Added new audit event sub-types #2170
Conversation
| @@ -8,5 +8,7 @@ namespace Microsoft.Health.Fhir.ValueSets | |||
| public static class SpecialValues | |||
| { | |||
| public const string System = "http://hl7.org/fhir/special-values"; | |||
|
|
|||
| public const string CustomAuditHeaderPrefix = "http://hl7.org/fhir/special-values"; | |||
There was a problem hiding this comment.
Are you sure? #Closed
There was a problem hiding this comment.
No :) I just updated the correct value
| @@ -22,7 +23,7 @@ public class FhirServerConfiguration : IApiConfiguration | |||
|
|
|||
| public OperationsConfiguration Operations { get; } = new OperationsConfiguration(); | |||
|
|
|||
| public AuditConfiguration Audit { get; } = new AuditConfiguration("X-MS-AZUREFHIR-AUDIT-"); | |||
| public AuditConfiguration Audit { get; } = new AuditConfiguration(SpecialValues.CustomAuditHeaderPrefix); | |||
There was a problem hiding this comment.
new AuditConfiguration(SpecialValues.CustomAuditHeaderPrefix)
That's not right.
And it's not your fault, but if you touch this code we have chance to make it right.
It's either should be config or it should be const string, it can't be both.
I would suggest to move to away from config to const, for simpicity reasons. #Closed
| @@ -145,6 +146,7 @@ private async Task AddRequestChargeToFhirRequestContext(double responseRequestCh | |||
| } | |||
|
|
|||
| requestContext.ResponseHeaders[CosmosDbHeaders.RequestCharge] = responseRequestCharge.ToString(CultureInfo.InvariantCulture); | |||
| requestContext.RequestHeaders[SpecialValues.CustomAuditHeaderPrefix + CosmosDbHeaders.RequestCharge] = responseRequestCharge.ToString(CultureInfo.InvariantCulture); | |||
There was a problem hiding this comment.
I mean, that collection setup on receiving request, and it's ok (actually not) to modify it while you preparing to process request, but after that, we need to work with response collection.
| @@ -8,5 +8,7 @@ namespace Microsoft.Health.Fhir.ValueSets | |||
| public static class SpecialValues | |||
| { | |||
| public const string System = "http://hl7.org/fhir/special-values"; | |||
|
|
|||
| public const string CustomAuditHeaderPrefix = "X-MS-AZUREFHIR-AUDIT-"; | |||
There was a problem hiding this comment.
This isn't part of a FHIR ValueSet. I'd say this should be in https://github.com/microsoft/fhir-server/blob/main/src/Microsoft.Health.Fhir.Core/Features/KnownHeaders.cs
Read custom audit headers from the response context
…split-telemetry-add-new-operations
|
This pull request introduces 2 alerts when merging b8048ef into 3d53871 - view on LGTM.com new alerts:
|
|
|
||
| object cachedCustomHeaders; | ||
| var customHeaders = new Dictionary<string, string>(); | ||
| if (httpContext.Items.TryGetValue(AuditConstants.CustomAuditHeaderKeyValue, out cachedCustomHeaders)) |
| @@ -25,10 +28,12 @@ public class AuditHelperTests | |||
| private static readonly IReadOnlyCollection<KeyValuePair<string, string>> Claims = new List<KeyValuePair<string, string>>(); | |||
| private static readonly IPAddress CallerIpAddress = new IPAddress(new byte[] { 0xA, 0x0, 0x0, 0x0 }); // 10.0.0.0 | |||
| private const string CallerIpAddressInString = "10.0.0.0"; | |||
| private static readonly string _customAuditHeaderPrefix = KnownHeaders.CustomAuditHeaderPrefix; | |||
https://thumbs.gfycat.com/CourageousSoreCurlew-max-1mb.gif In reply to: 900559395 Refers to: src/Microsoft.Health.Fhir.Shared.Api/Controllers/FhirController.cs:466 in 2423c46. [](commit_id = 2423c46, deletion_comment = False) |
| if (auditAction == AuditAction.Executed) | ||
| { | ||
| CheckForCustomAuditHeadersInResponse(httpContext, customHeaders); | ||
| } |
There was a problem hiding this comment.
Put it under if statement below.
No need to do computation if they not gonna be used. #Closed
| @@ -68,6 +77,13 @@ private void Log(AuditAction auditAction, HttpStatusCode? statusCode, HttpContex | |||
| IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.RequestContext; | |||
|
|
|||
| string auditEventType = fhirRequestContext.AuditEventType; | |||
| var customHeaders = _auditHeaderReader.Read(httpContext) as Dictionary<string, string>; | |||
There was a problem hiding this comment.
There was a problem hiding this comment.
You change it to casting it to type, it's a same semantic.
Don't cast it, create a new one.
| @@ -145,6 +150,7 @@ private async Task AddRequestChargeToFhirRequestContext(double responseRequestCh | |||
| } | |||
|
|
|||
| requestContext.ResponseHeaders[CosmosDbHeaders.RequestCharge] = responseRequestCharge.ToString(CultureInfo.InvariantCulture); | |||
| requestContext.ResponseHeaders[_auditConfiguration.Value.CustomAuditHeaderPrefix + CosmosDbHeaders.RequestCharge] = responseRequestCharge.ToString(CultureInfo.InvariantCulture); | |||
There was a problem hiding this comment.
_auditConfiguration.Value.CustomAuditHeaderPrefix + CosmosDbHeaders.RequestCharge
Probably should ask that question few iterations before, but why we use custom header mechanism to report database consumption?
First should it even go through custom header section of the audit i.e. AuditLogger.AuditMessageFormat
and why not add another section instead of custom header.
If that's ok we can extend IFhirRequestContext to have float/integer to represent consumption charge (with default to 0) and set it up respectfully for sql/cosmos.
Also how it's gonna be used?
| var headerValue = header.Value.ToString(); | ||
| if (headerValue.Length > AuditConstants.MaximumLengthOfCustomHeader) | ||
| { | ||
| throw new AuditHeaderTooLargeException(header.Key, headerValue.Length); |
|
LGTM, but I would add compartment search as separate audit event. |
…split-telemetry-add-new-operations
…split-telemetry-add-new-operations
apurvabhaleMS
deleted the
personal/apurvabhale/split-telemetry-add-new-operations
branch
Description
Added new audit event sub-types for -
Related issues
Addresses [77729].
Addresses #1453
Testing
Manual Testing
FHIR Team Checklist
Semver Change (docs)
Patch|Skip|Feature|Breaking (reason)