add audit logging to app registry endpoints

2017-05-11 13:33:18 -04:00 · 2017-05-11 13:33:18 -04:00 · 4db789b656
commit 4db789b656
parent f4f67c8c62
7 changed files with 54 additions and 20 deletions
--- a/data/interfaces/appr.py
+++ b/data/interfaces/appr.py
@ -10,8 +10,11 @@ from six import add_metaclass
 from app import storage, authentication
 from data import model, oci_model
 from data.database import Tag, Manifest, MediaType, Blob, Repository, Channel
+from util.audit import track_and_log
+from util.morecollections import AttrDict
 from util.names import parse_robot_username

+
 class BlobDescriptor(namedtuple('Blob', ['mediaType', 'size', 'digest', 'urls'])):
  """ BlobDescriptor describes a blob with its mediatype, size and digest.
      A BlobDescriptor is used to retrieves the actual blob.
@ -55,10 +58,6 @@ class AppRegistryDataInterface(object):
  """ Interface that represents all data store interactions required by a App Registry.
  """

-  @abstractmethod
-  def _application(self, package_name):
-    pass
-
  @abstractmethod
  def list_applications(self, namespace=None, media_type=None, search=None, username=None,
                        with_channels=False):
@ -175,6 +174,11 @@ class AppRegistryDataInterface(object):
    Raises: ChannelNotFound, PackageNotFound
    """

+  @abstractmethod
+  def log_action(self, event_name, namespace_name, repo_name=None, analytics_name=None,
+                 analytics_sample=1, **kwargs):
+    """ Logs an action to the audit log. """
+

 def _split_package_name(package):
  """ Returns the namespace and package-name """
@ -200,6 +204,22 @@ class OCIAppModel(AppRegistryDataInterface):
      raise_package_not_found(package)
    return repo

+  def log_action(self, event_name, namespace_name, repo_name=None, analytics_name=None,
+                 analytics_sample=1, metadata=None):
+    metadata = {} if metadata is None else metadata
+
+    repo = None
+    if repo_name is not None:
+      db_repo = model.repository.get_repository(namespace_name, repo_name,
+                                                kind_filter='application')
+      repo = AttrDict({
+        'id': db_repo.id,
+        'name': db_repo.name,
+        'namespace_name': db_repo.namespace_user.username,
+      })
+    track_and_log(event_name, repo, analytics_name=analytics_name,
+                  analytics_sample=analytics_sample, **metadata)
+
  def list_applications(self, namespace=None, media_type=None, search=None, username=None,
                        with_channels=False):
    """ Lists all repositories that contain applications, with optional filtering to a specific
@ -248,7 +268,7 @@ class OCIAppModel(AppRegistryDataInterface):
  def create_application(self, package_name, visibility, owner):
    """ Create a new app repository, owner is the user who creates it """
    ns, name = _split_package_name(package_name)
-    model.repository.create_repository(ns, name, owner, visibility, "application")
+    model.repository.create_repository(ns, name, owner, visibility, 'application')

  def application_exists(self, package_name):
    """ Create a new app repository, owner is the user who creates it """