Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Audit Logging] Add AuditTrail service #69278

Merged
merged 45 commits into from
Jul 7, 2020
Merged

[Audit Logging] Add AuditTrail service #69278

Show file tree
Hide file tree
Changes from 17 commits
Commits
Show all changes
45 commits
Select commit Hold shift + click to select a range
34717c0
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 16, 2020
e3f3f08
add generic audit_trail service in core
mshustov Jun 16, 2020
52558cc
expose auditTraik service to plugins
mshustov Jun 16, 2020
dcc6718
add auditTrail x-pack plugin
mshustov Jun 16, 2020
26dc243
fix type errors
mshustov Jun 16, 2020
27dc886
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 23, 2020
630a12e
update mocks
mshustov Jun 23, 2020
ee53ec3
expose asScoped interface via start. auditor via request context
mshustov Jun 23, 2020
3cb26b6
use type from audit trail service
mshustov Jun 23, 2020
7212cf7
wrap getActiveSpace in safeCall only. it throws exception for non-authz
mshustov Jun 23, 2020
4e5ef72
pass message to log explicitly
mshustov Jun 23, 2020
4c9e781
update docs
mshustov Jun 23, 2020
54d2f7c
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 24, 2020
5a36bc4
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 25, 2020
d768fd0
create one auditor per request
mshustov Jun 25, 2020
b77b407
wire es client up to auditor
mshustov Jun 25, 2020
e46a37e
update docs
mshustov Jun 25, 2020
564cd45
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 26, 2020
8d4bb18
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 29, 2020
9ec5ad6
withScope accepts only one scope
mshustov Jun 29, 2020
3f4e6af
use scoped client in context for callAsInternalUser
mshustov Jun 29, 2020
8d7bac9
use auditor in scoped cluster client
mshustov Jun 29, 2020
2936e66
adopt auditTrail plugin to new interface. configure log from config
mshustov Jun 29, 2020
ccdf9bb
do not log audit events in console by default
mshustov Jun 29, 2020
549cfa2
add audit trail functional tests
mshustov Jun 29, 2020
8994629
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 29, 2020
f2c45db
Merge branch 'master' into issue-60119-audit-trail
mshustov Jun 30, 2020
34a7fb4
cleanup
mshustov Jun 30, 2020
cae7ea1
add example
mshustov Jun 30, 2020
94b44db
add mocks for spaces plugin
mshustov Jun 30, 2020
2adfb8a
add unit tests
mshustov Jun 30, 2020
2b0ed2d
update docs
mshustov Jun 30, 2020
c6e0e8c
test description
mshustov Jun 30, 2020
40de1d0
Apply suggestions from code review
mshustov Jul 1, 2020
2e1d5d9
Merge remote-tracking branch 'origin/issue-60119-audit-trail' into is…
mshustov Jul 1, 2020
7cfb509
add unit tests
mshustov Jul 1, 2020
2ed353a
Merge branch 'master' into issue-60119-audit-trail
mshustov Jul 1, 2020
edfe70b
Merge branch 'master' into issue-60119-audit-trail
mshustov Jul 2, 2020
40a456d
more robust tests
mshustov Jul 2, 2020
d283755
make spaces optional
mshustov Jul 2, 2020
14bc4b2
Merge branch 'master' into issue-60119-audit-trail
mshustov Jul 6, 2020
c7a1ce2
Merge branch 'master' into issue-60119-audit-trail
mshustov Jul 7, 2020
05985af
address comments
mshustov Jul 7, 2020
1133469
update docs
mshustov Jul 7, 2020
04b7335
fix WebStorm refactoring
mshustov Jul 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditableevent.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditableEvent](./kibana-plugin-core-server.auditableevent.md)

## AuditableEvent interface

Event to audit.

<b>Signature:</b>

```typescript
export interface AuditableEvent
```

## Remarks

Not a complete interface.

