mirror of
https://github.com/bitwarden/server.git
synced 2024-11-26 12:55:17 +01:00
adjusted serilog inclusion predicate with bypassid
This commit is contained in:
parent
6b4605e228
commit
25899fd326
@ -1,4 +1,5 @@
|
||||
using System.Threading.Tasks;
|
||||
using Bit.Core;
|
||||
using Bit.Core.Jobs;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Quartz;
|
||||
@ -12,7 +13,7 @@ namespace Bit.Api.Jobs
|
||||
|
||||
protected override Task ExecuteJobAsync(IJobExecutionContext context)
|
||||
{
|
||||
_logger.LogInformation("It's alive!");
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null, "It's alive!");
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
}
|
||||
|
@ -141,9 +141,7 @@ namespace Bit.Api
|
||||
return false;
|
||||
}
|
||||
|
||||
if(e.Level == LogEventLevel.Information &&
|
||||
(context.Contains(typeof(IpRateLimitMiddleware).FullName) ||
|
||||
context.StartsWith("\"Bit.Api.Jobs") || context.StartsWith("\"Bit.Core.Jobs")))
|
||||
if(e.Level == LogEventLevel.Information && context.Contains(typeof(IpRateLimitMiddleware).FullName))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
7
src/Core/Constants.cs
Normal file
7
src/Core/Constants.cs
Normal file
@ -0,0 +1,7 @@
|
||||
namespace Bit.Core
|
||||
{
|
||||
public static class Constants
|
||||
{
|
||||
public const int BypassFiltersEventId = 12482444;
|
||||
}
|
||||
}
|
@ -26,14 +26,16 @@ namespace Bit.Core.Jobs
|
||||
public Task JobToBeExecuted(IJobExecutionContext context,
|
||||
CancellationToken cancellationToken = default(CancellationToken))
|
||||
{
|
||||
_logger.LogInformation("Starting job {0} at {1}.", context.JobDetail.JobType.Name, DateTime.UtcNow);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null, "Starting job {0} at {1}.",
|
||||
context.JobDetail.JobType.Name, DateTime.UtcNow);
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
public Task JobWasExecuted(IJobExecutionContext context, JobExecutionException jobException,
|
||||
CancellationToken cancellationToken = default(CancellationToken))
|
||||
{
|
||||
_logger.LogInformation("Finished job {0} at {1}.", context.JobDetail.JobType.Name, DateTime.UtcNow);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null, "Finished job {0} at {1}.",
|
||||
context.JobDetail.JobType.Name, DateTime.UtcNow);
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
}
|
||||
|
@ -64,7 +64,8 @@ namespace Bit.Core.Services
|
||||
}
|
||||
|
||||
var enabledOrgs = await _organizationRepository.GetManyByEnabledAsync();
|
||||
_logger.LogInformation("Validating licenses for {0} organizations.", enabledOrgs.Count);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Validating licenses for {0} organizations.", enabledOrgs.Count);
|
||||
|
||||
foreach(var org in enabledOrgs)
|
||||
{
|
||||
@ -95,7 +96,8 @@ namespace Bit.Core.Services
|
||||
|
||||
private async Task DisableOrganizationAsync(Organization org, ILicense license, string reason)
|
||||
{
|
||||
_logger.LogInformation("Organization {0} ({1}) has an invalid license and is being disabled. Reason: {2}",
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Organization {0} ({1}) has an invalid license and is being disabled. Reason: {2}",
|
||||
org.Id, org.Name, reason);
|
||||
org.Enabled = false;
|
||||
org.ExpirationDate = license?.Expires ?? DateTime.UtcNow;
|
||||
@ -111,7 +113,8 @@ namespace Bit.Core.Services
|
||||
}
|
||||
|
||||
var premiumUsers = await _userRepository.GetManyByPremiumAsync(true);
|
||||
_logger.LogInformation("Validating premium for {0} users.", premiumUsers.Count);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Validating premium for {0} users.", premiumUsers.Count);
|
||||
|
||||
foreach(var user in premiumUsers)
|
||||
{
|
||||
@ -119,14 +122,16 @@ namespace Bit.Core.Services
|
||||
}
|
||||
|
||||
var nonPremiumUsers = await _userRepository.GetManyByPremiumAsync(false);
|
||||
_logger.LogInformation("Checking to restore premium for {0} users.", nonPremiumUsers.Count);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Checking to restore premium for {0} users.", nonPremiumUsers.Count);
|
||||
|
||||
foreach(var user in nonPremiumUsers)
|
||||
{
|
||||
var details = await _organizationUserRepository.GetManyDetailsByUserAsync(user.Id);
|
||||
if(details.Any(d => d.SelfHost && d.UsersGetPremium && d.Enabled))
|
||||
{
|
||||
_logger.LogInformation("Granting premium to user {0}({1}) because they are in an active organization " +
