github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/auditor/auditor_test.go (about) 1 package auditor_test 2 3 import ( 4 "net/http" 5 6 "code.cloudfoundry.org/lager/lagertest" 7 8 "github.com/pf-qiu/concourse/v6/atc" 9 "github.com/pf-qiu/concourse/v6/atc/auditor" 10 11 . "github.com/onsi/ginkgo" 12 . "github.com/onsi/gomega" 13 ) 14 15 var _ = Describe("Audit", func() { 16 var ( 17 aud auditor.Auditor 18 dummyAction string 19 userName string 20 logger *lagertest.TestLogger 21 req *http.Request 22 EnableBuildAuditLog bool 23 EnableContainerAuditLog bool 24 EnableJobAuditLog bool 25 EnablePipelineAuditLog bool 26 EnableResourceAuditLog bool 27 EnableSystemAuditLog bool 28 EnableTeamAuditLog bool 29 EnableWorkerAuditLog bool 30 EnableVolumeAuditLog bool 31 ) 32 33 BeforeEach(func() { 34 userName = "test" 35 36 var err error 37 req, err = http.NewRequest("GET", "localhost:8080", nil) 38 Expect(err).NotTo(HaveOccurred()) 39 }) 40 41 JustBeforeEach(func() { 42 logger = lagertest.NewTestLogger("access_handler") 43 44 aud = auditor.NewAuditor( 45 EnableBuildAuditLog, 46 EnableContainerAuditLog, 47 EnableJobAuditLog, 48 EnablePipelineAuditLog, 49 EnableResourceAuditLog, 50 EnableSystemAuditLog, 51 EnableTeamAuditLog, 52 EnableWorkerAuditLog, 53 EnableVolumeAuditLog, 54 logger, 55 ) 56 }) 57 58 AfterEach(func() { 59 EnableBuildAuditLog = false 60 EnableContainerAuditLog = false 61 EnableJobAuditLog = false 62 EnablePipelineAuditLog = false 63 EnableResourceAuditLog = false 64 EnableSystemAuditLog = false 65 EnableTeamAuditLog = false 66 EnableWorkerAuditLog = false 67 EnableVolumeAuditLog = false 68 }) 69 Context("when audit is called", func() { 70 BeforeEach(func() { 71 EnableBuildAuditLog = true 72 EnableContainerAuditLog = true 73 EnableJobAuditLog = true 74 EnablePipelineAuditLog = true 75 EnableResourceAuditLog = true 76 EnableSystemAuditLog = true 77 EnableTeamAuditLog = true 78 EnableWorkerAuditLog = true 79 EnableVolumeAuditLog = true 80 }) 81 It("all routes are handled and does not panic", func() { 82 for _, route := range atc.Routes { 83 aud.Audit(route.Name, userName, req) 84 } 85 logs := logger.Logs() 86 Expect(len(logs)).ToNot(Equal(0)) 87 }) 88 }) 89 90 Describe("EnableBuildAuditLog", func() { 91 92 Context("When EnableBuildAudit is false with a Build action", func() { 93 BeforeEach(func() { 94 EnableBuildAuditLog = false 95 dummyAction = "GetBuildPlan" 96 }) 97 98 It("Doesn't create a log", func() { 99 aud.Audit(dummyAction, userName, req) 100 logs := logger.Logs() 101 Expect(len(logs)).To(Equal(0)) 102 }) 103 104 }) 105 106 Context("When EnableBuildAudit is true with Build action", func() { 107 BeforeEach(func() { 108 EnableBuildAuditLog = true 109 dummyAction = "GetBuildPlan" 110 }) 111 112 It("Create a log including the action", func() { 113 aud.Audit(dummyAction, userName, req) 114 logs := logger.Logs() 115 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 116 }) 117 }) 118 119 Context("When EnableBuildAudit is true with Non Build action", func() { 120 BeforeEach(func() { 121 EnableBuildAuditLog = true 122 dummyAction = "SaveConfig" 123 }) 124 125 It("Doesn't create a log", func() { 126 aud.Audit(dummyAction, userName, req) 127 logs := logger.Logs() 128 Expect(len(logs)).To(Equal(0)) 129 }) 130 }) 131 132 Context("When EnableBuildAudit is false with Non Build action", func() { 133 BeforeEach(func() { 134 EnableBuildAuditLog = false 135 dummyAction = "SaveConfig" 136 }) 137 138 It("Doesn't create a log", func() { 139 aud.Audit(dummyAction, userName, req) 140 logs := logger.Logs() 141 Expect(len(logs)).To(Equal(0)) 142 }) 143 }) 144 }) 145 146 Describe("EnableContainerAuditLog", func() { 147 148 Context("When EnableContainerAuditLog is false with a Container action", func() { 149 BeforeEach(func() { 150 EnableContainerAuditLog = false 151 