Rename WithAuditID to WithAuditInit

This commit is contained in:
Tim Allclair 2022-07-12 14:46:27 -07:00
parent f1d684b7b6
commit ea28a21a67
7 changed files with 12 additions and 16 deletions

View File

@ -290,7 +290,7 @@ func handleInternal(storage map[string]rest.Storage, admissionControl admission.
handler := genericapifilters.WithAudit(mux, auditSink, fakeRuleEvaluator, longRunningCheck)
handler = genericapifilters.WithRequestDeadline(handler, auditSink, fakeRuleEvaluator, longRunningCheck, codecs, 60*time.Second)
handler = genericapifilters.WithRequestInfo(handler, testRequestInfoResolver())
handler = genericapifilters.WithAuditID(handler)
handler = genericapifilters.WithAuditInit(handler)
return &defaultAPIServer{handler, container}
}

View File

@ -125,7 +125,7 @@ func evaluatePolicyAndCreateAuditEvent(req *http.Request, policy audit.PolicyRul
ac := audit.AuditContextFrom(ctx)
if ac == nil {
// Auditing not enabled.
return ac, nil
return nil, nil
}
attribs, err := GetAuthorizerAttributes(ctx)

View File

@ -26,21 +26,17 @@ import (
"github.com/google/uuid"
)
// WithAuditID attaches the Audit-ID associated with a request to the context.
// WithAuditInit initializes the audit context and attaches the Audit-ID associated with a request.
//
// a. If the caller does not specify a value for Audit-ID in the request header, we generate a new audit ID
// b. We echo the Audit-ID value to the caller via the response Header 'Audit-ID'.
func WithAuditID(handler http.Handler) http.Handler {
return withAuditID(handler, func() string {
func WithAuditInit(handler http.Handler) http.Handler {
return withAuditInit(handler, func() string {
return uuid.New().String()
})
}
func withAuditID(handler http.Handler, newAuditIDFunc func() string) http.Handler {
if newAuditIDFunc == nil {
return handler
}
func withAuditInit(handler http.Handler, newAuditIDFunc func() string) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ctx := audit.WithAuditContext(r.Context())
r = r.WithContext(ctx)

View File

@ -78,9 +78,9 @@ func TestWithAuditID(t *testing.T) {
auditIDGot = string(v)
})
wrapped := WithAuditID(handler)
wrapped := WithAuditInit(handler)
if test.newAuditIDFunc != nil {
wrapped = withAuditID(handler, test.newAuditIDFunc)
wrapped = withAuditInit(handler, test.newAuditIDFunc)
}
testRequest, err := http.NewRequest(http.MethodGet, "/api/v1/namespaces", nil)

View File

@ -676,7 +676,7 @@ func TestAudit(t *testing.T) {
// simplified long-running check
return ri.Verb == "watch"
})
handler = WithAuditID(handler)
handler = WithAuditInit(handler)
req, _ := http.NewRequest(test.verb, test.path, nil)
req = withTestContext(req, &user.DefaultInfo{Name: "admin"}, nil)
@ -812,7 +812,7 @@ func TestAuditIDHttpHeader(t *testing.T) {
})
fakeRuleEvaluator := policy.NewFakePolicyRuleEvaluator(test.level, nil)
handler = WithAudit(handler, sink, fakeRuleEvaluator, nil)
handler = WithAuditID(handler)
handler = WithAuditInit(handler)
req, _ := http.NewRequest("GET", "/api/v1/namespaces/default/pods", nil)
req.RemoteAddr = "127.0.0.1"

View File

@ -871,7 +871,7 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
handler = genericapifilters.WithRequestReceivedTimestamp(handler)
handler = genericapifilters.WithMuxAndDiscoveryComplete(handler, c.lifecycleSignals.MuxAndDiscoveryComplete.Signaled())
handler = genericfilters.WithPanicRecovery(handler, c.RequestInfoResolver)
handler = genericapifilters.WithAuditID(handler)
handler = genericapifilters.WithAuditInit(handler)
return handler
}

View File

@ -1197,7 +1197,7 @@ func newHandlerChain(t *testing.T, handler http.Handler, filter utilflowcontrol.
handler = apifilters.WithRequestDeadline(handler, nil, nil, longRunningRequestCheck, nil, requestTimeout)
handler = apifilters.WithRequestInfo(handler, requestInfoFactory)
handler = WithPanicRecovery(handler, requestInfoFactory)
handler = apifilters.WithAuditID(handler)
handler = apifilters.WithAuditInit(handler)
return handler
}