From f53612bcaecb15be1c7300e1f057ab201b0d3734 Mon Sep 17 00:00:00 2001 From: garciadeblas Date: Fri, 12 Jul 2024 14:44:37 +0200 Subject: [PATCH] Revert "Revert "Feature 11039: Modification of Audit logs in NBI for password change and NS operations"" This reverts commit 048654090776dd0afdabb7f4bb6412717a7f12ee. Change-Id: I5f50515ea517ece76ea97b6d983189b4000b7a94 Signed-off-by: garciadeblas --- osm_nbi/admin_topics.py | 1 + osm_nbi/authconn_internal.py | 4 +- osm_nbi/instance_topics.py | 4 +- osm_nbi/nbi.py | 74 +++++++++++++++++++----- osm_nbi/osm_vnfm/vnf_instance_actions.py | 6 +- osm_nbi/tests/test_instance_topics.py | 10 ++-- osm_nbi/tests/test_osm_vnfm.py | 2 +- 7 files changed, 78 insertions(+), 23 deletions(-) diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py index de0ad1f..53f40e9 100644 --- a/osm_nbi/admin_topics.py +++ b/osm_nbi/admin_topics.py @@ -1127,6 +1127,7 @@ class UserTopicAuth(UserTopic): "system_admin_id": indata.get("system_admin_id"), "unlock": indata.get("unlock"), "renew": indata.get("renew"), + "session_user": session.get("username"), } ) data_to_send = {"_id": _id, "changes": indata} diff --git a/osm_nbi/authconn_internal.py b/osm_nbi/authconn_internal.py index 8b94a4c..94e6e47 100644 --- a/osm_nbi/authconn_internal.py +++ b/osm_nbi/authconn_internal.py @@ -669,7 +669,9 @@ class AuthconnInternal(Authconn): { "name": "Change Password", "sourceUserName": user_data["username"], - "message": "Changing Password for user, Outcome=Success", + "message": "User {} changing Password for user {}, Outcome=Success".format( + user_info.get("session_user"), user_data["username"] + ), "severity": "2", }, ) diff --git a/osm_nbi/instance_topics.py b/osm_nbi/instance_topics.py index df4a1d1..e0ee739 100644 --- a/osm_nbi/instance_topics.py +++ b/osm_nbi/instance_topics.py @@ -2379,6 +2379,7 @@ class NsLcmOpTopic(BaseTopic): return ( None, None, + None, ) # a none in this case is used to indicate not instantiated. It can be removed if operation != "instantiate": raise EngineException( @@ -2467,6 +2468,7 @@ class NsLcmOpTopic(BaseTopic): indata["newVdur"] = vnfr_descriptor["vdur"] nslcmop_desc = self._create_nslcmop(nsInstanceId, operation, indata) _id = nslcmop_desc["_id"] + nsName = nsr.get("name") self.format_on_new( nslcmop_desc, session["project_id"], make_public=session["public"] ) @@ -2479,7 +2481,7 @@ class NsLcmOpTopic(BaseTopic): rollback.append({"topic": "nslcmops", "_id": _id}) if not slice_object: self.msg.write("ns", operation, nslcmop_desc) - return _id, None + return _id, nsName, None except ValidationError as e: # TODO remove try Except, it is captured at nbi.py raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY) # except DbException as e: diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py index fe0e053..dcee50c 100644 --- a/osm_nbi/nbi.py +++ b/osm_nbi/nbi.py @@ -1618,21 +1618,21 @@ class Server(object): # creates nslcmop indata["lcmOperationType"] = "instantiate" indata["nsInstanceId"] = _id - nslcmop_id, _ = self.engine.new_item( + nslcmop_id, nsName, _ = self.engine.new_item( rollback, engine_session, "nslcmops", indata, None ) self._set_location_header(main_topic, version, topic, _id) - outdata = {"id": _id, "nslcmop_id": nslcmop_id} + outdata = {"id": _id, "nslcmop_id": nslcmop_id, "nsName": nsName} elif topic == "ns_instances" and item: indata["lcmOperationType"] = item indata["nsInstanceId"] = _id - _id, _ = self.engine.new_item( + _id, nsName, _ = self.engine.new_item( rollback, engine_session, "nslcmops", indata, kwargs ) self._set_location_header( main_topic, version, "ns_lcm_op_occs", _id ) - outdata = {"id": _id} + outdata = {"id": _id, "nsName": nsName} cherrypy.response.status = HTTPStatus.ACCEPTED.value elif topic == "netslice_instances_content": # creates NetSlice_Instance_record (NSIR) @@ -1685,13 +1685,13 @@ class Server(object): elif topic == "vnf_instances" and item: indata["lcmOperationType"] = item indata["vnfInstanceId"] = _id - _id, _ = self.engine.new_item( + _id, nsName, _ = self.engine.new_item( rollback, engine_session, "vnflcmops", indata, kwargs ) self._set_location_header( main_topic, version, "vnf_lcm_op_occs", _id ) - outdata = {"id": _id} + outdata = {"id": _id, "nsName": nsName} cherrypy.response.status = HTTPStatus.ACCEPTED.value elif topic == "ns_lcm_op_occs" and item == "cancel": indata["nsLcmOpOccId"] = _id @@ -1731,11 +1731,11 @@ class Server(object): "nsInstanceId": _id, "autoremove": True, } - op_id, _ = self.engine.new_item( + op_id, nsName, _ = self.engine.new_item( rollback, engine_session, "nslcmops", nslcmop_desc, kwargs ) if op_id: - outdata = {"_id": op_id} + outdata = {"_id": op_id, "nsName": nsName} elif ( topic == "netslice_instances_content" and not engine_session["force"] @@ -1817,12 +1817,62 @@ class Server(object): ): self.authenticator.remove_token_from_cache() - if item is not None: + cef_event( + cef_logger, + { + "name": "User Operation", + "sourceUserName": token_info.get("username"), + }, + ) + if topic == "ns_instances_content" and url_id: + nsName = ( + outdata.get("name") if method == "GET" else outdata.get("nsName") + ) + cef_event( + cef_logger, + { + "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format( + log_mapping[method], + topic, + nsName, + outdata.get("id"), + token_info.get("project_name"), + ), + }, + ) + cherrypy.log("{}".format(cef_logger)) + elif topic == "ns_instances_content" and method == "POST": + cef_event( + cef_logger, + { + "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format( + log_mapping[method], + topic, + outdata.get("nsName"), + outdata.get("id"), + token_info.get("project_name"), + ), + }, + ) + cherrypy.log("{}".format(cef_logger)) + elif topic in ("ns_instances", "vnf_instances") and item: + cef_event( + cef_logger, + { + "message": "{} {}, nsName={}, nsdId={}, Project={} Outcome=Success".format( + log_mapping[method], + topic, + outdata.get("nsName"), + url_id, + token_info.get("project_name"), + ), + }, + ) + cherrypy.log("{}".format(cef_logger)) + elif item is not None: cef_event( cef_logger, { - "name": "User Operation", - "sourceUserName": token_info.get("username"), "message": "Performing {} operation on {} {}, Project={} Outcome=Success".format( item, topic, @@ -1836,8 +1886,6 @@ class Server(object): cef_event( cef_logger, { - "name": "User Operation", - "sourceUserName": token_info.get("username"), "message": "{} {} {}, Project={} Outcome=Success".format( log_mapping[method], topic, diff --git a/osm_nbi/osm_vnfm/vnf_instance_actions.py b/osm_nbi/osm_vnfm/vnf_instance_actions.py index b34d203..17825b5 100644 --- a/osm_nbi/osm_vnfm/vnf_instance_actions.py +++ b/osm_nbi/osm_vnfm/vnf_instance_actions.py @@ -176,9 +176,11 @@ class NewVnfLcmOp(BaseMethod): vnfr = self.vnfrtopic.show(session, vnfInstanceId) indata["vnfInstanceId"] = vnfr.get("nsr-id-ref") indata = self.__get_formatted_indata(session, indata) - op_id, _ = self.nslcmoptopic.new(rollback, session, indata, kwargs, headers) + op_id, nsName, _ = self.nslcmoptopic.new( + rollback, session, indata, kwargs, headers + ) self.notify_operation(session, vnfInstanceId, lcm_operation, op_id) - return op_id, _ + return op_id, nsName, _ class ListVnfLcmOp(BaseMethod): diff --git a/osm_nbi/tests/test_instance_topics.py b/osm_nbi/tests/test_instance_topics.py index b12a330..112700f 100644 --- a/osm_nbi/tests/test_instance_topics.py +++ b/osm_nbi/tests/test_instance_topics.py @@ -113,7 +113,7 @@ class TestNsLcmOpTopic(unittest.TestCase): rollback = [] headers = {} - nslcmop_id, _ = self.nslcmop_topic.new( + nslcmop_id, nsName, _ = self.nslcmop_topic.new( rollback, session, indata=deepcopy(indata), kwargs=None, headers=headers ) @@ -251,7 +251,7 @@ class TestNsLcmOpTopic(unittest.TestCase): rollback = [] headers = {} - nslcmop_id, _ = self.nslcmop_topic.new( + nslcmop_id, nsName, _ = self.nslcmop_topic.new( rollback, session, indata, kwargs=None, headers=headers ) @@ -305,7 +305,7 @@ class TestNsLcmOpTopic(unittest.TestCase): "vdu": {"vduCountIndex": 0, "vduId": "mgmtVM"}, "vnfInstanceId": "9e8006df-cdfa-4f63-bf6a-fce860d71c1f", } - nslcmop_id, _ = self.nslcmop_topic.new( + nslcmop_id, nsName, _ = self.nslcmop_topic.new( rollback, session, indata, kwargs=None, headers=headers ) @@ -334,7 +334,7 @@ class TestNsLcmOpTopic(unittest.TestCase): "nsInstanceId": self.nsr_id, "vnfInstanceId": "9e8006df-cdfa-4f63-bf6a-fce860d71c1f", } - nslcmop_id, _ = self.nslcmop_topic.new( + nslcmop_id, nsName, _ = self.nslcmop_topic.new( rollback, session, indata, kwargs=None, headers=headers ) @@ -367,7 +367,7 @@ class TestNsLcmOpTopic(unittest.TestCase): } with self.assertRaises(Exception) as e: - nslcmop_id, _ = self.nslcmop_topic.new( + nslcmop_id, nsName, _ = self.nslcmop_topic.new( rollback, session, indata, kwargs=None, headers=headers ) self.assertTrue( diff --git a/osm_nbi/tests/test_osm_vnfm.py b/osm_nbi/tests/test_osm_vnfm.py index f4e6e63..61615b9 100644 --- a/osm_nbi/tests/test_osm_vnfm.py +++ b/osm_nbi/tests/test_osm_vnfm.py @@ -183,7 +183,7 @@ class TestVnfLcmOpTopic(unittest.TestCase): } rollback = [] headers = {} - vnflcmop_id, _ = self.vnflcmop_topic.new( + vnflcmop_id, nsName, _ = self.vnflcmop_topic.new( rollback, session, indata, kwargs=None, headers=headers ) vnflcmop_info = self.db.get_one("nslcmops") -- 2.25.1