From b0c74a0584e8073452e436d67e53b29784016fb0 Mon Sep 17 00:00:00 2001 From: "stonezdj(Daojun Zhang)" Date: Fri, 3 Jan 2025 14:11:09 +0800 Subject: [PATCH] Add swagger api and audit_log_ext table model (#21360) add auditlog-ext related api in swagger add audit_log_ext table Signed-off-by: stonezdj --- api/v2.0/swagger.yaml | 131 +++++++++++++++++- .../postgresql/0160_2.13.0_schema.up.sql | 21 +++ src/server/v2.0/handler/auditlog.go | 12 ++ src/server/v2.0/handler/project.go | 8 ++ 4 files changed, 168 insertions(+), 4 deletions(-) diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml index 23dcec3bb..f69cd8c34 100644 --- a/api/v2.0/swagger.yaml +++ b/api/v2.0/swagger.yaml @@ -1723,9 +1723,9 @@ paths: $ref: '#/responses/500' /audit-logs: get: - summary: Get recent logs of the projects which the user is a member of + summary: Get recent logs of projects which the user is a member with project admin role, or return all audit logs for system admin user (deprecated) description: | - This endpoint let user see the recent operation logs of the projects which he is member of + This endpoint let the user see the recent operation logs of projects which the user is a member with project admin role,, or return all audit logs for system admin user, it only query the audit log in previous version. tags: - auditlog operationId: listAuditLogs @@ -1755,10 +1755,63 @@ paths: $ref: '#/responses/401' '500': $ref: '#/responses/500' + /auditlog-exts: + get: + summary: Get recent logs of the projects which the user is a member with project_admin role, or return all audit logs for system admin user + description: | + This endpoint let user see the recent operation logs of the projects which he is member with project_admin role, or return all audit logs for system admin user. + tags: + - auditlog + operationId: listAuditLogExts + parameters: + - $ref: '#/parameters/requestId' + - $ref: '#/parameters/query' + - $ref: '#/parameters/sort' + - $ref: '#/parameters/page' + - $ref: '#/parameters/pageSize' + responses: + '200': + description: Success + headers: + X-Total-Count: + description: The total count of auditlogs + type: integer + Link: + description: Link refers to the previous page and next page + type: string + schema: + type: array + items: + $ref: '#/definitions/AuditLogExt' + '400': + $ref: '#/responses/400' + '401': + $ref: '#/responses/401' + '500': + $ref: '#/responses/500' + /auditlog-exts/events: + get: + summary: Get all event types of audit log + description: | + Get all event types of audit log + tags: + - auditlog + operationId: listAuditLogEventTypes + parameters: + - $ref: '#/parameters/requestId' + responses: + '200': + description: Success + schema: + type: array + items: + $ref: '#/definitions/AuditLogEventType' + '401': + $ref: '#/responses/401' /projects/{project_name}/logs: get: - summary: Get recent logs of the projects - description: Get recent logs of the projects + summary: Get recent logs of the projects (deprecated) + description: Get recent logs of the projects, it only query the previous version's audit log tags: - project operationId: getLogs @@ -1789,6 +1842,40 @@ paths: $ref: '#/responses/401' '500': $ref: '#/responses/500' + /projects/{project_name}/auditlog-exts: + get: + summary: Get recent logs of the projects + description: Get recent logs of the projects + tags: + - project + operationId: getLogExts + parameters: + - $ref: '#/parameters/projectName' + - $ref: '#/parameters/requestId' + - $ref: '#/parameters/query' + - $ref: '#/parameters/sort' + - $ref: '#/parameters/page' + - $ref: '#/parameters/pageSize' + responses: + '200': + description: Success + headers: + X-Total-Count: + description: The total count of auditlogs + type: integer + Link: + description: Link refers to the previous page and next page + type: string + schema: + type: array + items: + $ref: '#/definitions/AuditLogExt' + '400': + $ref: '#/responses/400' + '401': + $ref: '#/responses/401' + '500': + $ref: '#/responses/500' /p2p/preheat/providers: