github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-02-14 17:49:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
paralus/server/audit_info.go
Nirav Parikh 1b7a9a1fa3 changes to view auditlogs by project role users (#247) 
feat: changes to view audit logs by project and cluster role users
---------

Signed-off-by: niravparikh05 <nir.parikh05@gmail.com>
2023-09-21 11:34:56 +05:30

99 lines
2.9 KiB
Go
Raw Permalink Blame History

package server
import (
"context"
"fmt"
"strings"
"github.com/paralus/paralus/pkg/query"
sentryrpc "github.com/paralus/paralus/proto/rpc/sentry"
"github.com/paralus/paralus/pkg/sentry/kubeconfig"
"github.com/paralus/paralus/pkg/service"
)
type auditInfoServer struct {
bs service.BootstrapService
aps service.AccountPermissionService
prs service.ProjectService
}
var _ sentryrpc.AuditInformationServiceServer = (*auditInfoServer)(nil)
// NewAuditInfoServer returns new Audit Information Server
func NewAuditInfoServer(bs service.BootstrapService, aps service.AccountPermissionService, prs service.ProjectService) sentryrpc.AuditInformationServiceServer {
return &auditInfoServer{bs: bs, aps: aps, prs: prs}
}
func (s *auditInfoServer) LookupUser(ctx context.Context, req *sentryrpc.LookupUserRequest) (*sentryrpc.LookupUserResponse, error) {
attrs := kubeconfig.GetCNAttributes(req.UserCN)
_log.Infow("lookupUser", "attrs", attrs)
if attrs.SystemUser {
return &sentryrpc.LookupUserResponse{
UserName: attrs.Username,
AccountID: attrs.AccountID,
IsSSO: kubeconfig.GetStringFromBool(attrs.IsSSO),
OrganizationID: attrs.OrganizationID,
PartnerID: attrs.PartnerID,
SessionType: kubeconfig.GetSessionTypeString(attrs.SessionType),
}, nil
}
accountID := attrs.AccountID
var userName string
account, err := s.aps.GetAccount(ctx, accountID)
if err != nil {
return nil, err
}
userName = account.Username
return &sentryrpc.LookupUserResponse{
UserName: userName,
AccountID: attrs.AccountID,
IsSSO: kubeconfig.GetStringFromBool(attrs.IsSSO),
OrganizationID: attrs.OrganizationID,
PartnerID: attrs.PartnerID,
SessionType: kubeconfig.GetSessionTypeString(attrs.SessionType),
}, nil
}
func (s *auditInfoServer) LookupCluster(ctx context.Context, req *sentryrpc.LookupClusterRequest) (*sentryrpc.LookupClusterResponse, error) {
strs := strings.SplitN(req.ClusterSNI, ".", 2)
if len(strs) != 2 {
return nil, fmt.Errorf("invalid cluster SNI %s", req.ClusterSNI)
}
clusterID, relayHost := strs[0], strs[1]
relayHost = fmt.Sprintf("*.%s", relayHost)
bat, err := s.bs.GetBootstrapAgentTemplateForHost(ctx, relayHost)
if err != nil {
return nil, err
}
ba, err := s.bs.GetBootstrapAgent(ctx, bat.Metadata.Labels["paralus.dev/connectorAgentTemplate"], query.WithName(clusterID), query.WithIgnoreScopeDefault(), query.WithDeleted())
if err != nil {
_log.Infow("unable to get bootstrap agent", "req", req, "error", err)
return nil, err
}
project, err := s.prs.GetByID(ctx, ba.Metadata.Project)
if err != nil {
_log.Warnw("unable to get project name", "id", ba.Metadata.Project, "error", err)
return nil, err
}
_log.Infow("project name in lookup cluster", "project", project.Metadata.Name)
return &sentryrpc.LookupClusterResponse{
Name: ba.Metadata.Labels["paralus.dev/clusterName"],
Project: project.Metadata.Name,
}, nil
}
Reference in New Issue View Git Blame Copy Permalink