## Properties

| Property | Type | Description |
| --- | --- | --- |
| [message](./kibana-plugin-core-server.auditableevent.message.md) | <code>string</code> | |
| [type](./kibana-plugin-core-server.auditableevent.type.md) | <code>string</code> | |

11 changes: 11 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditableevent.message.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) &gt; [message](./kibana-plugin-core-server.auditableevent.message.md)

## AuditableEvent.message property

<b>Signature:</b>

```typescript
message: string;
```
11 changes: 11 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditableevent.type.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) &gt; [type](./kibana-plugin-core-server.auditableevent.type.md)

## AuditableEvent.type property

<b>Signature:</b>

```typescript
type: string;
```
11 changes: 11 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditor.add.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [Auditor](./kibana-plugin-core-server.auditor.md) &gt; [add](./kibana-plugin-core-server.auditor.add.md)

## Auditor.add property

<b>Signature:</b>

```typescript
add: (event: AuditableEvent) => void;
```
19 changes: 19 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditor.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [Auditor](./kibana-plugin-core-server.auditor.md)

## Auditor interface

<b>Signature:</b>

```typescript
export interface Auditor
```

## Properties

| Property | Type | Description |
| --- | --- | --- |
| [add](./kibana-plugin-core-server.auditor.add.md) | <code>(event: AuditableEvent) =&gt; void</code> | |
| [withScope](./kibana-plugin-core-server.auditor.withscope.md) | <code>&lt;T = unknown&gt;(name: string, fn: (...args: any[]) =&gt; Promise&lt;T&gt;) =&gt; Promise&lt;T&gt;</code> | |

11 changes: 11 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditor.withscope.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [Auditor](./kibana-plugin-core-server.auditor.md) &gt; [withScope](./kibana-plugin-core-server.auditor.withscope.md)

## Auditor.withScope property

<b>Signature:</b>

```typescript
withScope: <T = unknown>(name: string, fn: (...args: any[]) => Promise<T>) => Promise<T>;
```
22 changes: 22 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditorfactory.asscoped.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) &gt; [asScoped](./kibana-plugin-core-server.auditorfactory.asscoped.md)

## AuditorFactory.asScoped() method

<b>Signature:</b>

```typescript
asScoped(request: KibanaRequest): Auditor;
```

## Parameters

| Parameter | Type | Description |
| --- | --- | --- |
| request | <code>KibanaRequest</code> | |

<b>Returns:</b>

`Auditor`

18 changes: 18 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.auditorfactory.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md)

## AuditorFactory interface

<b>Signature:</b>

```typescript
export interface AuditorFactory
```

## Methods

| Method | Description |
| --- | --- |
| [asScoped(request)](./kibana-plugin-core-server.auditorfactory.asscoped.md) | |

18 changes: 18 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.audittrailsetup.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md)

## AuditTrailSetup interface

<b>Signature:</b>

```typescript
export interface AuditTrailSetup
```

## Methods

| Method | Description |
| --- | --- |
| [register(auditor)](./kibana-plugin-core-server.audittrailsetup.register.md) | |

22 changes: 22 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.audittrailsetup.register.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) &gt; [register](./kibana-plugin-core-server.audittrailsetup.register.md)

## AuditTrailSetup.register() method

<b>Signature:</b>

```typescript
register(auditor: AuditorFactory): void;
```

## Parameters

| Parameter | Type | Description |
| --- | --- | --- |
| auditor | <code>AuditorFactory</code> | |

<b>Returns:</b>

`void`

11 changes: 11 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.audittrailstart.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [AuditTrailStart](./kibana-plugin-core-server.audittrailstart.md)

## AuditTrailStart type

<b>Signature:</b>

```typescript
export declare type AuditTrailStart = AuditorFactory;
```
3 changes: 2 additions & 1 deletion ...evelopment/core/server/kibana-plugin-core-server.clusterclient._constructor_.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Constructs a new instance of the `ClusterClient` class
<b>Signature:</b>

```typescript
constructor(config: ElasticsearchClientConfig, log: Logger, getAuthHeaders?: GetAuthHeaders);
constructor(config: ElasticsearchClientConfig, log: Logger, getAuditorFactory: () => AuditorFactory, getAuthHeaders?: GetAuthHeaders);
```

