139,7 @@ private async Task ReplyWith(TransactionOperationContext ctx, string err, HttpSt
{
if (LoggingSource.AuditLog.IsInfoEnabled)
{
LogAuditFor(nameof(TwoFactorAuthenticationHandler), $"Two factor auth failure, because: {err}");
LogAuditFor(nameof(TwoFactorAuthenticationHandler), $"Two factor auth failure: {err}");
}

HttpContext.Response.StatusCode = (int)httpStatusCode;
Expand Down
53 changes: 53 additions & 0 deletions src/Raven.Server/Web/RequestHandler.Audit.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Net;
using System.Text;
using System.Threading.Tasks;
using Sparrow.Logging;

namespace Raven.Server.Web
{
public abstract partial class RequestHandler
{
public bool IsLocalRequest()
{
if (HttpContext.Connection.RemoteIpAddress == null && HttpContext.Connection.LocalIpAddress == null)
{
return true;
}
if (HttpContext.Connection.RemoteIpAddress.Equals(HttpContext.Connection.LocalIpAddress))
{
return true;
}
if (IPAddress.IsLoopback(HttpContext.Connection.RemoteIpAddress))
{
return true;
}
return false;
}

public string RequestIp => IsLocalRequest() ? Environment.MachineName : HttpContext.Connection.RemoteIpAddress.ToString();

public void LogAuditFor(string logger, string message)
{
var auditLog = LoggingSource.AuditLog.GetLogger(logger, "Audit");
Debug.Assert(auditLog.IsInfoEnabled, $"auditlog info is disabled");

var clientCert = GetCurrentCertificate();

var sb = new StringBuilder();
sb.Append(RequestIp);
sb.Append(", ");
if (clientCert != null)
sb.Append($"CN={clientCert.Subject} [{clientCert.Thumbprint}], ");
else
sb.Append("no certificate, ");

sb.Append(message);

auditLog.Info(sb.ToString());
}
}
}
43 changes: 1 addition & 42 deletions src/Raven.Server/Web/RequestHandler.cs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Globalization;
using System.IO;
using System.IO.Compression;
Expand All @@ -26,11 +25,10 @@
using Raven.Server.ServerWide.Context;
using Raven.Server.TrafficWatch;
using Sparrow;
using Sparrow.Logging;

namespace Raven.Server.Web
{
public abstract class RequestHandler
public abstract partial class RequestHandler
{
public const string StartParameter = "start";

Expand Down Expand Up @@ -764,44 +762,5 @@ public void AddStringToHttpContext(string str, TrafficWatchChangeType type)
{
HttpContext.Items["TrafficWatch"] = (str, type);
}

public bool IsLocalRequest()
{
if (HttpContext.Connection.RemoteIpAddress == null && HttpContext.Connection.LocalIpAddress == null)
{
return true;
}
if (HttpContext.Connection.RemoteIpAddress.Equals(HttpContext.Connection.LocalIpAddress))
{
return true;
}
if (IPAddress.IsLoopback(HttpContext.Connection.RemoteIpAddress))
{
return true;
}
return false;
}

public string RequestIp => IsLocalRequest() ? Environment.MachineName : HttpContext.Connection.RemoteIpAddress.ToString();

public void LogAuditFor(string logger, string message)
{
var auditLog = LoggingSource.AuditLog.GetLogger(logger, "Audit");
Debug.Assert(auditLog.IsInfoEnabled, $"auditlog info is disabled");

var clientCert = GetCurrentCertificate();

var sb = new StringBuilder();
sb.Append(RequestIp);
sb.Append(", ");
if (clientCert != null)
sb.Append($"CN={clientCert.Subject} [{clientCert.Thumbprint}], ");
else
sb.Append("no certificate, ");

sb.Append(message);

auditLog.Info(sb.ToString());
}
}
}

0 comments on commit c0581c6

Please sign in to comment.