Add logger-handler to firewall #151
Conversation
firewall/firewall_test.go
Outdated
| loggingHandler.MarkQueryAsForbidden(testQueries[1]) | ||
| loggingHandler.MarkQueryAsForbidden(testQueries[2]) | ||
|
|
||
| blacklist.AddQueries(loggingHandler.GetForbiddenQueries()) |
firewall/handlers/logging_handler.go
Outdated
| "encoding/json" | ||
| ) | ||
|
|
||
| type LoggingHandler struct { |
There was a problem hiding this comment.
what about to add filepath field and NewLoggingHandler function that will return new handler with loaded queries from file?
firewall/handlers/logging_handler.go
Outdated
| queryInfo := &QueryInfo{} | ||
| queryInfo.rawQuery = query | ||
| queryInfo.isForbidden = false | ||
| handler.Queries = append(handler.Queries, *queryInfo) |
There was a problem hiding this comment.
will be better to save new queries to file to commit current state of handler
firewall/handlers/logging_handler.go
Outdated
| func (handler *LoggingHandler) MarkQueryAsForbidden(query string) { | ||
| for index, queryInfo := range handler.Queries { | ||
| if strings.EqualFold(query, queryInfo.rawQuery) { | ||
| handler.Queries[index].isForbidden = true |
There was a problem hiding this comment.
here will be good too to save new state to file
firewall/handlers/logging_handler.go
Outdated
| func (handler *LoggingHandler) GetAllInputQueries() []string{ | ||
| var queries []string | ||
| for _, queryInfo := range handler.Queries { | ||
| queries = append(queries, queryInfo.rawQuery) |
There was a problem hiding this comment.
in a future would be great to check file update on new queries and if file was updated reload and return new values
it will be useful when separate instance of webui will add changes and acraserver's handler should update too without restarting
cmd/acraserver/config.go
Outdated
| func (config *Config) SetFirewall(fw firewall.FirewallInterface) { | ||
| config.firewall = fw | ||
| func (config *Config) SetFirewall(censorConfigPath string) error { | ||
| firewall := &firewall.Firewall{} |
There was a problem hiding this comment.
better to assign one time config.firewall = &firewall.Firewall{} instead 5 extra lines
firewall/handlers/logging_handler.go
Outdated
| handler.Queries[index].IsForbidden = true | ||
| } | ||
| } | ||
| handler.Serialize() |
firewall/handlers/logging_handler.go
Outdated
|
|
||
| func (handler *LoggingHandler) Serialize() error { | ||
| jsonFile, err := json.Marshal(handler.Queries) | ||
| err = ioutil.WriteFile(handler.filePath, jsonFile, 0600) |
There was a problem hiding this comment.
you can return result because it err itself
firewall/handlers/logging_handler.go
Outdated
| if err != nil { | ||
| return err | ||
| } | ||
| json.Unmarshal(bufferBytes, &handler.Queries) |
There was a problem hiding this comment.
err := json.Unmarshal(...)
firewall/handlers/logging_handler.go
Outdated
| return err | ||
| } | ||
| json.Unmarshal(bufferBytes, &handler.Queries) | ||
| if err != nil { |
There was a problem hiding this comment.
here you check ReadFile call
|
Please add info log to see if query was allowed/filtered here: And show example of json output |
| } | ||
|
|
||
| func (acraCensor *AcraCensor) HandleQuery(query string) error { | ||
| log.Infof("Censor works") |
There was a problem hiding this comment.
we will receive this log message on every query. which is not very useful, i'd remove it
| for _, handler := range acraCensor.handlers { | ||
| log.Infof("Handler: %s", handler.GetName()) | ||
| if err := handler.CheckQuery(query); err != nil { | ||
| return err |
There was a problem hiding this comment.
log.WithFields(log.Fields{"acracensor" : handler.GetName()}).Infof("Forbidden query: %s", query)
| func (acraCensor *AcraCensor) HandleQuery(query string) error { | ||
| log.Infof("Censor works") | ||
| for _, handler := range acraCensor.handlers { | ||
| log.Infof("Handler: %s", handler.GetName()) |
There was a problem hiding this comment.
i think we should remove this
| log.Infof("Handler: %s", handler.GetName()) | ||
| if err := handler.CheckQuery(query); err != nil { | ||
| return err | ||
| } |
There was a problem hiding this comment.
log.WithFields(log.Fields{"acracensor" : handler.GetName()}).Infof("Allowed query: %s", query)
cmd/acraserver/config.go
Outdated
| @@ -50,7 +51,7 @@ type Config struct { | |||
| postgresql bool | |||
| configPath string | |||
| debug bool | |||
| firewall firewall.FirewallInterface | |||
| firewall acracensor.AcracensorInterface | |||
There was a problem hiding this comment.
censor instead of firewall?
logging/event_codes.go
Outdated
| @@ -52,8 +52,9 @@ const ( | |||
| EventCodeErrorCantParseAuthData = 557 | |||
| EventCodeErrorCantDumpConfig = 558 | |||
|
|
|||
| // firewall | |||
| // acracensor | |||
| EventCodeErrorFirewallQueryIsNotAllowed = 560 | |||
There was a problem hiding this comment.
censor instead of firewall?
cmd/acraserver/config.go
Outdated
| if err != nil { | ||
| return err | ||
| } | ||
| config.censor = acraCensor |
| func (acraCensor *AcraCensor) HandleQuery(query string) error { | ||
| for _, handler := range acraCensor.handlers { | ||
| if err := handler.CheckQuery(query); err != nil { | ||
| return err |
There was a problem hiding this comment.
log error. will be good to log handler name too
No description provided.