dummyAction = "GetContainer" 152 }) 153 154 It("Doesn't create a log", func() { 155 aud.Audit(dummyAction, userName, req) 156 logs := logger.Logs() 157 Expect(len(logs)).To(Equal(0)) 158 }) 159 160 }) 161 162 Context("When EnableContainerAuditLog is true with a Container action", func() { 163 BeforeEach(func() { 164 EnableContainerAuditLog = true 165 dummyAction = "GetContainer" 166 }) 167 168 It("Create a log including the action", func() { 169 aud.Audit(dummyAction, userName, req) 170 logs := logger.Logs() 171 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 172 }) 173 }) 174 175 Context("When EnableContainerAuditLog is true with Non Container action", func() { 176 BeforeEach(func() { 177 EnableContainerAuditLog = true 178 dummyAction = "SaveConfig" 179 }) 180 181 It("Doesn't create a log", func() { 182 aud.Audit(dummyAction, userName, req) 183 logs := logger.Logs() 184 Expect(len(logs)).To(Equal(0)) 185 }) 186 }) 187 188 Context("When EnableContainerAuditLog is false with Non Container action", func() { 189 BeforeEach(func() { 190 EnableContainerAuditLog = false 191 dummyAction = "SaveConfig" 192 }) 193 194 It("Doesn't create a log", func() { 195 aud.Audit(dummyAction, userName, req) 196 logs := logger.Logs() 197 Expect(len(logs)).To(Equal(0)) 198 }) 199 }) 200 }) 201 202 Describe("EnableJobAuditLog", func() { 203 204 Context("When EnableJobAuditLog is false with a Job action", func() { 205 BeforeEach(func() { 206 EnableJobAuditLog = false 207 dummyAction = "GetJob" 208 }) 209 210 It("Doesn't create a log", func() { 211 aud.Audit(dummyAction, userName, req) 212 logs := logger.Logs() 213 Expect(len(logs)).To(Equal(0)) 214 }) 215 216 }) 217 218 Context("When EnableJobAuditLog is true with a Job action", func() { 219 BeforeEach(func() { 220 EnableJobAuditLog = true 221 dummyAction = "GetJob" 222 }) 223 224 It("Create a log including the action", func() { 225 aud.Audit(dummyAction, userName, req) 226 logs := logger.Logs() 227 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 228 }) 229 }) 230 231 Context("When EnableJobAuditLog is true with Non Job action", func() { 232 BeforeEach(func() { 233 EnableJobAuditLog = true 234 dummyAction = "SaveConfig" 235 }) 236 237 It("Doesn't create a log", func() { 238 aud.Audit(dummyAction, userName, req) 239 logs := logger.Logs() 240 Expect(len(logs)).To(Equal(0)) 241 }) 242 }) 243 244 Context("When EnableJobAuditLog is false with Non Job action", func() { 245 BeforeEach(func() { 246 EnableJobAuditLog = false 247 dummyAction = "SaveConfig" 248 }) 249 250 It("Doesn't create a log", func() { 251 aud.Audit(dummyAction, userName, req) 252 logs := logger.Logs() 253 Expect(len(logs)).To(Equal(0)) 254 }) 255 }) 256 }) 257 258 Describe("EnablePipelineAuditLog", func() { 259 260 Context("When EnablePipelineAuditLog is false with a Pipeline action", func() { 261 BeforeEach(func() { 262 EnablePipelineAuditLog = false 263 dummyAction = "GetPipeline" 264 }) 265 266 It("Doesn't create a log", func() { 267 aud.Audit(dummyAction, userName, req) 268 logs := logger.Logs() 269 Expect(len(logs)).To(Equal(0)) 270 }) 271 272 }) 273 274 Context("When EnablePipelineAuditLog is true with a Pipeline action", func() { 275 BeforeEach(func() { 276 EnablePipelineAuditLog = true 277 dummyAction = "GetPipeline" 278 }) 279 280 It("Create a log including the action", func() { 281 aud.Audit(dummyAction, userName, req) 282 logs := logger.Logs() 283 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 284 }) 285 }) 286 287 Context("When EnablePipelineAuditLog is true with Non Pipeline action", func() { 288 BeforeEach(func() { 289 EnablePipelineAuditLog = true 290 dummyAction = "SaveConfig" 291 }) 292 293 It("Doesn't create a log", func() { 294 aud.Audit(dummyAction, userName, req) 295 logs := logger.Logs() 296 Expect(len(logs)).To(Equal(0)) 297 }) 298 }) 299 300 