Feature 11039: Modification of Audit logs in NBI for password change and NS operations
Change-Id: I5bf0b5afbc3cf05f3bc894ac70bf3a054a4a603e
Signed-off-by: Adurti <adurti.v@tataelxsi.co.in>
diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py
index de0ad1f..53f40e9 100644
--- a/osm_nbi/admin_topics.py
+++ b/osm_nbi/admin_topics.py
@@ -1127,6 +1127,7 @@
"system_admin_id": indata.get("system_admin_id"),
"unlock": indata.get("unlock"),
"renew": indata.get("renew"),
+ "session_user": session.get("username"),
}
)
data_to_send = {"_id": _id, "changes": indata}
diff --git a/osm_nbi/authconn_internal.py b/osm_nbi/authconn_internal.py
index 8b94a4c..94e6e47 100644
--- a/osm_nbi/authconn_internal.py
+++ b/osm_nbi/authconn_internal.py
@@ -669,7 +669,9 @@
{
"name": "Change Password",
"sourceUserName": user_data["username"],
- "message": "Changing Password for user, Outcome=Success",
+ "message": "User {} changing Password for user {}, Outcome=Success".format(
+ user_info.get("session_user"), user_data["username"]
+ ),
"severity": "2",
},
)
diff --git a/osm_nbi/instance_topics.py b/osm_nbi/instance_topics.py
index 695a8f8..122ea5f 100644
--- a/osm_nbi/instance_topics.py
+++ b/osm_nbi/instance_topics.py
@@ -2278,6 +2278,7 @@
return (
None,
None,
+ None,
) # a none in this case is used to indicate not instantiated. It can be removed
if operation != "instantiate":
raise EngineException(
@@ -2366,6 +2367,7 @@
indata["newVdur"] = vnfr_descriptor["vdur"]
nslcmop_desc = self._create_nslcmop(nsInstanceId, operation, indata)
_id = nslcmop_desc["_id"]
+ nsName = nsr.get("name")
self.format_on_new(
nslcmop_desc, session["project_id"], make_public=session["public"]
)
@@ -2378,7 +2380,7 @@
rollback.append({"topic": "nslcmops", "_id": _id})
if not slice_object:
self.msg.write("ns", operation, nslcmop_desc)
- return _id, None
+ return _id, nsName, None
except ValidationError as e: # TODO remove try Except, it is captured at nbi.py
raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
# except DbException as e:
diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py
index 1a3efe1..317ea8a 100644
--- a/osm_nbi/nbi.py
+++ b/osm_nbi/nbi.py
@@ -1603,21 +1603,21 @@
# creates nslcmop
indata["lcmOperationType"] = "instantiate"
indata["nsInstanceId"] = _id
- nslcmop_id, _ = self.engine.new_item(
+ nslcmop_id, nsName, _ = self.engine.new_item(
rollback, engine_session, "nslcmops", indata, None
)
self._set_location_header(main_topic, version, topic, _id)
- outdata = {"id": _id, "nslcmop_id": nslcmop_id}
+ outdata = {"id": _id, "nslcmop_id": nslcmop_id, "nsName": nsName}
elif topic == "ns_instances" and item:
indata["lcmOperationType"] = item
indata["nsInstanceId"] = _id
- _id, _ = self.engine.new_item(
+ _id, nsName, _ = self.engine.new_item(
rollback, engine_session, "nslcmops", indata, kwargs
)
self._set_location_header(
main_topic, version, "ns_lcm_op_occs", _id
)
- outdata = {"id": _id}
+ outdata = {"id": _id, "nsName": nsName}
cherrypy.response.status = HTTPStatus.ACCEPTED.value
elif topic == "netslice_instances_content":
# creates NetSlice_Instance_record (NSIR)
@@ -1670,13 +1670,13 @@
elif topic == "vnf_instances" and item:
indata["lcmOperationType"] = item
indata["vnfInstanceId"] = _id
- _id, _ = self.engine.new_item(
+ _id, nsName, _ = self.engine.new_item(
rollback, engine_session, "vnflcmops", indata, kwargs
)
self._set_location_header(
main_topic, version, "vnf_lcm_op_occs", _id
)
- outdata = {"id": _id}
+ outdata = {"id": _id, "nsName": nsName}
cherrypy.response.status = HTTPStatus.ACCEPTED.value
elif topic == "ns_lcm_op_occs" and item == "cancel":
indata["nsLcmOpOccId"] = _id
@@ -1716,11 +1716,11 @@
"nsInstanceId": _id,
"autoremove": True,
}
- op_id, _ = self.engine.new_item(
+ op_id, nsName, _ = self.engine.new_item(
rollback, engine_session, "nslcmops", nslcmop_desc, kwargs
)
if op_id:
- outdata = {"_id": op_id}
+ outdata = {"_id": op_id, "nsName": nsName}
elif (
topic == "netslice_instances_content"
and not engine_session["force"]
@@ -1796,12 +1796,62 @@
):
self.authenticator.remove_token_from_cache()
- if item is not None:
