class Conjur::WebServer::AuditStream
Constants
- HEADERS
Public Instance Methods
api()
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 87 def api Conjur::API.new_from_token Conjur::Authn.authenticate end
call(env)
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 27 def call env body = Body.new stream_events(env) do |events| write_events body, events end [200, HEADERS, body] end
fetch_events(env, options)
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 63 def fetch_events env, options kind, id = parse_path env args = if kind == 'role' && id.nil? [:audit_current_role, options] else [:"audit_#{kind}", id, options] end format = Rack::Request.new(env).params['format'] || 'string' format_method = case format when 'table' :tableize else :humanize end api.send(*args).each {|e| send(format_method, e)} end
parse_path(env)
click to toggle source
Returns [kind, id]
# File lib/conjur/webserver/audit_stream.rb, line 57 def parse_path env path = env["SCRIPT_NAME"] + env["PATH_INFO"] %r{^/api/audit/stream/(.*?)(?:/(.*))?$} =~ path [$1, $2] end
self_event?(env, e)
click to toggle source
Returns true if this looks like a permission check performed by the audit service
# File lib/conjur/webserver/audit_stream.rb, line 48 def self_event? env, e e['action'] == 'check' && e['asset'] == 'resource' && e['conjur_role'] == e['role'] && e['role'] == env['conjur.roleid'] end
show_self_events?(env)
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 52 def show_self_events? env !!Rack::Request.new(env).params['self'] end
stream_events(env, &block)
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 35 def stream_events env, &block # This could be a lot more "EventMachineish" by using for example # EM::HttpRequest, but putting it in the thread pool should be # good enough for our purposes. EM.defer do follower = Conjur::Audit::Follower.new{|opts| fetch_events(env, opts)} follower.filter{|e| self_event?(env, e)} unless show_self_events?(env) follower.follow &block end end
write_events(body, events)
click to toggle source
# File lib/conjur/webserver/audit_stream.rb, line 80 def write_events body, events events.each do |e| body.write "id: #{e['event_id']}\n" body.write "data: #{JSON.generate e}\n\n" end end