## Parameters
Expand All @@ -18,5 +18,6 @@ constructor(config: ElasticsearchClientConfig, log: Logger, getAuthHeaders?: Get
| --- | --- | --- |
| config | <code>ElasticsearchClientConfig</code> | |
| log | <code>Logger</code> | |
| getAuditorFactory | <code>() =&gt; AuditorFactory</code> | |
| getAuthHeaders | <code>GetAuthHeaders</code> | |

2 changes: 1 addition & 1 deletion docs/development/core/server/kibana-plugin-core-server.clusterclient.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ export declare class ClusterClient implements IClusterClient

| Constructor | Modifiers | Description |
| --- | --- | --- |
| [(constructor)(config, log, getAuthHeaders)](./kibana-plugin-core-server.clusterclient._constructor_.md) | | Constructs a new instance of the <code>ClusterClient</code> class |
| [(constructor)(config, log, getAuditorFactory, getAuthHeaders)](./kibana-plugin-core-server.clusterclient._constructor_.md) | | Constructs a new instance of the <code>ClusterClient</code> class |

## Properties

Expand Down
13 changes: 13 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.coresetup.audittrail.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [CoreSetup](./kibana-plugin-core-server.coresetup.md) &gt; [auditTrail](./kibana-plugin-core-server.coresetup.audittrail.md)

## CoreSetup.auditTrail property

[AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md)

<b>Signature:</b>

```typescript
auditTrail: AuditTrailSetup;
```
1 change: 1 addition & 0 deletions docs/development/core/server/kibana-plugin-core-server.coresetup.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ export interface CoreSetup<TPluginsStart extends object = object, TStart = unkno

| Property | Type | Description |
| --- | --- | --- |
| [auditTrail](./kibana-plugin-core-server.coresetup.audittrail.md) | <code>AuditTrailSetup</code> | [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) |
| [capabilities](./kibana-plugin-core-server.coresetup.capabilities.md) | <code>CapabilitiesSetup</code> | [CapabilitiesSetup](./kibana-plugin-core-server.capabilitiessetup.md) |
| [context](./kibana-plugin-core-server.coresetup.context.md) | <code>ContextSetup</code> | [ContextSetup](./kibana-plugin-core-server.contextsetup.md) |
| [elasticsearch](./kibana-plugin-core-server.coresetup.elasticsearch.md) | <code>ElasticsearchServiceSetup</code> | [ElasticsearchServiceSetup](./kibana-plugin-core-server.elasticsearchservicesetup.md) |
Expand Down
13 changes: 13 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.corestart.audittrail.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<!-- Do not edit this file. It is automatically generated by API Documenter. -->

[Home](./index.md) &gt; [kibana-plugin-core-server](./kibana-plugin-core-server.md) &gt; [CoreStart](./kibana-plugin-core-server.corestart.md) &gt; [auditTrail](./kibana-plugin-core-server.corestart.audittrail.md)

## CoreStart.auditTrail property

[AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md)

<b>Signature:</b>

```typescript
auditTrail: AuditTrailStart;
```
1 change: 1 addition & 0 deletions docs/development/core/server/kibana-plugin-core-server.corestart.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ export interface CoreStart

