GUACAMOLE-462: Add support for associating connection history with logs/recordings.#698
Merged
necouchman merged 16 commits intoapache:masterfrom Mar 2, 2022
Merged
Conversation
mike-jumper
force-pushed
the
history-storage
branch
from
0ead78a to
28b36a4
Compare
necouchman
requested changes
Feb 13, 2022
Contributor
necouchman
left a comment
necouchman
left a comment
There was a problem hiding this comment.
A few initial comments - you'll have to forgive the sarcastic humor, it seems especially strong tonight.
...dbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.java
Show resolved
Hide resolved
...amole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserRecordMapper.java
Show resolved
Hide resolved
...g-storage/src/main/java/org/apache/guacamole/history/connection/HistoryConnectionRecord.java
Show resolved
Hide resolved
...g-storage/src/main/java/org/apache/guacamole/history/connection/HistoryConnectionRecord.java
Show resolved
Hide resolved
guacamole/src/main/frontend/src/app/rest/types/ConnectionHistoryEntry.js
Outdated
Show resolved
Hide resolved
guacamole/src/main/java/org/apache/guacamole/rest/history/APIActivityRecord.java
Outdated
Show resolved
Hide resolved
guacamole/src/main/java/org/apache/guacamole/rest/history/ActivityLogResource.java
Outdated
Show resolved
Hide resolved
guacamole/src/main/java/org/apache/guacamole/rest/history/ActivityLogResource.java
Outdated
Show resolved
Hide resolved
mike-jumper
force-pushed
the
history-storage
branch
10 times, most recently
from
1d6717e to
a9c7395
Compare
Contributor
Author
|
No more draft - retrieval of individual records is now implemented. |
Contributor
|
Okay, will work on reviewing tonight. |
Contributor
Author
|
Thanks! |
necouchman
requested changes
Feb 21, 2022
Contributor
necouchman
left a comment
necouchman
left a comment
There was a problem hiding this comment.
Sorry for the delay - took a couple of days longer. Just a few minor documentation clean-up things and I think it'll be ready to ship.
...e-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java
Outdated
Show resolved
Hide resolved
...e-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java
Show resolved
Hide resolved
guacamole/src/main/java/org/apache/guacamole/rest/history/ActivityLogResource.java
Outdated
Show resolved
Hide resolved
…write variations.
…ets and their records.
…istory entries at API level.
…if underlying model is assigned an ID.
…ections.
Besides restoring historically-provided functionality, the ID generated
by the database for connection history records is needed to generate a
deterministic UUID that can be injected into connection configurations
with ${HISTORY_UUID}. Having such a token allows session recordings to
be given names that can be reliably matched with history records.
…ordings, logs, etc. with history entries.
…y placing recordings in the expected location.
mike-jumper
force-pushed
the
history-storage
branch
from
5055d92 to
26a9246
Compare
necouchman
approved these changes
Mar 2, 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change adds API representation of logs and recordings at the history entry level, and allows those resources to be retrieved from history entries via the REST API.
This is achieved by:
/var/lib/guacamole/recordings/by default) for files matching history entry UUIDs. If any are found, their type is identified and the file is associated with the history entry via decoration.${HISTORY_PATH}and${HISTORY_UUID}tokens that allow recordings, etc. to be saved and later reassociated with the history entries that correspond to the connections that created those recordings.Thus, history entries and recordings may be tied together without requiring database schema changes.
Users are only able to retrieve recordings/logs for a history entry if they have access to that history entry. It's up to the implementation to define whether users may view history entries, however the database restricts this to only users that can view both the relevant connection and relevant user. The storage extension implemented here additionally requires that a user have
UPDATEpermission on the associated connection to be able to retrieve a history entry, as it seems sensible to limit access to logs/recordings to only those that manage the connection. It might make sense for this to be configurable in the future.