+ cef_event(
+ cef_logger,
+ {
+ "name": "User Operation",
+ "sourceUserName": token_info.get("username"),
+ },
+ )
+ if topic == "ns_instances_content" and url_id:
+ nsName = (
+ outdata.get("name") if method == "GET" else outdata.get("nsName")
+ )
cef_event(
cef_logger,
{
- "name": "User Operation",
- "sourceUserName": token_info.get("username"),
+ "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format(
+ log_mapping[method],
+ topic,
+ nsName,
+ outdata.get("id"),
+ token_info.get("project_name"),
+ ),
+ },
+ )
+ cherrypy.log("{}".format(cef_logger))
+ elif topic == "ns_instances_content" and method == "POST":
+ cef_event(
+ cef_logger,
+ {
+ "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format(
+ log_mapping[method],
+ topic,
+ outdata.get("nsName"),
+ outdata.get("id"),
+ token_info.get("project_name"),
+ ),
+ },
+ )
+ cherrypy.log("{}".format(cef_logger))
+ elif topic in ("ns_instances", "vnf_instances") and item:
+ cef_event(
+ cef_logger,
+ {
+ "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format(
+ log_mapping[method],
+ topic,
+ outdata.get("nsName"),
+ url_id,
+ token_info.get("project_name"),
+ ),
+ },
+ )
+ cherrypy.log("{}".format(cef_logger))
+ elif item is not None:
+ cef_event(
+ cef_logger,
+ {
"message": "Performing {} operation on {} {}, Project={} Outcome=Success".format(
item,
topic,
@@ -1815,8 +1865,6 @@
cef_event(
cef_logger,
{
- "name": "User Operation",
- "sourceUserName": token_info.get("username"),
"message": "{} {} {}, Project={} Outcome=Success".format(
log_mapping[method],
topic,
diff --git a/osm_nbi/osm_vnfm/vnf_instance_actions.py b/osm_nbi/osm_vnfm/vnf_instance_actions.py
index b34d203..17825b5 100644
--- a/osm_nbi/osm_vnfm/vnf_instance_actions.py
+++ b/osm_nbi/osm_vnfm/vnf_instance_actions.py
@@ -176,9 +176,11 @@
vnfr = self.vnfrtopic.show(session, vnfInstanceId)
indata["vnfInstanceId"] = vnfr.get("nsr-id-ref")
indata = self.__get_formatted_indata(session, indata)
- op_id, _ = self.nslcmoptopic.new(rollback, session, indata, kwargs, headers)
+ op_id, nsName, _ = self.nslcmoptopic.new(
+ rollback, session, indata, kwargs, headers
+ )
self.notify_operation(session, vnfInstanceId, lcm_operation, op_id)
- return op_id, _
+ return op_id, nsName, _
class ListVnfLcmOp(BaseMethod):
diff --git a/osm_nbi/tests/test_instance_topics.py b/osm_nbi/tests/test_instance_topics.py
index b12a330..112700f 100644
--- a/osm_nbi/tests/test_instance_topics.py
+++ b/osm_nbi/tests/test_instance_topics.py
@@ -113,7 +113,7 @@
rollback = []
headers = {}
- nslcmop_id, _ = self.nslcmop_topic.new(
+ nslcmop_id, nsName, _ = self.nslcmop_topic.new(
rollback, session, indata=deepcopy(indata), kwargs=None, headers=headers
)
@@ -251,7 +251,7 @@
rollback = []
headers = {}
- nslcmop_id, _ = self.nslcmop_topic.new(
+ nslcmop_id, nsName, _ = self.nslcmop_topic.new(
rollback, session, indata, kwargs=None, headers=headers
)
@@ -305,7 +305,7 @@
"vdu": {"vduCountIndex": 0, "vduId": "mgmtVM"},
"vnfInstanceId": "9e8006df-cdfa-4f63-bf6a-fce860d71c1f",
}
- nslcmop_id, _ = self.nslcmop_topic.new(
+ nslcmop_id, nsName, _ = self.nslcmop_topic.new(
rollback, session, indata, kwargs=None, headers=headers
)
@@ -334,7 +334,7 @@
"nsInstanceId": self.nsr_id,
"vnfInstanceId": "9e8006df-cdfa-4f63-bf6a-fce860d71c1f",
}
- nslcmop_id, _ = self.nslcmop_topic.new(
+ nslcmop_id, nsName, _ = self.nslcmop_topic.new(
rollback, session, indata, kwargs=None, headers=headers
)
@@ -367,7 +367,7 @@
}
with self.assertRaises(Exception) as e:
- nslcmop_id, _ = self.nslcmop_topic.new(
+ nslcmop_id, nsName, _ = self.nslcmop_topic.new(
rollback, session, indata, kwargs=None, headers=headers
)
self.assertTrue(
diff --git a/osm_nbi/tests/test_osm_vnfm.py b/osm_nbi/tests/test_osm_vnfm.py
index f4e6e63..61615b9 100644
--- a/osm_nbi/tests/test_osm_vnfm.py
+++ b/osm_nbi/tests/test_osm_vnfm.py
@@ -183,7 +183,7 @@
}
rollback = []
headers = {}
- vnflcmop_id, _ = self.vnflcmop_topic.new(
+ vnflcmop_id, nsName, _ = self.vnflcmop_topic.new(
rollback, session, indata, kwargs=None, headers=headers
)
vnflcmop_info = self.db.get_one("nslcmops")