| Property | Type | Description |
| --- | --- | --- |
| [auditTrail](./kibana-plugin-core-server.corestart.audittrail.md) | <code>AuditTrailStart</code> | [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) |
| [capabilities](./kibana-plugin-core-server.corestart.capabilities.md) | <code>CapabilitiesStart</code> | [CapabilitiesStart](./kibana-plugin-core-server.capabilitiesstart.md) |
| [elasticsearch](./kibana-plugin-core-server.corestart.elasticsearch.md) | <code>ElasticsearchServiceStart</code> | [ElasticsearchServiceStart](./kibana-plugin-core-server.elasticsearchservicestart.md) |
| [http](./kibana-plugin-core-server.corestart.http.md) | <code>HttpServiceStart</code> | [HttpServiceStart](./kibana-plugin-core-server.httpservicestart.md) |
Expand Down
5 changes: 5 additions & 0 deletions docs/development/core/server/kibana-plugin-core-server.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,10 @@ The plugin integrates with the core system via lifecycle events: `setup`<!-- -->
| [APICaller](./kibana-plugin-core-server.apicaller.md) | |
| [AssistanceAPIResponse](./kibana-plugin-core-server.assistanceapiresponse.md) | |
| [AssistantAPIClientParams](./kibana-plugin-core-server.assistantapiclientparams.md) | |
| [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) | Event to audit. |
| [Auditor](./kibana-plugin-core-server.auditor.md) | |
| [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) | |
| [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) | |
| [Authenticated](./kibana-plugin-core-server.authenticated.md) | |
| [AuthNotHandled](./kibana-plugin-core-server.authnothandled.md) | |
| [AuthRedirected](./kibana-plugin-core-server.authredirected.md) | |
Expand Down Expand Up @@ -212,6 +216,7 @@ The plugin integrates with the core system via lifecycle events: `setup`<!-- -->
| Type Alias | Description |
| --- | --- |
| [AppenderConfigType](./kibana-plugin-core-server.appenderconfigtype.md) | |
| [AuditTrailStart](./kibana-plugin-core-server.audittrailstart.md) | |
| [AuthenticationHandler](./kibana-plugin-core-server.authenticationhandler.md) | See [AuthToolkit](./kibana-plugin-core-server.authtoolkit.md)<!-- -->. |
| [AuthHeaders](./kibana-plugin-core-server.authheaders.md) | Auth Headers map |
| [AuthResult](./kibana-plugin-core-server.authresult.md) | |
Expand Down
1 change: 1 addition & 0 deletions ...development/core/server/kibana-plugin-core-server.requesthandlercontext.core.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,6 @@ core: {
uiSettings: {
client: IUiSettingsClient;
};
auditor: Auditor;
};
```
2 changes: 1 addition & 1 deletion docs/development/core/server/kibana-plugin-core-server.requesthandlercontext.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@ export interface RequestHandlerContext

| Property | Type | Description |
| --- | --- | --- |
| [core](./kibana-plugin-core-server.requesthandlercontext.core.md) | <code>{</code><br/><code> savedObjects: {</code><br/><code> client: SavedObjectsClientContract;</code><br/><code> typeRegistry: ISavedObjectTypeRegistry;</code><br/><code> };</code><br/><code> elasticsearch: {</code><br/><code> legacy: {</code><br/><code> client: IScopedClusterClient;</code><br/><code> };</code><br/><code> };</code><br/><code> uiSettings: {</code><br/><code> client: IUiSettingsClient;</code><br/><code> };</code><br/><code> }</code> | |
| [core](./kibana-plugin-core-server.requesthandlercontext.core.md) | <code>{</code><br/><code> savedObjects: {</code><br/><code> client: SavedObjectsClientContract;</code><br/><code> typeRegistry: ISavedObjectTypeRegistry;</code><br/><code> };</code><br/><code> elasticsearch: {</code><br/><code> legacy: {</code><br/><code> client: IScopedClusterClient;</code><br/><code> };</code><br/><code> };</code><br/><code> uiSettings: {</code><br/><code> client: IUiSettingsClient;</code><br/><code> };</code><br/><code> auditor: Auditor;</code><br/><code> }</code> | |

49 changes: 49 additions & 0 deletions src/core/server/audit_trail/audit_trail_service.mock.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/

import { AuditTrailSetup, AuditTrailStart, Auditor } from './types';

const createSetupContractMock = () => {
const mocked: jest.Mocked<AuditTrailSetup> = {
register: jest.fn(),
};
return mocked;
};

const createStartContractMock = () => {
const mocked: jest.Mocked<AuditTrailStart> = {
asScoped: jest.fn(),
};
return mocked;
};

const createAuditorMock = () => {
const mocked: jest.Mocked<Auditor> = {
add: jest.fn(),
withScope: jest.fn(),
};
return mocked;
};

export const auditTrailServiceMock = {
createSetupContract: createSetupContractMock,
createStartContract: createStartContractMock,
createAuditorFactory: createStartContractMock,
createAuditor: createAuditorMock,
};
Loading