Skip to content

[RORDEV-1574] New logged_user audit field #1170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Nov 1, 2025
Merged

[RORDEV-1574] New logged_user audit field #1170

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
f507971
user field changes
mgoworko Oct 16, 2025
3e71a00
unit tests
mgoworko Oct 17, 2025
272c69f
unit tests
mgoworko Oct 17, 2025
4b97428
Merge remote-tracking branch 'origin/develop' into RORDEV-1574-user-a…
mgoworko Oct 25, 2025
f3e0df0
review changes
mgoworko Oct 25, 2025
ce6fcb8
attemptedUserName as presented identity
mgoworko Oct 28, 2025
79ba960
Merge remote-tracking branch 'upstream/develop' into RORDEV-1574-user…
coutoPL Nov 1, 2025
85c9c63
pre bump
coutoPL Nov 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions audit/src/main/scala/tech/beshu/ror/audit/utils/AuditSerializationHelper.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@ private[ror] object AuditSerializationHelper {
case AuditFieldValueDescriptor.FinalState => eventData.finalState
case AuditFieldValueDescriptor.Reason => eventData.reason
case AuditFieldValueDescriptor.User => SerializeUser.serialize(requestContext).orNull
case AuditFieldValueDescriptor.LoggedUser => requestContext.loggedInUserName.orNull
case AuditFieldValueDescriptor.PresentedIdentity => SerializeUser.serialize(requestContext).orNull
case AuditFieldValueDescriptor.ImpersonatedByUser => requestContext.impersonatedByUserName.orNull
case AuditFieldValueDescriptor.Action => requestContext.action
case AuditFieldValueDescriptor.InvolvedIndices => if (requestContext.involvesIndices) requestContext.indices.toList.asJava else List.empty.asJava
Expand Down Expand Up @@ -168,6 +170,10 @@ private[ror] object AuditSerializationHelper {

case object User extends AuditFieldValueDescriptor

case object LoggedUser extends AuditFieldValueDescriptor

case object PresentedIdentity extends AuditFieldValueDescriptor

case object ImpersonatedByUser extends AuditFieldValueDescriptor

case object Action extends AuditFieldValueDescriptor
Expand Down Expand Up @@ -258,6 +264,8 @@ private[ror] object AuditSerializationHelper {
AuditFieldName("headers") -> AuditFieldValueDescriptor.HttpHeaderNames,
AuditFieldName("path") -> AuditFieldValueDescriptor.HttpPath,
AuditFieldName("user") -> AuditFieldValueDescriptor.User,
AuditFieldName("logged_user") -> AuditFieldValueDescriptor.LoggedUser,
AuditFieldName("presented_identity") -> AuditFieldValueDescriptor.PresentedIdentity,
AuditFieldName("impersonated_by") -> AuditFieldValueDescriptor.ImpersonatedByUser,
AuditFieldName("action") -> AuditFieldValueDescriptor.Action,
AuditFieldName("indices") -> AuditFieldValueDescriptor.InvolvedIndices,
Expand Down
2 changes: 2 additions & 0 deletions ...ala/tech/beshu/ror/accesscontrol/audit/configurable/AuditFieldValueDescriptorParser.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,8 @@ object AuditFieldValueDescriptorParser {
case "FINAL_STATE" => Some(AuditFieldValueDescriptor.FinalState)
case "REASON" => Some(AuditFieldValueDescriptor.Reason)
case "USER" => Some(AuditFieldValueDescriptor.User)
case "LOGGED_USER" => Some(AuditFieldValueDescriptor.LoggedUser)
case "PRESENTED_IDENTITY" => Some(AuditFieldValueDescriptor.PresentedIdentity)
case "IMPERSONATED_BY_USER" => Some(AuditFieldValueDescriptor.ImpersonatedByUser)
case "ACTION" => Some(AuditFieldValueDescriptor.Action)
case "INVOLVED_INDICES" => Some(AuditFieldValueDescriptor.InvolvedIndices)
Expand Down
8 changes: 8 additions & 0 deletions ...c/test/scala/tech/beshu/ror/integration/suites/audit/LocalClusterAuditingToolsSuite.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,13 +80,17 @@ class LocalClusterAuditingToolsSuite
auditEntries.exists(entry =>
entry("final_state").str == "ALLOWED" &&
entry("user").str == "username" &&
entry("logged_user").str == "username" &&
entry("presented_identity").str == "username" &&
entry("block").str.contains("name: 'Rule 1'") &&
entry.obj.get("es_node_name").isEmpty &&
entry.obj.get("es_cluster_name").isEmpty
) shouldBe true
auditEntries.exists(entry =>
entry("final_state").str == "ALLOWED" &&
entry("user").str == "username" &&
entry("logged_user").str == "username" &&
entry("presented_identity").str == "username" &&
entry("block").str.contains("name: 'Rule 1'") &&
Try(entry("es_node_name")).map(_.str) == Success("ROR_SINGLE_1") &&
Try(entry("es_cluster_name")).map(_.str) == Success("ROR_SINGLE")
Expand All @@ -109,6 +113,8 @@ class LocalClusterAuditingToolsSuite
auditEntries.exists(entry =>
entry("final_state").str == "ALLOWED" &&
entry("user").str == "username" &&
entry("logged_user").str == "username" &&
entry("presented_identity").str == "username" &&
entry("block").str.contains("name: 'Rule 1'") &&
Try(entry("es_node_name")).map(_.str) == Success("ROR_SINGLE_1") &&
Try(entry("es_cluster_name")).map(_.str) == Success("ROR_SINGLE") &&
Expand Down Expand Up @@ -136,6 +142,8 @@ class LocalClusterAuditingToolsSuite
auditEntries.exists(entry =>
entry("final_state").str == "ALLOWED" &&
entry("user").str == "username" &&
entry("logged_user").str == "username" &&
entry("presented_identity").str == "username" &&
entry("block").str.contains("name: 'Rule 1'") &&
Try(entry("es_node_name")).map(_.str) == Success("ROR_SINGLE_1") &&
Try(entry("es_cluster_name")).map(_.str) == Success("ROR_SINGLE") &&
Expand Down
Loading