openstack/aodh
Code Issues Proposed changes

Attempt to set user_id for identity events

Browse Source 
Since the Keystone team will be moving to CADF events, where the
initiator is included, we should attempt to retrieve the id if
it's available.

Closes-Bug: 1429339

Change-Id: Ia5c3723cdb587aa87c3e3083c03c9de3f799772b
This commit is contained in:
Steve Martinelli 2015-01-29 22:36:23 -05:00
parent df10a87ea7
commit 885b97faad
3 changed files with 63 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ceilometer/identity/notifications.py
View File

@ -50,13 +50,14 @@ class _Base(plugin_base.NotificationBase,
class IdentityCRUD(_Base):
def process_notification(self, message):
user_id = message['payload'].get("initiator", {}).get("id")
yield sample.Sample.from_notification(
name=message['event_type'],
type=sample.TYPE_DELTA,
unit=self.resource_type,
volume=1,
resource_id=message['payload']['resource_info'],
user_id=None,
user_id=user_id,
project_id=None,
message=message)

64
ceilometer/tests/identity/test_notifications.py
View File

@ -81,6 +81,16 @@ def cadf_format_notification():
}
def cadf_crud_notification_for(resource_type, operation, resource_id):
base = cadf_format_notification()
event_type = '%s.%s.%s' % (notifications.SERVICE, resource_type,
operation)
base['event_type'] = event_type
base['payload']['action'] = '%s.%s' % (operation, resource_type)
base['payload']['resource_info'] = resource_id
return base
def authn_notification_for(outcome):
base = cadf_format_notification()
base['event_type'] = 'identity.authenticate'
@ -130,65 +140,109 @@ class TestCRUDNotification(base.BaseTestCase):
self.assertEqual(NOW, s.timestamp)
self.assertEqual(sample.TYPE_DELTA, s.type)
self.assertIsNone(s.project_id)
self.assertIsNone(s.user_id)
metadata = s.resource_metadata
self.assertEqual(PUBLISHER_ID, metadata.get('host'))
def _verify_common_operations(self, data, resource_type, operation,
resource_id):
self.assertEqual(1, len(data))
self.assertEqual(resource_id, data[0].resource_id)
name = '%s.%s.%s' % (notifications.SERVICE, resource_type, operation)
self.assertEqual(name, data[0].name)
def _test_operation(self, resource_type, operation, resource_id,
notification_class):
notif = notification_for(resource_type, operation, resource_id)
handler = notification_class(mock.Mock())
data = list(handler.process_notification(notif))
self.assertEqual(1, len(data))
self.assertEqual(resource_id, data[0].resource_id)
name = '%s.%s.%s' % (notifications.SERVICE, resource_type, operation)
self.assertEqual(name, data[0].name)
self.assertIsNone(data[0].user_id)
self._verify_common_operations(data, resource_type, operation,
resource_id)
self._verify_common_sample(data[0])
def _test_audit_operation(self, resource_type, operation, resource_id,
notification_class):
notif = cadf_crud_notification_for(resource_type, operation,
resource_id)
handler = notification_class(mock.Mock())
data = list(handler.process_notification(notif))
self.assertEqual(USER_ID, data[0].user_id)
self._verify_common_operations(data, resource_type, operation,
resource_id)
self._verify_common_sample(data[0])
def test_create_user(self):
self._test_operation('user', 'created', USER_ID, notifications.User)
self._test_audit_operation('user', 'created', USER_ID,
notifications.User)
def test_delete_user(self):
self._test_operation('user', 'deleted', USER_ID, notifications.User)
self._test_audit_operation('user', 'deleted', USER_ID,
notifications.User)
def test_update_user(self):
self._test_operation('user', 'updated', USER_ID, notifications.User)
self._test_audit_operation('user', 'updated', USER_ID,
notifications.User)
def test_create_group(self):
self._test_operation('group', 'created', GROUP_ID, notifications.Group)
self._test_audit_operation('group', 'created', GROUP_ID,
notifications.Group)
def test_update_group(self):
self._test_operation('group', 'updated', GROUP_ID, notifications.Group)
self._test_audit_operation('group', 'updated', GROUP_ID,
notifications.Group)
def test_delete_group(self):
self._test_operation('group', 'deleted', GROUP_ID, notifications.Group)
self._test_audit_operation('group', 'deleted', GROUP_ID,
notifications.Group)
def test_create_project(self):
self._test_operation('project', 'created', PROJECT_ID,
notifications.Project)
self._test_audit_operation('project', 'created', PROJECT_ID,
notifications.Project)
def test_update_project(self):
self._test_operation('project', 'updated', PROJECT_ID,
notifications.Project)
self._test_audit_operation('project', 'updated', PROJECT_ID,
notifications.Project)
def test_delete_project(self):
self._test_operation('project', 'deleted', PROJECT_ID,
notifications.Project)
self._test_audit_operation('project', 'deleted', PROJECT_ID,
notifications.Project)
def test_create_role(self):
self._test_operation('role', 'deleted', ROLE_ID, notifications.Role)
self._test_audit_operation('role', 'deleted', ROLE_ID,
notifications.Role)
def test_update_role(self):
self._test_operation('role', 'updated', ROLE_ID, notifications.Role)
self._test_audit_operation('role', 'updated', ROLE_ID,
notifications.Role)
def test_delete_role(self):
self._test_operation('role', 'deleted', ROLE_ID, notifications.Role)
self._test_audit_operation('role', 'deleted', ROLE_ID,
notifications.Role)
def test_create_trust(self):
self._test_operation('trust', 'created', TRUST_ID, notifications.Trust)
self._test_audit_operation('trust', 'created', TRUST_ID,
notifications.Trust)
def test_delete_trust(self):
self._test_operation('trust', 'deleted', TRUST_ID, notifications.Trust)
self._test_audit_operation('trust', 'deleted', TRUST_ID,
notifications.Trust)
class TestAuthenticationNotification(base.BaseTestCase):

2
etc/ceilometer/event_definitions.yaml
View File

@ -148,6 +148,8 @@
traits: &identity_crud
resource_id:
fields: payload.resource_info
initiator_id:
fields: payload.initiator.id
- event_type: identity.role_assignment.*
traits: &identity_role_assignment
role: