-
Notifications
You must be signed in to change notification settings - Fork 489
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Log FhirOperation linked to anonymous calls to Request metrics #2295
Log FhirOperation linked to anonymous calls to Request metrics #2295
Conversation
…sOperationType to AuditLogs and Fixed failing audit tests
…calls-to-requestMetric
…calls-to-requestMetric # Conflicts: # Directory.Build.props
Fix failing unit tests
src/Microsoft.Health.Fhir.ValueSets/FhirAnonymousOperationType.cs
Outdated
Show resolved
Hide resolved
test/Microsoft.Health.Fhir.Shared.Tests.E2E/Rest/Audit/AuditTests.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Health.Fhir.Shared.Api.UnitTests/Features/Audit/AuditHelperTests.cs
Show resolved
Hide resolved
/// <summary> | ||
/// Value set for Fhir operations which do not require authorization | ||
/// </summary> | ||
public static class FhirAnonymousOperationType |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't look like a FHIR ValueSet
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm right, moved to Fhir.Api.Features.AnonymousOperations. Let me know if there is a better place
/// Return all the values of constants of the specified type | ||
/// </summary> | ||
/// <returns>List of constant values</returns> | ||
public static IList<string> GetConstants() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: ambiguous name, perhaps GetAnonymousOperations
.
The data type also looks like it could be Lazy<List<string>>
...to be clearer, private type Lazy<List<string>>
exposed type is still IList<string>
, this could then be converted to a property
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated the PR as per suggestions
Added Lazy value initialization for _fhirAnonymousOperationTypeList
/azp run |
Pull request contains merge conflicts. |
…log-anonymous-endpoint-calls-to-requestMetric # Conflicts: # src/Microsoft.Health.Fhir.Api/Features/Audit/AuditHelper.cs
…log-anonymous-endpoint-calls-to-requestMetric
Description
We use audit infrastructure to log into RequestMetric due to which we currently don't log operations for endpoint that does not require authentication. In RequestMetrics, AuditEventType is logged as FhirOperation. For anonymous endpoint calls like Metadata or Versions we log {"Authentication":"","Operation":"","ResourceType":""} in RequestMetric table.
With this PR, we added new FhirAnonymousOperationAttribute which extends AllowAnonymousAttribute (making sure these calls are still marked as anonymous calls) and gives us the flexibility to provide the Fhir operation which will be used as AuditEventType/FhirOperation type in RequestMetrics log. After this change we should see an entry as {"Authentication":"","Operation":"metadata","ResourceType":""} for metadata call, in request metric. This PR also ensures that extra audit log entries are not created for anonymous calls like metadata/$versions
Related issues
Addresses [74172].
Testing
FHIR Team Checklist
Semver Change (docs)
Patch|Skip|Feature|Breaking (reason)