get: summary: List P2P providers @@ -6996,6 +7083,42 @@ definitions: format: date-time example: '2006-01-02T15:04:05Z' description: The time when this operation is triggered. + AuditLogExt: + type: object + properties: + id: + type: integer + description: The ID of the audit log entry. + username: + type: string + description: The username of the operator in this log entry. + resource: + type: string + description: Name of the resource in this log entry. + resource_type: + type: string + description: Type of the resource in this log entry. + operation: + type: string + description: The operation against the resource in this log entry. + operation_description: + type: string + description: The operation's detail description + operation_result: + type: boolean + description: the operation's result, true for success, false for fail + op_time: + type: string + format: date-time + example: '2006-01-02T15:04:05Z' + description: The time when this operation is triggered. + AuditLogEventType: + type: object + properties: + event_type: + type: string + description: the event type, such as create_user. + example: create_user Metadata: type: object properties: diff --git a/make/migrations/postgresql/0160_2.13.0_schema.up.sql b/make/migrations/postgresql/0160_2.13.0_schema.up.sql index 49a13a131..88efb21b4 100644 --- a/make/migrations/postgresql/0160_2.13.0_schema.up.sql +++ b/make/migrations/postgresql/0160_2.13.0_schema.up.sql @@ -1,2 +1,23 @@ ALTER TABLE p2p_preheat_policy DROP COLUMN IF EXISTS scope; ALTER TABLE p2p_preheat_policy ADD COLUMN IF NOT EXISTS extra_attrs text; + +CREATE TABLE IF NOT EXISTS audit_log_ext +( + id BIGSERIAL PRIMARY KEY NOT NULL, + project_id BIGINT, + operation VARCHAR(50) NULL, + resource_type VARCHAR(50) NULL, + resource VARCHAR(50) NULL, + username VARCHAR(50) NULL, + op_desc VARCHAR(500) NULL, + op_result BOOLEAN DEFAULT true, + payload TEXT NULL, + source_ip VARCHAR(50) NULL, + op_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP +); + +-- add index to the audit_log_ext table +CREATE INDEX IF NOT EXISTS idx_audit_log_ext_op_time ON audit_log_ext (op_time); +CREATE INDEX IF NOT EXISTS idx_audit_log_ext_project_id_optime ON audit_log_ext (project_id, op_time); +CREATE INDEX IF NOT EXISTS idx_audit_log_ext_project_id_resource_type ON audit_log_ext (project_id, resource_type); +CREATE INDEX IF NOT EXISTS idx_audit_log_ext_project_id_operation ON audit_log_ext (project_id, operation); diff --git a/src/server/v2.0/handler/auditlog.go b/src/server/v2.0/handler/auditlog.go index 22540b1ae..a18105586 100644 --- a/src/server/v2.0/handler/auditlog.go +++ b/src/server/v2.0/handler/auditlog.go @@ -110,3 +110,15 @@ func (a *auditlogAPI) ListAuditLogs(ctx context.Context, params auditlog.ListAud WithLink(a.Links(ctx, params.HTTPRequest.URL, total, query.PageNumber, query.PageSize).String()). WithPayload(auditLogs) } +func (a *auditlogAPI) ListAuditLogExts(ctx context.Context, params auditlog.ListAuditLogExtsParams) middleware.Responder { + // TODO: implement this method + return auditlog.NewListAuditLogExtsOK(). + WithXTotalCount(0). + WithLink(a.Links(ctx, params.HTTPRequest.URL, 0, 0, 0).String()). + WithPayload(nil) +} + +func (a *auditlogAPI) ListAuditLogEventTypes(_ context.Context, _ auditlog.ListAuditLogEventTypesParams) middleware.Responder { + // TODO: implement this method + return auditlog.NewListAuditLogEventTypesOK().WithPayload(nil) +} diff --git a/src/server/v2.0/handler/project.go b/src/server/v2.0/handler/project.go index 57e1dfb7f..22d432dfe 100644 --- a/src/server/v2.0/handler/project.go +++ b/src/server/v2.0/handler/project.go @@ -938,3 +938,11 @@ func highestRole(roles []int) int { } return highest } + +func (a *projectAPI) GetLogExts(ctx context.Context, params operation.GetLogExtsParams) middleware.Responder { + // TODO: implement the function + return operation.NewGetLogExtsOK(). + WithXTotalCount(0). + WithLink(a.Links(ctx, params.HTTPRequest.URL, 0, 0, 15).String()). + WithPayload(nil) +}