Context("When EnablePipelineAuditLog is false with Non Pipeline action", func() { 301 BeforeEach(func() { 302 EnablePipelineAuditLog = false 303 dummyAction = "SaveConfig" 304 }) 305 306 It("Doesn't create a log", func() { 307 aud.Audit(dummyAction, userName, req) 308 logs := logger.Logs() 309 Expect(len(logs)).To(Equal(0)) 310 }) 311 }) 312 }) 313 314 Describe("EnableResourceAuditLog", func() { 315 316 Context("When EnableResourceAuditLog is false with a Resource action", func() { 317 BeforeEach(func() { 318 EnableResourceAuditLog = false 319 dummyAction = "GetResource" 320 }) 321 322 It("Doesn't create a log", func() { 323 aud.Audit(dummyAction, userName, req) 324 logs := logger.Logs() 325 Expect(len(logs)).To(Equal(0)) 326 }) 327 328 }) 329 330 Context("When EnableResourceAuditLog is true with a Resource action", func() { 331 BeforeEach(func() { 332 EnableResourceAuditLog = true 333 dummyAction = "GetResource" 334 }) 335 336 It("Create a log including the action", func() { 337 aud.Audit(dummyAction, userName, req) 338 logs := logger.Logs() 339 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 340 }) 341 }) 342 343 Context("When EnableResourceAuditLog is true with Non Resource action", func() { 344 BeforeEach(func() { 345 EnableResourceAuditLog = true 346 dummyAction = "SaveConfig" 347 }) 348 349 It("Doesn't create a log", func() { 350 aud.Audit(dummyAction, userName, req) 351 logs := logger.Logs() 352 Expect(len(logs)).To(Equal(0)) 353 }) 354 }) 355 356 Context("When EnableResourceAuditLog is false with Non Resource action", func() { 357 BeforeEach(func() { 358 EnableResourceAuditLog = false 359 dummyAction = "SaveConfig" 360 }) 361 362 It("Doesn't create a log", func() { 363 aud.Audit(dummyAction, userName, req) 364 logs := logger.Logs() 365 Expect(len(logs)).To(Equal(0)) 366 }) 367 }) 368 }) 369 370 Describe("EnableSystemAuditLog", func() { 371 372 Context("When EnableSystemAuditLog is false with a System action", func() { 373 BeforeEach(func() { 374 EnableSystemAuditLog = false 375 dummyAction = "SaveConfig" 376 }) 377 378 It("Doesn't create a log", func() { 379 aud.Audit(dummyAction, userName, req) 380 logs := logger.Logs() 381 Expect(len(logs)).To(Equal(0)) 382 }) 383 384 }) 385 386 Context("When EnableSystemAuditLog is true with a System action", func() { 387 BeforeEach(func() { 388 EnableSystemAuditLog = true 389 dummyAction = "SaveConfig" 390 }) 391 392 It("Create a log including the action", func() { 393 aud.Audit(dummyAction, userName, req) 394 logs := logger.Logs() 395 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 396 }) 397 }) 398 399 Context("When EnableSystemAuditLog is true with Non System action", func() { 400 BeforeEach(func() { 401 EnableSystemAuditLog = true 402 dummyAction = "GetBuild" 403 }) 404 405 It("Doesn't create a log", func() { 406 aud.Audit(dummyAction, userName, req) 407 logs := logger.Logs() 408 Expect(len(logs)).To(Equal(0)) 409 }) 410 }) 411 412 Context("When EnableSystemAuditLog is false with Non System action", func() { 413 BeforeEach(func() { 414 EnableSystemAuditLog = false 415 dummyAction = "GetBuild" 416 }) 417 418 It("Doesn't create a log", func() { 419 aud.Audit(dummyAction, userName, req) 420 logs := logger.Logs() 421 Expect(len(logs)).To(Equal(0)) 422 }) 423 }) 424 }) 425 426 Describe("EnableTeamAuditLog", func() { 427 428 Context("When EnableTeamAuditLog is false with a Resource action", func() { 429 BeforeEach(func() { 430 EnableTeamAuditLog = false 431 dummyAction = "ListTeams" 432 }) 433 434 It("Doesn't create a log", func() { 435 aud.Audit(dummyAction, userName, req) 436 logs := logger.Logs() 437 Expect(len(logs)).To(Equal(0)) 438 }) 439 440 }) 441 442 Context("When EnableTeamAuditLog is true with a Resource action", func() { 443 BeforeEach(func() { 444 EnableTeamAuditLog = true 445 dummyAction = "ListTeams" 