🔊 scraper GETs have their own type of audit event now
_
parent
a454585d9c
commit
228a9b4262
|
|
@ -84,7 +84,7 @@ pub trait MaxValidDuration {
|
|||
|
||||
#[derive (Deserialize)]
|
||||
pub struct ScraperKey {
|
||||
name: String,
|
||||
pub name: String,
|
||||
|
||||
not_before: DateTime <Utc>,
|
||||
not_after: DateTime <Utc>,
|
||||
|
|
|
|||
|
|
@ -127,8 +127,6 @@ async fn handle_http_request (
|
|||
return Err (UnknownServer);
|
||||
}
|
||||
|
||||
let user = get_user_name (&req);
|
||||
|
||||
let req = http_serde::RequestParts::from_hyper (req.method, uri.clone (), req.headers)
|
||||
.map_err (|_| BadRequest)?;
|
||||
|
||||
|
|
@ -136,11 +134,6 @@ async fn handle_http_request (
|
|||
|
||||
let req_id = rusty_ulid::generate_ulid_string ();
|
||||
|
||||
state.audit_log.push (AuditEvent::new (AuditData::WebClientGet {
|
||||
user,
|
||||
server_name: server_name.to_string (),
|
||||
uri,
|
||||
})).await;
|
||||
trace! ("Created request {}", req_id);
|
||||
|
||||
{
|
||||
|
|
@ -610,6 +603,13 @@ async fn handle_all (
|
|||
} => {
|
||||
let (parts, _) = req.into_parts ();
|
||||
|
||||
let user = get_user_name (&parts);
|
||||
state.audit_log.push (AuditEvent::new (AuditData::WebClientGet {
|
||||
user,
|
||||
server_name: listen_code.to_string (),
|
||||
uri: path.to_string (),
|
||||
})).await;
|
||||
|
||||
handle_http_request (parts, path.to_string (), &state, listen_code).await?
|
||||
},
|
||||
ClientServerList => handle_server_list (state, handlebars).await?,
|
||||
|
|
|
|||
|
|
@ -123,8 +123,7 @@ pub enum AuditData {
|
|||
RelayStart,
|
||||
ScraperGet {
|
||||
key_name: String,
|
||||
server_name: String,
|
||||
uri: String,
|
||||
path: String,
|
||||
},
|
||||
WebClientGet {
|
||||
user: Option <String>,
|
||||
|
|
|
|||
|
|
@ -127,6 +127,11 @@ async fn api_v1 (
|
|||
)
|
||||
-> Result <Response <Body>, RequestError>
|
||||
{
|
||||
use crate::{
|
||||
AuditData,
|
||||
AuditEvent,
|
||||
};
|
||||
|
||||
let api_key = req.headers ().get ("X-ApiKey");
|
||||
|
||||
let api_key = match api_key {
|
||||
|
|
@ -138,6 +143,8 @@ async fn api_v1 (
|
|||
|
||||
let bad_key = || error_reply (StatusCode::FORBIDDEN, strings::FORBIDDEN);
|
||||
|
||||
let key_name;
|
||||
|
||||
{
|
||||
let config = state.config.read ().await;
|
||||
|
||||
|
|
@ -160,8 +167,15 @@ async fn api_v1 (
|
|||
return Ok (bad_key ()?);
|
||||
},
|
||||
}
|
||||
|
||||
key_name = expected_key.name.to_string ();
|
||||
}
|
||||
|
||||
state.audit_log.push (AuditEvent::new (AuditData::ScraperGet {
|
||||
key_name,
|
||||
path: path_rest.to_string (),
|
||||
})).await;
|
||||
|
||||
if path_rest == "test" {
|
||||
Ok (error_reply (StatusCode::OK, "You're valid!")?)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,5 @@ Use curl to like, try it out:
|
|||
```
|
||||
curl \
|
||||
--header "X-ApiKey: not this, this is a bogus passphrase for documentation" \
|
||||
http://localhost:4000/scraper/v1/server/$SERVER_NAME/files/
|
||||
http://localhost:4000/scraper/v1/test
|
||||
```
|
||||
|
||||
(Replace `$SERVER_NAME` with the name of the server you want to reach. And change the URL so it's not going to localhost.)
|
||||
|
|
|
|||
Loading…
Reference in New Issue