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Granting premium to user {0}({1}) because they are in an active organization " +
|
||||
"with premium features.", user.Id, user.Email);
|
||||
|
||||
user.Premium = true;
|
||||
@ -170,7 +175,8 @@ namespace Bit.Core.Services
|
||||
_userCheckCache.Add(user.Id, now);
|
||||
}
|
||||
|
||||
_logger.LogInformation("Validating premium license for user {0}({1}).", user.Id, user.Email);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Validating premium license for user {0}({1}).", user.Id, user.Email);
|
||||
return await ProcessUserValidationAsync(user);
|
||||
}
|
||||
|
||||
@ -196,8 +202,8 @@ namespace Bit.Core.Services
|
||||
|
||||
if(!valid)
|
||||
{
|
||||
_logger.LogInformation("User {0}({1}) has an invalid license and premium is being disabled.",
|
||||
user.Id, user.Email);
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"User {0}({1}) has an invalid license and premium is being disabled.", user.Id, user.Email);
|
||||
|
||||
user.Premium = false;
|
||||
user.PremiumExpirationDate = license?.Expires ?? DateTime.UtcNow;
|
||||
|
@ -16,7 +16,7 @@ namespace Bit.Core.Utilities
|
||||
private readonly IpRateLimitOptions _options;
|
||||
private readonly IMemoryCache _memoryCache;
|
||||
private readonly IBlockIpService _blockIpService;
|
||||
private readonly ILogger<IpRateLimitMiddleware> _logger;
|
||||
private readonly ILogger<CustomIpRateLimitMiddleware> _logger;
|
||||
|
||||
public CustomIpRateLimitMiddleware(
|
||||
IMemoryCache memoryCache,
|
||||
@ -25,7 +25,7 @@ namespace Bit.Core.Utilities
|
||||
IOptions<IpRateLimitOptions> options,
|
||||
IRateLimitCounterStore counterStore,
|
||||
IIpPolicyStore policyStore,
|
||||
ILogger<IpRateLimitMiddleware> logger,
|
||||
ILogger<CustomIpRateLimitMiddleware> logger,
|
||||
IIpAddressParser ipParser = null)
|
||||
: base(next, options, counterStore, policyStore, logger, ipParser)
|
||||
{
|
||||
@ -59,11 +59,13 @@ namespace Bit.Core.Utilities
|
||||
if(blockedCount > 10)
|
||||
{
|
||||
_blockIpService.BlockIpAsync(identity.ClientIp, false);
|
||||
_logger.LogInformation($"Banned {identity.ClientIp}. \nInfo: \n{GetRequestInfo(httpContext)}");
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Banned {0}. \nInfo: \n{1}", identity.ClientIp, GetRequestInfo(httpContext));
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.LogInformation($"Request blocked {identity.ClientIp}. \nInfo: \n{GetRequestInfo(httpContext)}");
|
||||
_logger.LogInformation(Constants.BypassFiltersEventId, null,
|
||||
"Request blocked {0}. \nInfo: \n{1}", identity.ClientIp, GetRequestInfo(httpContext));
|
||||
_memoryCache.Set(key, blockedCount,
|
||||
new MemoryCacheEntryOptions().SetSlidingExpiration(new TimeSpan(0, 5, 0)));
|
||||
}
|
||||
|
@ -22,14 +22,23 @@ namespace Bit.Core.Utilities
|
||||
return factory;
|
||||
}
|
||||
|
||||
if(filter == null)
|
||||
bool inclusionPredicate(LogEvent e)
|
||||
{
|
||||
filter = (e) => true;
|
||||
if(filter == null)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
var eventId = e.Properties.ContainsKey("EventId") ? e.Properties["EventId"].ToString() : null;
|
||||
if(eventId?.Contains(Constants.BypassFiltersEventId.ToString()) ?? false)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
return filter(e);
|
||||
}
|
||||
|
||||
var config = new LoggerConfiguration()
|
||||
.Enrich.FromLogContext()
|
||||
.Filter.ByIncludingOnly(filter);
|
||||
.Filter.ByIncludingOnly(inclusionPredicate);
|
||||
|
||||
if(CoreHelpers.SettingHasValue(globalSettings?.DocumentDb.Uri) &&
|
||||
CoreHelpers.SettingHasValue(globalSettings?.DocumentDb.Key))
|
||||
|
@ -75,17 +75,17 @@ namespace Bit.Identity
|
||||
loggerFactory.AddSerilog(app, env, appLifetime, globalSettings, (e) =>
|
||||
{
|
||||
var context = e.Properties["SourceContext"].ToString();
|
||||
if(context.Contains(typeof(IpRateLimitMiddleware).FullName) && e.Level == LogEventLevel.Information)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
if(context.Contains("IdentityServer4.Validation.TokenValidator") ||
|
||||
context.Contains("IdentityServer4.Validation.TokenRequestValidator"))
|
||||
{
|
||||
return e.Level > LogEventLevel.Error;
|
||||
}
|
||||
|
||||
if(context.Contains(typeof(IpRateLimitMiddleware).FullName) && e.Level == LogEventLevel.Information)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return e.Level >= LogEventLevel.Error;
|
||||
});
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user