446 }) 447 448 It("Create a log including the action", func() { 449 aud.Audit(dummyAction, userName, req) 450 logs := logger.Logs() 451 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 452 }) 453 }) 454 455 Context("When EnableTeamAuditLog is true with Non Resource action", func() { 456 BeforeEach(func() { 457 EnableTeamAuditLog = true 458 dummyAction = "SaveConfig" 459 }) 460 461 It("Doesn't create a log", func() { 462 aud.Audit(dummyAction, userName, req) 463 logs := logger.Logs() 464 Expect(len(logs)).To(Equal(0)) 465 }) 466 }) 467 468 Context("When EnableTeamAuditLog is false with Non Resource action", func() { 469 BeforeEach(func() { 470 EnableTeamAuditLog = false 471 dummyAction = "SaveConfig" 472 }) 473 474 It("Doesn't create a log", func() { 475 aud.Audit(dummyAction, userName, req) 476 logs := logger.Logs() 477 Expect(len(logs)).To(Equal(0)) 478 }) 479 }) 480 }) 481 482 Describe("EnableWorkerAuditLog", func() { 483 484 Context("When EnableWorkerAuditLog is false with a Resource action", func() { 485 BeforeEach(func() { 486 EnableWorkerAuditLog = false 487 dummyAction = "ListWorkers" 488 }) 489 490 It("Doesn't create a log", func() { 491 aud.Audit(dummyAction, userName, req) 492 logs := logger.Logs() 493 Expect(len(logs)).To(Equal(0)) 494 }) 495 496 }) 497 498 Context("When EnableWorkerAuditLog is true with a Resource action", func() { 499 BeforeEach(func() { 500 EnableWorkerAuditLog = true 501 dummyAction = "ListWorkers" 502 }) 503 504 It("Create a log including the action", func() { 505 aud.Audit(dummyAction, userName, req) 506 logs := logger.Logs() 507 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 508 }) 509 }) 510 511 Context("When EnableWorkerAuditLog is true with Non Resource action", func() { 512 BeforeEach(func() { 513 EnableWorkerAuditLog = true 514 dummyAction = "SaveConfig" 515 }) 516 517 It("Doesn't create a log", func() { 518 aud.Audit(dummyAction, userName, req) 519 logs := logger.Logs() 520 Expect(len(logs)).To(Equal(0)) 521 }) 522 }) 523 524 Context("When EnableWorkerAuditLog is false with Non Resource action", func() { 525 BeforeEach(func() { 526 EnableWorkerAuditLog = false 527 dummyAction = "SaveConfig" 528 }) 529 530 It("Doesn't create a log", func() { 531 aud.Audit(dummyAction, userName, req) 532 logs := logger.Logs() 533 Expect(len(logs)).To(Equal(0)) 534 }) 535 }) 536 }) 537 538 Describe("EnableVolumeAuditLog", func() { 539 540 Context("When EnableVolumeAuditLog is false with a Resource action", func() { 541 BeforeEach(func() { 542 EnableVolumeAuditLog = false 543 dummyAction = "ListVolumes" 544 }) 545 546 It("Doesn't create a log", func() { 547 aud.Audit(dummyAction, userName, req) 548 logs := logger.Logs() 549 Expect(len(logs)).To(Equal(0)) 550 }) 551 552 }) 553 554 Context("When EnableVolumeAuditLog is true with a Resource action", func() { 555 BeforeEach(func() { 556 EnableVolumeAuditLog = true 557 dummyAction = "ListVolumes" 558 }) 559 560 It("Create a log including the action", func() { 561 aud.Audit(dummyAction, userName, req) 562 logs := logger.Logs() 563 Expect(logs[0].Data["action"]).To(Equal(dummyAction)) 564 }) 565 }) 566 567 Context("When EnableVolumeAuditLog is true with Non Resource action", func() { 568 BeforeEach(func() { 569 EnableVolumeAuditLog = true 570 dummyAction = "SaveConfig" 571 }) 572 573 It("Doesn't create a log", func() { 574 aud.Audit(dummyAction, userName, req) 575 logs := logger.Logs() 576 Expect(len(logs)).To(Equal(0)) 577 }) 578 }) 579 580 Context("When EnableVolumeAuditLog is false with Non Resource action", func() { 581 BeforeEach(func() { 582 EnableVolumeAuditLog = false 583 dummyAction = "SaveConfig" 584 }) 585 586 It("Doesn't create a log", func() { 587 aud.Audit(dummyAction, userName, req) 588 logs := logger.Logs() 589 Expect(len(logs)).To(Equal(0)) 590 }) 591 }) 592 }) 593 })